⚒️Lab3 - LCL

Open Source-based technologies reduce the prospect of a product suddenly becoming obsolete. It allows for more collaboration and better innovation between industries.

Introduction

In this Lab, you will learn how to work with Docker. Before talking about Docker, let’s take a moment to highlight containers. A container packages code and all its dependencies into a single unit, thus letting an application run quickly and reliably from one computing environment to another. This makes such applications easily portable between machines and solves the “it works on my machine” problem. Though the technology behind containers has been around for a while, Docker made it easier to work with containers. Since its debut in 2013, Docker has become an industry standard. Currently, the core technology exists as a popular, open-source container runtime called Docker Engine.

To create Docker containers, you’ll first need a Docker image. If you’re familiar with object-oriented programming concepts, think of images as classes and containers as objects. Images include everything needed to run an application: code, runtime, system tools, system libraries, and settings.

Docker is ideal for the following use cases, and many more:

• Software prototyping and packaging

• Microservice architecture implementation

• Network modeling

• Continuous integration and delivery

• Reducing debugging overhead

• Running more workloads on the same hardware

Docker Desktop App

One of the best ways to get started with Docker is by installing Docker Desktop—especially if you’re a developer using Mac or Windows. That said, you might be wondering, “What’s Docker Desktop, and how’s it different from the open-source Docker Engine?”

While some developers envision Docker Desktop as just a GUI on top of Docker Engine, that characterization barely scratches the surface. Docker Desktop is an easy-to-install application and includes Docker Engine, Docker CLI client, Docker Compose, Docker Content Trust, Kubernetes, and Credential Helper. Docker Desktop still uses Docker Engine at its core. However, the seamless integration and interoperability of these tools make Docker Desktop user-friendly—regardless of your experience with Docker.

By installing and using Docker Desktop, you’ll enjoy the following features:

• Simple and easy-to-install environment to build, ship, and run your containers

• Easy way to create and manage using volumes

• Local and remote management of Docker images

• Better collaboration by sharing repeatable and reproducible development from your local machine to the container

• Simple, one-click Kubernetes setup for your local machine

• A dashboard for a quick overview of running containers, images, and volumes

• Support for building and using multi-architecture images

In the next section, we will see how to run Linux using the Docker Desktop App

Running Linux

First head over to https://hub.docker.com/ and complete the registration process, then login to your account

Then install the Docker desktop app from https://www.docker.com/products/docker-desktop/ and log in with the credential you just created.

On the search bar, type Ubuntu and then Run its latest version:

When you Run the container, you will see this message in the terminal:

That means you need to run your container in interactive mode to be able to work with it. So let’s run the command prompt and then execute the following commands:

• Run the powershell

• Use: docker ps to see the running processes or containers

• Use: docker ps -a to see the stopped containers as well

• Finally, use: docker run -it ubuntu to run the container in an interactive mode

What we have here is called The Shell, It is a program that takes our commands and passes them to the OS for the execution. In this line, root@982250960ecd:/#, the root is the current user, after @ we have the name of the machine, i.e., 982250960ecd, automatically generated by Docker, after ‘:’ you can see where we are in the file system, i.e., /, which represents the root directory, finally we have # which means we have the highest privileges. If I logged in as a normal user instead of # you would see a $ sign.

Next, we will explore some Linux commands.

Working with Linux Command Line

Let’s see the location of the shell program. You need to run echo $0 as you can see it refers to /bin/bash , bash is the enhanced version of the original shell program. Also using the history command you can see all the commands you have executed lately.

Working with Grep

Now we are going to learn about "grep" command. Grep stands for Global regular expression print. As the name implies, Grep is used to search text files with regular expressions (shortly regex). It prints the lines matching the given pattern in a text file. If no file is given, grep will recursively search the given pattern in the files in current directory. Grep has two variants, namely egrep and fgrep. These variants are deprecated but are provided for backward compatibility. Instead of using "grep -E" and "grep -F", you can use "egrp" and "fgrep", respectively.

