sample shiro.ini authentication to Apache Zeppelin

#
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements.  See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License.  You may obtain a copy of the License at
#
#    http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

[users]
# List of users with their password allowed to access Zeppelin.
# To use a different strategy (LDAP / Database / ...) check the shiro doc at http://shiro.apache.org/configuration.html#Configuration-INISections
# To enable admin user, uncomment the following line and set an appropriate password.
admin = admin@123, admin
user1 = password2, role1, role2
user2 = password3, role3
user3 = password4, role2

# Sample LDAP configuration, for user Authentication, currently tested for single Realm
[main]
### A sample for configuring Active Directory Realm
#activeDirectoryRealm = org.apache.zeppelin.realm.ActiveDirectoryGroupRealm
#activeDirectoryRealm.systemUsername = userNameA

#use either systemPassword or hadoopSecurityCredentialPath, more details in http://zeppelin.apache.org/docs/latest/security/shiroauthentication.html
#activeDirectoryRealm.systemPassword = passwordA
#activeDirectoryRealm.hadoopSecurityCredentialPath = jceks://file/user/zeppelin/zeppelin.jceks
#activeDirectoryRealm.searchBase = CN=Users,DC=SOME_GROUP,DC=COMPANY,DC=COM
#activeDirectoryRealm.url = ldap://ldap.test.com:389
#activeDirectoryRealm.groupRolesMap = "CN=admin,OU=groups,DC=SOME_GROUP,DC=COMPANY,DC=COM":"admin","CN=finance,OU=groups,DC=SOME_GROUP,DC=COMPANY,DC=COM":"finance","CN=hr,OU=groups,DC=SOME_GROUP,DC=COMPANY,DC=COM":"hr"
#activeDirectoryRealm.authorizationCachingEnabled = false

### A sample for configuring LDAP Directory Realm
#ldapRealm = org.apache.zeppelin.realm.LdapGroupRealm
## search base for ldap groups (only relevant for LdapGroupRealm):
#ldapRealm.contextFactory.environment[ldap.searchBase] = dc=COMPANY,dc=COM
#ldapRealm.contextFactory.url = ldap://ldap.test.com:389
#ldapRealm.userDnTemplate = uid={0},ou=Users,dc=COMPANY,dc=COM
#ldapRealm.contextFactory.authenticationMechanism = simple

### A sample PAM configuration
#pamRealm=org.apache.zeppelin.realm.PamRealm
#pamRealm.service=sshd

### A sample for configuring ZeppelinHub Realm
#zeppelinHubRealm = org.apache.zeppelin.realm.ZeppelinHubRealm
## Url of ZeppelinHub
#zeppelinHubRealm.zeppelinhubUrl = https://www.zeppelinhub.com
#securityManager.realms = $zeppelinHubRealm

sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager

### If caching of user is required then uncomment below lines
#cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager
#securityManager.cacheManager = $cacheManager

securityManager.sessionManager = $sessionManager
# 86,400,000 milliseconds = 24 hour
securityManager.sessionManager.globalSessionTimeout = 86400000
shiro.loginUrl = /api/login

[roles]
role1 = *
role2 = *
role3 = *
admin = *

[urls]
# This section is used for url-based security. For details see the shiro.ini documentation.
#
# You can secure interpreter, configuration and credential information by urls.
# Comment or uncomment the below urls that you want to hide:
# anon means the access is anonymous.
# authc means form based auth Security.
#
# IMPORTANT: Order matters: URL path expressions are evaluated against an incoming request
# in the order they are defined and the FIRST MATCH WINS.
#
# To allow anonymous access to all but the stated urls,
# uncomment the line second last line (/** = anon) and comment the last line (/** = authc)
#
/api/version = anon
/api/interpreter/** = authc, roles[admin]
/api/configurations/** = authc, roles[admin]
/api/credential/** = authc, roles[admin]
#/** = anon
/** = authc

Shell scripting interview questions Part 2

1: What is a shell?

Shell is a interface between user and the kernel. Even though there can be  only one kernel ; a system can have many shell running simultaneously . Whenever  a user enters a command  through keyboard the shell communicates with the kernel  to execute it and then display the output to the user.

