1 / 20

Understanding Unix for MAC OS X

Understanding Unix for MAC OS X. By Randy Massafra rmassa01@villanova.edu ECE8486 Ethical Hacking. What is OS X. Evolved GUI - easy to use interface Foundation is a core operating system commonly known as Darwin Darwin is open source Darwin is POSIX-compliant OS released by Apple in 2000

libba
Télécharger la présentation

Understanding Unix for MAC OS X

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Understanding Unix for MAC OS X • By Randy Massafra • rmassa01@villanova.edu • ECE8486 Ethical Hacking

  2. What is OS X • Evolved GUI - easy to use interface • Foundation is a core operating system commonly known as Darwin • Darwin is open source • Darwin is POSIX-compliant OS released by Apple in 2000 • written in C and C++ • Compatible with Single UNIX Specification version 3 and POSIX Unix applications/utilities

  3. History of OS X/Darwin • Based on NeXT’s NeXTSTEP operating system called OPENSTEP • OPENSTEP released in 1989 • NeXT was bought by Apple in 1997 • Announced next OS would be based on OPENSTEP • First iteration was called Rhapsody (1997) • Mac OS X Server 1.0 in 1999 and Mac OS X Public Beta in 2000 http://en.wikipedia.org/wiki/Darwin_(operating_system)

  4. Closer look at Darwin • built around XNU kernel - hybrid kernel combining Mach 3 microkernel, various parts of BSD and I/O kit device driver API • BSD elements include process model, network stack and virtual file system • Supports the following hardware • 64 bit x86-64 variant of Intel x86 processors • 64 bit ARM processors used in IPhone 5S • 32 bit ARM processors used in IPhone, IPod Touch and IPad • 2nd and 3rd generation Apple TV • Supports POSIX API through BSD implementation • Means a large number of UNIX programs can be compiled on Darwin with no changes to source code • MacPorts, Fink and Homebrew to port UNIX programs to Darwin http://en.wikipedia.org/wiki/Darwin_(operating_system)

  5. OS X Architecture Stack https://developer.apple.com/library/mac/documentation/MacOSX/Conceptual/OSX_Technology_Overview/SystemTechnology/SystemTechnology.html#//apple_ref/doc/uid/TP40001067-CH207-BCICAIFJ

  6. OSX Architecture Stack • • The Cocoa (Application) layer includes technologies for building an app’s user interface, for responding to user events, and for managing app behavior. • • The Media layer encompasses specialized technologies for playing, recording, and editing audiovisual media and for rendering and animating 2D and 3D graphics. • • The Core Services layer contains many fundamental services and technologies that range from Automatic Reference Counting and low-level network communication to string manipulation and data formatting. • • The Core OS layer defines programming interfaces that are related to hardware and networking, including interfaces for running high-performance computation tasks on a computer’s CPU and GPU. • • The Kernel and Device Drivers layer consists of the Mach kernel environment, device drivers, BSD library functions (libSystem), and other low-level components. The layer includes support for file systems, networking, security, interprocess communication, programming languages, device drivers, and extensions to the kernel. https://developer.apple.com/library/mac/documentation/MacOSX/Conceptual/OSX_Technology_Overview/SystemTechnology/SystemTechnology.html#//apple_ref/doc/uid/TP40001067-CH207-BCICAIFJ

  7. Understanding OS X Unix • Many commands are the same as other Unix flavors • Common commands shared • bash, cd, ls, clear, chmod, chown, chgrp, alias, cp, mv, history, whoami, sudo, su, passwd, pwd, etc • see appendix for a more commands

  8. Mac OS X Directory Services • Directory services provide a database for central account management for both user and computer as well as sharing information among workstations and servers • Mac OS X directory services is called Open Directory • Every Mac OS X computer includes a local Open Directory database - referred to as a local “domain” • Local open directory domain is based on Lightweight Directory Access Protocol (LDAP) • Heritage from NeXT Computer Inc NetInfo domain • Domain stores local user accounts • Domain allows each user to have a computing experience and home directory • Local domain works with the file system to manage permissions on files and folders