First, let’s create a file with some random worlds and show its content.

cat file.txt

To begin the search, just type grep followed by what it is you're looking for and where you are looking from. For example, I am going to look for the string "nix" in file.txt. To do so, I run:

grep nix file.txt

What did you get as the output?! (Include results in your learning journal)

Please note that grep is case-sensitive. What you will get if you run these commands:

grep os file.txt
grep -i os file.txt
grep -i 'hello world' file.txt

(Include results in your learning journal)

We can also pipe an output of a command into grep. Have a look at the following example.

cat file.txt | grep os

(Include results in your learning journal)

Now see what we've got. The output of the file.txt is piped into grep and the words that contain the letters "os" in file.txt have been displayed.

We can also use some special characters or regular expressions in grep.

• ^ - search at the beginning of the line.

• $ - search at the end of the line.

• . - Search any character.

What you will get if you run the following commands:

grep tech file.txt
grep ^tech file.txt
grep x$ file.txt
grep .n file.txt

(Include results in your learning journal)

You should now have a basic understanding of grep usage.

Managing Users in Linux

In Linux we have some commands to add, modify, and delete a user:

useradd, usermod, and userdel

If you run this useradd --help you will see a bunch of options, you can use with this command. Here we only need -m or --create-home and let’s create the user called john.

useradd -m john

where is this user?! And how can I verify it?!

The user’s info is stored in a configuration file in etc directory. Let’s check it:

john:x:1000:1000::/home/john:/bin/sh

In this line “x” means the password is stored somewhere else! “1000:1000” refers to the user’s and its group id. Then we have “/home/john”, the home directory of the user, finally, we have “/bin/sh” the shell program used when this user logs in to this system.

But what if we want to use bash instead of shell when this user logs in? we should modify this information using usermod the command. First, let’s see what options we have:

Here I am going to use -s to modify the shell program.

usermod -s /bin/bash john

Now we can verify it!

Where are the passwords?! There is another file called shadow where all password is stored in an encrypted format. This file is only accessible to the root user!

To learn more about how this file works take a look at this link.

Now that we have created the user, we can login to the container with this user. To do this, while your container is still running in a new tab in the command prompt run the following commands:

First, let’s check if your container is still running and get its id with docker ps

In my case, the id is: 217ef9e08bba. You may get a different ID!

Then use the command exec to execute the bash program in this container with the user john

Then use the following command to log in with the new user:

docker exec -it -u john 217ef9e08bba bash

Let’s see what happens if I want to access the shadow file using john user!

This verifies that I am not a root user!

Managing Groups

First, let’s answer this question why do we need groups? All users in the same group will have the same permission to the system.

Let’s create a group called developers:

We can get its information in a configuration file in etc dir.

Now we want to add john to this group. Again we need to use usermod command but this time with different options.

As you can see we have two options: -g and -G what are the differences?

-g is used to modify a user’s primary group but -G is used to modify a user’s supplementary group.

• Primary Group: Used to decide which files are created by which users. One user must belong to only one group.

• Supplementary Group: Specifies one or more groups for users to share files between them. One user can belong to up to 15 secondary groups.

You can check out this link to understand.

Here we want to modify john’s supplementary group:

We use the groups command to confirm this.

File Permission

First, let’s go to the home directory and create a file called deploy.sh Files with this extension are called shell scripts. In these files, you can put your script and run it in one go!

To get permission for this file we should get a long listing:

• If the first letter is – it is a file. d means it is a directory

• We have 9 letters divided into 3 groups, e.g,. we have rw-r--r-- for the deploy.sh file. The first group is the permission for the user who owns this file. The second group is for the group that owns this file. The third group is the permission for everyone else.

• In each group we have read, write, and execute permissions. In john dire we have rwx that means we have full permission. We have x because we want to go into this directory.

If we try to execute the deploy.sh file we will get a permission error!

Because the root user does not have the execute permission.

Let’s add and then remove execute permission for the user who own this file with the command chmod:

We can do the same for the group and also others:

With that even john can execute this file! Because others have the x permission

We can also combine these in one command:

Here we removed x, r, and w from the group and the others.