2: What are the different types of commonly used shells  on a typical linux system?

csh,ksh,bash,Bourne . The most commonly used and advanced shell used today is “Bash” .

3:What is the equivalent of a file shortcut that we have on window on a Linux system?

Shortcuts are created using “links” on Linux. There are two types of links that can be used namely “soft link” and “hard link”

4:What is the difference between soft and hard links?

Soft links are link to the file name and can reside on different filesytem as well; however hard links are link to the inode of the file and has to be on the same filesytem as that of the file. Deleting the orginal file makes the soft link inactive (broken link) but does not affect the hard link (Hard link will still access a copy of the file)

5: How will you pass and access arguments to a script in Linux?

Arguments can be passed as:

scriptName “Arg1” “Arg2”….”Argn” and can be accessed inside the script as $1 , $2 .. $n

6: What is the significance of $#?

$# shows the count of the arguments passed to the script.

7: What is the difference between $* and $@?

$@ treats each quoted arguments as separate arguments but $* will consider the entire set of positional parameters as a single string.

8: Use sed command to replace the content of the file (emulate tac command)

Eg:

1 2 3 4

if cat file1 ABCD EFGH

Then O/p should be

EFGH
ABCD

1	sed '1! G; h;$!d' file1

Here G command appends to the pattern space,

h command copies pattern buffer to hold buffer

and d command deletes the current pattern  space.

9: Given a file,  replace all occurrence of word “ABC” with “DEF” from 5^th line till end in only those lines that contains word “MNO”

1	sed –n ‘5,$p’ file1|sed ‘/MNO/s/ABC/DEF/’

10: Given a file , write a command sequence to find the count of each word.

1 2 3

tr –s  “(backslash)040” <file1|tr –s  “(backslash)011”|tr “(backslash)040 (backslash)011” “(backslash)012” |uniq –c where “(backslash)040” is octal equivalent of “space”

”(backslash)011” is octal equivalent of “tab character” and

“(backslash)012” is octal equivalent of newline character.

11: How will you find the 99^th line of a file using only tail and head command?

tail +99 file1|head -1

12: Print the 10^th line without using tail and head command.

1	sed –n ‘10p’ file1

13:In my bash shell I want my prompt to be of format  ‘$”Present working directory”:”hostname”>  and load a file containing a list of user defined functions as soon as I login , how will you automate this?

In bash shell we can create “.profile”  file which automatically gets invoked as soon as I login and write the following syntax into it.

1	export PS1=’$ `pwd`:`hostname`>’ .File1

Here File1 is the file containing the user defined functions and “.” invokes this file in current shell.

14: Explain about “s” permission bit in a file?

“s” bit is called “set user id” (SUID) bit.

“s” bit on a file causes the process to have the privileges of the owner of the file during the instance of the program.

Eg: Executing “passwd” command to change current password causes the user to writes its new password to shadow file even though it has “root” as its owner.

15: I want to create a directory such that anyone in the group can create a file and access any person’s file in it but none should be able to delete a file other than the one created by himself.

We can create the directory giving read and execute access to everyone in the group and setting its sticky bit “t” on as follows:

1 2 3 4 5

mkdir direc1 chmod g+wx direc1 chmod +t direc1

16: How can you find out how long the system has been running?

Command “uptime”

17: How can any user find out all information about a specific user like his default shell, real life name, default directory,when and how long he has been using the sytem?

finger  “loginName”                  …where loginName is the  login name of  the

user whose  information is expected.

18: What is the difference between $$ and $!?

$$ gives the process id of the currently executing process whereas $! shows the process id of the process that recently went into background.

19: What are zombie processes?

These are the processes which have died but whose exit status is still not picked by the parent process. These processes even if not functional still have its process id entry in the process table.

20: How will you copy file from one machine to other?

We can use utilities like “ftp” ,”scp” or “rsync” to copy file from one machine to other.

Eg: Using ftp:

ftp hostname

>put file1

>bye

Above copies file file1 from local system to destination system whose hostname is specified.

21: I want to monitor a continuously updating log file, what command can be used to most efficiently achieve this?

