-
Notifications
You must be signed in to change notification settings - Fork 0
/
b2broot_eval
253 lines (209 loc) · 11.6 KB
/
b2broot_eval
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
42
0
iyahoui-
Menu
My projects
Holy Graph
List projects
Available Cursus
Your projects
Born2beroot
C Piscine C 04
ft_printf
Scale for project Born2beroot
You should evaluate 1 student in this team
Git repository
Introduction
Please comply with the following rules:
- Remain polite, courteous, respectful and constructive throughout the
evaluation process. The well-being of the community depends on it.
- Identify with the student or group whose work is evaluated the possible
dysfunctions in their project. Take the time to discuss and debate the
problems that may have been identified.
- You must consider that there might be some differences in how your peers
might have understood the project's instructions and the scope of its
functionalities. Always keep an open mind and grade them as honestly as
possible. The pedagogy is useful only and only if the peer-evaluation is
done seriously.
Guidelines
- Only grade the work that was turned in the Git repository of the evaluated
student or group.
- Double-check that the Git repository belongs to the student(s). Ensure that
the project is the one expected. Also, check that "git clone" is used in an
empty folder.
- Check carefully that no malicious aliases was used to fool you and make you
evaluate something that is not the content of the official repository.
- To avoid any surprises and if applicable, review together any scripts used
to facilitate the grading (scripts for testing or automation).
- If you have not completed the assignment you are going to evaluate, you have
to read the entire subject prior to starting the evaluation process.
- Use the available flags to report an empty repository, a non-functioning
program, a Norm error, cheating, and so forth.
In these cases, the evaluation process ends and the final grade is 0,
or -42 in case of cheating. However, except for cheating, student are
strongly encouraged to review together the work that was turned in, in order
to identify any mistakes that shouldn't be repeated in the future.
Attachments
subject.pdf
Preliminaries
If cheating is suspected, the evaluation stops here. Use the "Cheat" flag to report it. Take this decision calmly, wisely, and please, use this button with caution.
Preliminary tests
- Defense can only happen if the student being evaluated or group is present.
This way everybody learns by sharing knowledge with each other.
- If no work has been submitted (or wrong files, wrong directory, or
wrong filenames), the grade is 0, and the evaluation process ends.
- For this project, you have to clone their Git repository on their
station.
General instructions
General instructions
- During the defense, as soon as you need help to verify a point, the student
evaluated must help you.
- Ensure that the "signature.txt" file is present at the root of the cloned
repository.
- Check that the signature contained in "signature.txt" is identical
to that of the ".vdi" file of the virtual machine to be evaluated. A simple
"diff" should allow you to compare the two signatures. If necessary, ask the
student being evaluated where their ".vdi" file is located.
- As a precaution, you can duplicate the initial virtual machine in order
to keep a copy.
- Start the virtual machine to be evaluated.
- If something doesn't work as expected or the two signatures differ,
the evaluation stops here.
Mandatory part
The project consists of creating and configuring a virtual machine following strict rules. The student being evaluated will have to help you during the defense. Make sure that all of the following points are observed.
Project overview
- The student being evaluated should explain to you simply:
- How a virtual machine works.
- Their choice of operating system.
- The basic differences between CentOS and Debian.
- The purpose of virtual machines.
- If the evaluated student chose CentOS: what SELinux and DNF are.
- If the evaluated student chose Debian: the difference between
aptitude and apt, and what APPArmor is.
During the defense, a script must display information all
every 10 minutes. Its operation will be checked in detail later.
If the explanations are not clear, the evaluation stops here.
Simple setup
Remember: Whenever you need help checking something, the student being evaluated
should be able to help you.
- Ensure that the machine does not have a graphical environment at launch.
A password will be requested before attempting to connect to this machine.
Finally, connect with a user with the help of the student being evaluated.
This user must not be root.
Pay attention to the password chosen, it must follow the rules imposed in the subject.
- Check that the UFW service is started with the help of the evaluator.
- Check that the SSH service is started with the help of the evaluator.
- Check that the chosen operating system is Debian or CentOS with the help of the evaluator.
If something does not work as expected or is not clearly explained,
the evaluation stops here.
User
Remember: Whenever you need help checking something, the student being evaluated
should be able to help you.
The subject requests that a user with the login of the student being evaluated is present
on the virtual machine. Check that it has been added and that it belongs to the
"sudo" and "user42" groups.
Make sure the rules imposed in the subject concerning the password policy have been put in place by
following the following steps.
First, create a new user. Assign it a password of your choice, respecting the subject rules. The
student being evaluated must now explain to you how they were able to set up the rules requested
in the subject on their virtual machine.
Normally there should be one or two modified files. If there is any problem, the evaluation stops here.
