Monday, June 27, 2011

Perl dereferencing

Reference in  perl:

$scalarref=\$foo;      # for  storing scalar variable reference
$constref=\182_5555.45    # for  storing constant reference
$arrayref=\@dddd;     # for  storing  array reference
$hashref=\%hash;      # for storing hash reference
$coderef=\&handler;     # for  storing subroutine reference
$globref=\*STDOUT;    # for  storing STDOUT reference
anonymous subroutine composer

$coderef=sub { print "hello!\n"};
$objref=new Doggie Tail=>'short',Ears=>'long';
$objref=Doggie->new(Tail=>'short',Ears=>'long');
Dereference:

for deferencing a scalar variable

$foo="two humps";
$scalarref=\$foo;
$camel-model=$$scalarref;
(or)
$bar=${$scalarref};

For deferencing the array 

 push(@$arrayref,$filename);
$$arrayref[0]="January";
(or)
push(@{$arrayref},$filename);
${$arrayref}[0]="January";
(or)
$arrayref->[0]="January";   # using the arrow operator

For deferencing the hash:

$$hashref{"key"}="Value";
(or)
${$hashref}{"KEY"}="VALUE";
(or)
$hashref->{KEY}="VALUE";  #using the arrow operator

For deferencing the sub-routine reference: 

&$coderef{1,2,3};
(or)
&{$coderef}{1,2,3};

For deferencing the global reference:

print $globalref "output\n";     # prints output to the standard output.

Friday, June 24, 2011

sending arrays as arguments in perl

Here we will learn how to send a array as argument in perl.
Here while sending data the reference of the array has to be sent .In the receiving end in the function we need to use special form of shift one of the below:

1)my @a = @{shift()};
2)my @b = @{shift()};
Simple shift can't be used here as it will shift only the scalar content;
Program:

sub myfunc
{
my @a = @{shift()};   # here @{+shift};  can also be used
print "@a";
}
package main;
@aa=("hello","aaaaa");
&myfunc (\@aa);  # take care here reference is used.

output:

hello aaaaa

function call in perl

There are three ways to call function in perl:

sub myfunc {  .  .  .  }
1)&myfunc(1,2,3);                old  style
2)myfunc(1,2,3);                  No ampersand
3) myfunc 1 , 2 , 3;                Works only if myfunc has already been declared.

Sample program:


1)package main;
$aa="hello";
$bb="aaaaa";
&myfunc ($aa,$bb);      #  in this case the subroutine can be defined before or after the function call;
sub myfunc
{
@aa[0]=shift ;
@aa[1]=shift;
print "@aa";
}

output :

hello aaaaa
2)

sub myfunc         # @_ is the default array where all the values are stored
{
@aa[0]=shift ;      # values are shifted
@aa[1]=shift;
print "@aa";
}
package main;
$aa="hello";
$bb="aaaaa";
myfunc($aa,$bb);       #  in this case the subroutine can be defined before or after the function call;

output:

hello  aaaaa
3)In the third case the disadvantage is when u try to call the function without the defining the function in the preceding code it will return error.


package main;
$aa="hello";
$bb="aaaaa";
myfunc $aa,$bb;   # here the myfunc not defined in the preceeding lines.
sub myfunc
{
@aa[0]=shift ;
@aa[1]=shift;
print "@aa";
}

output:

G:\perl_programs>perl function_perl.pl
Can't locate object method "myfunc" via package "hello" (perhaps you forgot to l
oad "hello"?) at function_perl.pl line 5.