  9. How to create users and groups • adduser and addgroup commands do not work in OS X terminal • Can create users and groups using GUI (System Preferences -> Users & Groups) - Feels like cheating • Directory Service Command Line (dscl) to the rescue for adding users • dseditgroup to the rescue for adding, creating, deleting and viewing groups

  10. Directory Service Command Line (dscl) • Interactive and single line availability • Interactive commands to find users and groups • Open terminal (under applications->utilities) • type dscl <enter> • ls - to view current directory • cd to local and then again to Default • ls - to view • cd to groups and ls to view all groups • cd .. and then cd to Users and ls to view all users • cd to any user and type ls -> what happens? • type read to view user information • type exit to interactive mode

  11. How to add a user • To add a new user must enter the following commands • dscl . -create /Users/<username> • dscl . -create /Users/<username> UserShell /bin/bash • dscl . -create /Users/<username> RealName "$FULLNAME" • dscl . -create /Users/<username> UniqueID "$USERID" • dscl . -create /Users/<username> PrimaryGroupID 20 • dscl . -create /Users/<username> NFSHomeDirectory /Users/$USERNAME • dscl . -passwd /Users/<username> $PASSWORD • Let’s look at each one

  12. Additional commands to help create user • Find a unique UID • MAXID=$(dscl . -list /Users UniqueID | awk '{print $2}' | sort -ug | tail -1) • USERID=$((MAXID+1)) • echo "Unique User ID = $USERID" • Finding Group IDs • sudo dscl . list groups gid // check groups and group ids • dscacheutil -q group | more // shows details of groups and who belongs to what group • Create a home directory (also done first time logging into Mac) • createhomedir -c 2>&1 | grep -v “shell-init"

  13. Adding a user - Putting it all together • #!/bin/bash • #---------------------------------- • # Add user using dscl under the covers • #---------------------------------- • echo "Enter the username to create: " • read USERNAME • echo "Enter the full name for the user: " • read FULLNAME • echo "Enter password for the user: " • read -s PASSWORD • # Check whether or not user should be an administrator • echo "Is this an administrative user? (y/n)" • read ADMIN_USER • # non admin user • if [ "$ADMIN_USER" = n ] ; then • SECONDARY_GROUPS="staff" • elif [ "$ADMIN_USER" = y ] ; then • SECONDARY_GROUPS="admin _lpadmin" • else • echo "Not a valid selection!" • fi • # Create a UID that is unique and not in use • echo "Creating a unique UID for user..." • if $UID -ne 0; then • echo "Please run $0 as root." && exit 1; • fi • # Find user ID • MAXID=$(dscl . -list /Users UniqueID | awk '{print $2}' | sort -ug | tail -1) • USERID=$((MAXID+1)) • echo "Unique User ID = $USERID" • # Now the fun part..creating user using dscl which normally takes several commands • echo "Creating user..." • dscl . -create /Users/$USERNAME • dscl . -create /Users/$USERNAME UserShell /bin/bash • dscl . -create /Users/$USERNAME RealName "$FULLNAME" • dscl . -create /Users/$USERNAME UniqueID "$USERID" • dscl . -create /Users/$USERNAME PrimaryGroupID 20 • dscl . -create /Users/$USERNAME NFSHomeDirectory /Users/$USERNAME • dscl . -passwd /Users/$USERNAME $PASSWORD • # Add User to any specified groups • echo "Adding user to specified groups...." • for GROUP in $SECONDARY_GROUPS; do • dseditgroup -o edit -t user -a $USERNAME $GROUP • done • # Create the home directory • echo "Creating the home directory..." • createhomedir -c 2>&1 | grep -v "shell-init" • echo "Created User #$USERID: $USERNAME ($FULLNAME)"