- Now that you have a new user, ask the student being evaluated to create a group named "evaluating" in
front of you and assign it to this user. Finally, check that this user belongs to the "evaluating" group.
- Finally, ask the student being evaluated to explain the advantages of this password policy, as well as the
advantages and disadvantages of its implementation. Of course, answering that it is because the subject asks
for it does not count.
If something does not work as expected or is not clearly explained, the evaluation stops here.
Hostname and partitions
Remember: Whenever you need help checking something, the student being evaluated
should be able to help you.
- Check that the hostname of the machine is correctly formatted as follows:
login42 (login of the student being evaluated).
- Modify this hostname by replacing the login with yours, then restart the machine.
If on restart, the hostname has not been updated, the evaluation stops here.
- You can now restore the machine to the original hostname.
- Ask the student being evaluated how to view the partitions for this virtual machine.
- Compare the output with the example given in the subject. Please note: if the
student evaluated makes the bonuses, it will be necessary to refer to the bonus example.
This part is an opportunity to discuss the scores! The student being evaluated should
give you a brief explanation of how LVM works and what it is all about.
If something does not work as expected or is not clearly explained,
the evaluation stops here.
SUDO
Remember: Whenever you need help checking something, the student being evaluated
should be able to help you.
- Check that the "sudo" program is properly installed on the virtual machine.
- The student being evaluated should now show assigning your new user to the "sudo" group.
- The subject imposes strict rules for sudo. The student being evaluated must first explain the
value and operation of sudo using examples of their choice.
In a second step, it must show you the implementation of the rules imposed by the subject.
- Verify that the "/var/log/sudo/" folder exists and has at least one file. Check the contents
of the files in this folder, You should see a history of the commands used with sudo.
Finally, try to run a command via sudo. See if the file (s) in the "/var/log/sudo/" folder
have been updated.
If something does not work as expected or is not clearly explained, the evaluation stops here.
UFW
Remember: Whenever you need help checking something, the student being evaluated
should be able to help you.
- Check that the "UFW" program is properly installed on the virtual machine.
- Check that it is working properly.
- The student being evaluated should explain to you basically what UFW is and the
value of using it.
- List the active rules in UFW. A rule must exist for port 4242.
- Add a new rule to open port 8080. Check that this one has been added by listing the active rules.
- Finally, delete this new rule with the help of the student being evaluated.
If something does not work as expected or is not clearly explained, the evaluation stops here.
SSH
Remember: Whenever you need help checking something, the student being evaluated
should be able to help you.
- Check that the SSH service is properly installed on the virtual machine.
- Check that it is working properly.
- The student being evaluated must be able to explain to you basically what SSH is and
the value of using it.
- Verify that the SSH service only uses port 4242.
- The student being evaluated should help you use SSH in order to log in with the newly created user.
To do this, you can use a key or a simple password. It will depend on the student being evaluated.
Of course, you have to make sure that you cannot use SSH with the "root" user as stated in the subject.
If something does not work as expected or is not clearly explained, the evaluation stops here.
Script monitoring
Remember: Whenever you need help checking something, the student being evaluated
should be able to help you.
The student being evaluated should explain to you simply:
- How their script works by showing you the code.
- What "cron" is.
- How the student being evaluated set up their script so that it runs every 10 minutes
from when the server starts.
Once the correct functioning of the script has been verified, the student being evaluated
should ensure that this script runs every minute. You can run whatever you want
to make sure the script runs with dynamic values correctly. Finally, the student being evaluated
should make the script stop running when the server has started up, but without
modifying the script itself. To check this point, you will have to restart
the server one last time. At startup, it will be necessary to check that the script
still exists in the same place, that its rights have remained unchanged, and that it
has not been modified.
If something does not work as expected or is not clearly explained, the evaluation stops here.
Bonus
Evaluate the bonus part if, and only if, the mandatory part has been entirely and perfectly done, and the error management handles unexpected or bad usage. In case all the mandatory points were not passed during the defense, bonus points must be totally ignored.
Bonus
Check, with the help of the subject and the student being evaluated, the bonus
points authorized for this project:
- Setting up partitions is worth 2 points.
- Setting up WordPress, only with the services required by the subject,
is worth 2 points.
- The free choice service is worth 1 point.
Verify and test the proper functioning and implementation of each extra
service.
For the free choice service, the student being evaluated has to give you a
simple explanation about how it works and why they think it is useful.
Please note that NGINX and Apache2 are prohibited.
Rate it from 0 (failed) through 5 (excellent)
Ratings
Don’t forget to check the flag corresponding to the defense
Conclusion
Leave a comment on this evaluation
Privacy policy
Terms of use for video surveillance
Rules of procedure
Declaration on the use of cookies
General term of use of the site
Legal notices