We can use tail –f filename     . This will cause only the default last 10 lines to be displayed on std o/p which continuously shows  the updating part of the file.

22: I want to connect to a remote server and execute some commands, how can I achieve this?

We can use telnet to do this:

telnet hostname –l user

>Enter password

>Write the command to execute

>quit

23: I have 2 files and I want to print the records which are common to both.

We can use “comm” command as follows:

comm -12 file1 file2               … 12 will suppress the content which are

unique to 1^st and 2^nd  file respectively.

24: Write a script to print the first 10 elemenst of Fibonacci series.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23

#!/bin/sh a=1 b=1 echo $a echo $b for I in 1 2 3 4 5 6 7 8 do c=a b=$a b=$(($a+$c)) echo $b done

25: How will you connect to a database server from linux?

We can use isql utility that comes with open client driver  as follows:

isql –S serverName –U username –P password

26: What are the 3 standard streams in Linux?

0 – Standard Input
1 – Standard Output
2 – Standard Error

27: I want to read all input to the command from file1 direct all output to file2 and error to file 3, how can I achieve this?

command <file1 1>file2 2>file3

28: What will happen to my current process when I execute a command using exec?

“exec” overlays the newly forked process on the current  process ; so when I execute the command using exec, the command gets executed on the current shell without creating any new processes.

Eg: Executing “exec  ls”  on command prompt will execute ls and once ls exits, the process will shut down

29: How will you emulate wc –l using awk?

awk ‘END {print NR} fileName’

30: Given a file find the count of lines containing word “ABC”.

grep –c  “ABC” file1

31: What is the difference between grep and egrep?

egrep is Extended grep that supports added grep features like “+” (1 or more occurrence of previous character),”?”(0 or 1 occurrence of previous character) and “|” (alternate matching)

32: How will you print the login names of all users on a system?

/etc/shadow file has all the users listed.

awk –F ‘:’ ‘{print $1} /etc/shadow’|uniq -u

33: How to set an array in Linux?

Syntax in ksh:

Set –A arrayname= (element1 element2 ….. element)

In bash

A=(element1 element2 element3 …. elementn)

34: Write down the syntax of “for “ loop

Syntax:

for  iterator in (elements)

do

execute commands

done

35:How will you find the total disk space used by a specific user?

du  -s /home/user1             ….where user1 is the user for whom the total disk

space needs to be found.

36: Write the syntax for “if” conditionals in linux?

Syntax

If  condition is successful

then

execute commands

else

execute commands

fi

37:What is the significance of $? ?

$? gives the exit status of the last command that was executed.

38: How do we delete all blank lines in a file?

1	sed  ‘^ [(backslash)011(backslash)040]*$/d’ file1

where (backslash)011 is octal equivalent of space and

(backslash)040 is octal equivalent of tab

39: How will I insert a line “ABCDEF” at every 100^th line of a file?

sed ‘100i\ABCDEF’ file1

40: Write a command sequence to find all the files modified in less than 2 days and print the record count of each.

find . –mtime -2 –exec wc –l {} \;

41: How can I set the default rwx permission to all users on  every file which is created in the current shell?

We can use:

1

umask 777

This will set default rwx permission for every file which is created to every user.

42: How can we find the process name from its process id?

We can use “ps –p ProcessId”

43: What are the four fundamental components of every file system on linux?

bootblock, super block, inode block and  datablock

44: What is a boot block?

This block contains a small program called “Master Boot record”(MBR) which loads the kernel  during system boot up.

45: What is a super block?

Super block contains all the information about the file system like size of file system, block size used by it,number of free data blocks and list of free inodes and data blocks.

46: What is an inode block?

This block contains the inode for every file of the file system along with all the file attributes except its name.

47: How can I send a mail with a compressed file as an attachment?

  zip file1.zip file1|mailx –s “subject” Recepients email id

 Email content

 EOF

48: How do we create command aliases in shell?

alias Aliasname=”Command whose alias is to be created”

49: What are “c” and “b” permission fields of a file?

“c “ and “b” permission fields are generally associated with a device file. It specifies whether a file is a character special file or a block special file.

50: What is the use of a shebang line?

Shebang line at top of each script determines the location of the engine which is to be used in order to execute the script.