Difference between revisions of "Operating Systems 2022F: Assignment 3"

From Soma-notes
Jump to navigation Jump to search
Line 16: Line 16:
# [2] Download and inspect [https://homeostasis.scs.carleton.ca/~soma/os-2022f/code/3000contain.sh 3000contain.sh].  Is there a risk of data loss from running this script?  Specifically, how much of a risk is there from each rm command?  Be specific.
# [2] Download and inspect [https://homeostasis.scs.carleton.ca/~soma/os-2022f/code/3000contain.sh 3000contain.sh].  Is there a risk of data loss from running this script?  Specifically, how much of a risk is there from each rm command?  Be specific.
# [1] Run 3000contain.sh.  After 3000contain.sh runs, you're put in a new shell where / is now the contents of 3000fs, and you can't see anything that wasn't in 3000fs.  Exiting the shell gets you back to where you were.  After exiting, how do you get back to the contained environment?
# [1] Run 3000contain.sh.  After 3000contain.sh runs, you're put in a new shell where / is now the contents of 3000fs, and you can't see anything that wasn't in 3000fs.  Exiting the shell gets you back to where you were.  After exiting, how do you get back to the contained environment?
# [2] How does the output of ps differ when run inside the contained environment versus outside?  What command caused this difference?
# [2] How does the output of ps differ when run inside the contained environment versus outside?  What part of 3000contain.sh caused this difference?
# [2] What does line 58 of 3000contain.sh do?  When does it run?  Be sure to explain all of its effects.
# [2] What does line 58 of 3000contain.sh do?  When does it run?  Be sure to explain all of its effects.
# [2] What is the largest file we can create in the confined environment (once initialized by 3000contain.sh)?  What determines this limit?
# [2] What is the largest file we can create in the confined environment (once initialized by 3000contain.sh)?  What determines this limit?

Revision as of 22:04, 11 November 2022

Please submit the answers to the following questions via Brightspace by November 21, 2022 by 11:59 PM. There are 20 points in 11 questions.

Submit your answers as a plain text file following this template. Name your answer file "comp3000-assign3-<username>.txt" (where username is your MyCarletonOne username). Please make sure your submission passes the assignment validator.

Don't forget to include what outside resources you used to complete each of your answers, including other students, man pages, and web resources. You do not need to list help from the instructor, TA, or information found in the textbook.

Background

In this assignment you'll be working with a simple containerized environment. We'll create a filesystem, mount it, populate it, and then change the current root directory to it so we can use this environment as if it was a completely separate system.

This mini system is rather bare bones initially and many things won't work. You'll be studying how it is put together and figuring out how to add functionality. You should understand what every line in 3000contain.sh does, even if there isn't a specific question about it.

Tasks/Questions

Make sure you backup any important files in your VM, as you could erase everything. You've been warned!

  1. [2] Download and inspect 3000contain.sh. Is there a risk of data loss from running this script? Specifically, how much of a risk is there from each rm command? Be specific.
  2. [1] Run 3000contain.sh. After 3000contain.sh runs, you're put in a new shell where / is now the contents of 3000fs, and you can't see anything that wasn't in 3000fs. Exiting the shell gets you back to where you were. After exiting, how do you get back to the contained environment?
  3. [2] How does the output of ps differ when run inside the contained environment versus outside? What part of 3000contain.sh caused this difference?
  4. [2] What does line 58 of 3000contain.sh do? When does it run? Be sure to explain all of its effects.
  5. [2] What is the largest file we can create in the confined environment (once initialized by 3000contain.sh)? What determines this limit?
  6. [2] If you fill up the disk in the host system, how will it change the amount of data that can be stored in the confined environment? Does this depend on what has been previously stored in the confined environment?
  7. [2] Many files in our confined environment refer to the same inode. What was the original name of this inode? How do you know?
  8. [1] Copy and make nano work in the new environment. What files did you have to copy to get it to work? How did you know to copy them?
  9. [2] How can you add a user "contain" to 3000fs using useradd (and nothing else)? Make sure the user also is in a new group "contain" and has a home directory /home/contain (in 3000fs). This user should only be visible when you're in the confined environment. How did you confirm that your answer works?
  10. [2] How can you mount the main root filesystem inside of the confined environment? What part of 3000contain.sh made this possible?
  11. [2] How can you change the hostname in the confined environment to "mycontainer" without changing the hostname of the host system? (Note that the "hostname" command can be used to check and set a system's hostname.) Is this change persistent, i.e., will the hostname stay the same when you exit and re-enter the confined environment?

Code

3000contain.sh

#!/bin/bash

# 3000contain.sh
#
# setup a simple containerized environment in a new
# filesystem (created in a local file)
#
# Anil Somayaji, November 11, 2022
# School of Computer Science, Carleton University
# 
# based on 3000makefs.sh from 2021F
#

MP='3000fs'
IMAGE='3000fsimage'
BLOCKS=60000
SETUP='3000setupfs.sh'

if [ $UID != 0 ]; then
    echo "Please run this script as root."
    exit
fi

rm -f $IMAGE
dd if=/dev/zero of=$IMAGE bs=8192 count=$BLOCKS
mkfs.ext4 $IMAGE

if [ -d $MP ]; then
    umount -q $MP/dev
    umount -q $MP
    rm -rf $MP
fi

mkdir $MP
mount $IMAGE $MP
cd $MP

mkdir bin sbin usr usr/bin usr/sbin etc proc sys dev root home lib \
      usr/lib  lib64 tmp var var/tmp var/lib run lib/terminfo
cp /usr/bin/busybox usr/bin

cp /bin/bash bin
cp /lib64/ld-linux-x86-64.so.2 lib64
cp /sbin/ldconfig* sbin
cp -a /etc/ld.so.conf* etc

cp `ldd /bin/bash | awk '{print $3}'` lib

chmod 1777 tmp var/tmp

cp -a /etc/passwd /etc/shadow /etc/group /etc/gshadow etc

TERMDIR=${TERM:0:1}
mkdir lib/terminfo/$TERMDIR
cp /lib/terminfo/$TERMDIR/$TERM lib/terminfo/$TERMDIR/$TERM

echo '#!/usr/bin/busybox sh' > $SETUP
echo '/usr/bin/busybox --install' >> $SETUP
echo '/sbin/ldconfig' >> $SETUP
echo 'mount -t devtmpfs udev /dev' >> $SETUP

chmod 0755 $SETUP
chroot . /$SETUP
rm $SETUP
unshare --root=. -f -p --mount-proc