  14. Group modifications using dseditgroup • Groups are easy to create, view, delete using the dseditgroup command • Command to create a group • dseditgroup -o create -r “<real name>” <group name> • Command to add user to group • dseditgroup -o edit -t user -a <user name> <group name> • Command to view group • dseditgroup -o view test group • or interactive dscl -> cd to Local/Default/Groups and ls • or dscacheutil -q group | more • Command to delete a group • dseditgroup -o delete <groupname>

  15. Exercise • Create users testbasic and testadmin • Create group called testgroup • Assign testbasic and testadmin to testgroup • su to testbasic and create a test file in local directory • chgrp to testgroup for file • chmod 664 for test file • su to testadmin • edit file • su to another user and try to edit file - notice you can’t

  16. Setting up environment for MAC • wget is replaced by curl • curl -O http://www.compscii.com/pkg.tgz • curl -O http://www.compscii.com/cloud.tgz • install jdk 1.7 from Oracle site - • use /usr/libexec/java_home -v 1.7 command to determine install location • Download eclipse - run from command line to start instead of icon • icon will ask you to install previous version of jdk

  17. Setting up environment for MAC - Continued • Set up .profile (similar to .bash_rc) - can set up .bash_rc • export JAVA_HOME=$(/usr/libexec/java_home) • alias ant='/Users/ece8486class/pkg/apache-ant-1.8.3/bin/ant' • alias st='/Users/ece8486class/pkg/apache-tomcat-7.0.27/bin/startup.sh' • alias sd='/Users/ece8486class/pkg/apache-tomcat-7.0.27/bin/shutdown.sh' • alias eclipse=‘/Applications/eclipse/eclipse’ • Then source .profile to load changes • If you are setting up .bash_rc - must add the following to ~/.bash_profile • if [ -f ~/.bashrc]; then . ~/.bashrc; fi • Then source .profile to load changes

  18. Setting up environment for MAC - Continued • Modify ant.sh • case "`uname`" in •   CYGWIN*) cygwin=true ;; •   Darwin*) darwin=true •            if [ -z "$JAVA_HOME" ] ; then •              #JAVA_HOME=/System/Library/Frameworks/JavaVM.framework/Home •              JAVA_HOME=$JAVA_HOME •            fi •            ;; • Creating a keystone and cert • keytool -genkey -alias ece8486keypair -keystore ece8486keystore.jks • keytool -list -v -keystore ece8486keystore.jks • keytool -exportcert -alias ece8486keypair -keystore ece8486keystore.jks -file ece8486.cer

  19. Appendix A - Commands - http://ss64.com/osx • alias du mv uname • alloc echo nano until • apropos exec nice users • asr exit open vi • awk export passwd wait • basename expr ping wc • bash fg pr who • cal find printf whoami • calendar for ps write • caller groups pwd yes • case head read zip • cat history reboot !! • cd hostname return • chflags id rm • chgrp if rmdir • chmod install sed • chown jobs select • chroot join setfile • cksum kill shift • clear last shutdown • comm less sleep • continue ln sort • cp local split • curl logname stat • cut login tail • date logout tar • diff look time • dscacheutil ls touch • dseditgroup man umask • dsenableroot mkdir umount • dscl more unalias • Many more exist

  20. Appendix B - Additional dscl commands • // Directory Service Command Line Utility (dscl) • sudo dscl . list /Users uid // check UIDs of system • sudo dscl . list groups gid // check groups and group ids • sudo dscl . -create /Users/<username> // creates user • sudo dscl . -create /Users/<username> UserShell /bin/bash // sets default to bash • sudo dscl . -create /Users/<username> RealName "<name>" // sets users real name • sudo dscl . -create /Users/<username> UniqueID <id> // sets unique id for user • sudo dscl . -create /Users/<username> PrimaryGroupID <grpId> // sets primary group • sudo dscl . -create /Users/<username> NFSHomeDirectory /Users/<username> // sets home directory • sudo dscl . -passwd /Users/<username> password // change the users password to password • sudo dscl . -append /Groups/admin GroupMembership <username> // add user to admin group • groups <username> // gives list of groups person belongs to

More Related