0x12. Web stack debugging #2

Concepts

For this project, we expect one to look at this concept.

Web stack debugging

Requirements

General

All your files will be interpolated on Ubuntu 20.04 LTS.
All your files should end with a new line
A README.md fle at the root of the folder of the project is mandatory.
All your Bash script files must be executable
Your Bash scripts must pass Shellcheck without any error
Your Bash scripts must run without errors.
The first line of all your bash scripts should be exactly:
#!/usr/bin/env bash
The second line of all your Bash scripts should be a comment explaining what is the script doing

Tasks

0. Run software as another user

Run software as another user

The user root is, on Linux, the “superuser”. It can do anything it wants, that’s a good and bad thing. A good practice is that one should never be logged in the root user, as if you fat finger a command and for example run rm -rf /, there is no comeback. That’s why it is preferable to run as a privileged user, meaning that the user also has the ability to perform tasks that the root user can do, just need to use a specific command that you need to discover.

For the containers that you are given in this project as well as the checker, everything is run under the root user, which has the ability to run anything as another user.

Requirement:

Write a Bash script that accepts one argument
The script should run the whoami command under the user passed as an argument
Make sure to try your script by passing different users

Example:

root@ubuntu:~# whoami
root
root@ubuntu:~# ./0-iamsomeoneelse www-data
www-data
root@ubuntu:~# whoami
root
root@ubuntu:~#

GitHub Repository:: alx-system_engineering-devops
Directory:: 0x12-web_stack_debugging_2
File:: 0-iamsomeoneelse

1. Run Nginx as Nginx

Run Nginx as Nginx

The root user is a superuser that can do anything on a Unix machine, the top administrator. Security wise, you must do everything that you can to prevent an attacker from logging in as root. With this in mind, it’s a good practice not to run your web servers as root (which is the default for most configurations) and instead run the process as the less privileged nginx user instead. This way, if a hacker does find a security issue that allows them to break-in to your server, the impact is limited by the permissions of the nginx user.

Fix this container so that Nginx is running as the nginx user.

Requirements:

nginx must be running as nginx user
nginx must be listening on all active IPs on port 8080
You cannot use apt-get remove
Write a Bash script that configures the container to fit the above requirements

After debugging:

root@ab6f4542747e:~# ps auxff | grep ngin[x]
nginx      884  0.0  0.0  77360  2744 ?        Ss   19:16   0:00 nginx: master process /usr/sbin/nginx
nginx      885  0.0  0.0  77712  2772 ?        S    19:16   0:00  \_ nginx: worker process
nginx      886  0.0  0.0  77712  3180 ?        S    19:16   0:00  \_ nginx: worker process
nginx      887  0.0  0.0  77712  3180 ?        S    19:16   0:00  \_ nginx: worker process
nginx      888  0.0  0.0  77712  3208 ?        S    19:16   0:00  \_ nginx: worker process
root@ab6f4542747e:~#
root@ab6f4542747e:~# nc -z 0 8080 ; echo $?
0
root@ab6f4542747e:~#

GitHub Repository:: alx-system_engineering-devops
Directory:: 0x12-web_stack_debugging_2
File:: 1-run_nginx_as_nginx

2. 7 lines or less

7 lines or less

Using what you did for task #1, make your fix short and sweet.

Requirements:

Your Bash script must be 7 lines long or less
There must be a new line at the end of the file
You respect Bash script requirements
You cannot use ; && wget
You cannot execute your previous answer file (Do not include the name of the previous script in this one)

GitHub Repository:: alx-system_engineering-devops
Directory:: 0x12-web_stack_debugging_2
File:: 100-fix_in_7_lines_or_less

Last modified: 05 September 2024