It works if used like this:


sub myfunc
{
@aa[0]=shift ;
@aa[1]=shift;
print "@aa";
}
package main;
$aa="hello";
$bb="aaaaa";
&myfunc ($aa,$bb);

output:

hello aaaaa

$_(default) in perl

$_ is the default argument
It is the default argument for many operators and also some control structures.
$_ is a normal scalar variable and it can be used as a normal scalar variable,you can change it.print it and use it.
Some of the common usuages of $_ and how the default operator is automatically interpreted in perl :


print $_;
print;                        Same result

print "found it" if  $_ =~ /Rosebud/;
print  "found  it " if  /Rosebud/;               Same result


foreach $_(@list) { &do_something($_) };e
foreach (@list){  &do_something($_) };       Same result


while (defined($_ = <STDIN>)){ print $_; }
while(<STDIN>){ print ; }                                 Same result

$_ always belongs to the main package.
Even if you define $_ in some other package it will default always to $main::$_


package hello;
$_="hai";
package main:
print $_;       #  it prints hai
Here hai as print $_;  is same as --->  print $main::$_;


You can even use $hello::$_ and assign it some value.print it.But this is not same as $_ and it has no special property.

Tuesday, June 21, 2011

perl check true or false

In perl  0 and "" are considered as false and all others are considered as true.

In Perl for checking the variable  is assigned , you should not check the value returned is false,as it may fail in some cases.

Consider for example:

if ($variable)
{
          print "valuse present";
}
else
{
         print "value not present"
}

This check will fail tremendously when $variable is equal to 0


The correct way to do it is


while (defined ($variable)){
          print "valuse present";
}
else
{
         print "value not present"
}

In case of hash to check if the element is present in the hash.

In this case the exists operator has to be used.


if (exists($hash{'foo'})) {      }   TRUE

In this case if you use defined function it will always return true.

perl true false

In perl  0 and "" are considered as false and all others are considered as true.

In Perl for checking the variable  is assigned , you should not check the value returned is false,as it may fail in some cases.

Consider for example:

if ($variable)
{
          print "valuse present";
}
else
{
         print "value not present"
}

This check will fail tremendously when $variable is equal to 0


The correct way to do it is


while (defined ($variable)){
          print "valuse present";
}
else
{
         print "value not present"
}

In case of hash to check if the element is present in the hash.

In this case the exists operator has to be used.


if (exists($hash{'foo'})) {      }   TRUE

In this case if you use defined function it will always return true.

Comparison in perl

Perl has two different set of comparison operators for both numbers and string.

For string we need to use only the following operators
In case of string the comparison takes place ASCIIbetically -that is by comparing ASCII values of the characters in Strings.


'a' lt 'b'         TRUE
'a' eq 'A'      FALSE-capitalization
"joseph" eq "joseph "  FALSE-spaces count
"H"  cmp "He"  -1--cmp operator

The cmp operator does a string comparison and returns -1,0,1 depending on the left argument is greater than,less than the right argument.
This operator should not be used for string comparison


"aaaaaaaa"  == "fgdfgdfgdf"    TRUE always as for equal to operator the string always looks to be 0

Numeric comparison use the following:

0<5                     TRUE
10 == 10.0          TRUE
10 <=> 9.5          1     --->spaceship operator
The spaceship operator is like cmp for strings except it compares numerically.
Should not use string comparators for numeric.

'10' gt '2'               FALSE -  '1' sorts before 2
"10.0" eq "10"       FALSE-different strings

Monday, June 20, 2011

perl array references and hash references


In case of hashes
%ddd=(ddd,ff,ff,fg.dd.ss.aa.sss,xxx,qqq,ccc);
%ddd=(ddd=>ff,ff=>fg,....);
But when it used as hash reference.
$ddd={ddd=>ff,ff=>fg,....};
To create empty hash refernce.
$ddd={};

In case of arrays it is different
@sss=("gghgh","dsdsd","qwqwqw","qqq");
When used as array refernce
$sss=["gghgh","dsdsd","qwqwqw","qqq"];
To create a empty array reference;
$sss=[];

emptying a array in perl


@array=();
undef @array;
$#aray=-1;

Here array signifies the array name

Inheritance in perl example

Kindly understand the class in Perl means Package.

In case of perl,inheritance takes place by @ISA variable.
Here the classes from which a package has to inherit can be assigned to the @ISA variable.
When object belonging to the class comes across a method call it first searches in the current class(package),if not available it searches in the class specified in the @ISA variable left to right.
If not found also in the @ISA variable ,then only throws a error.
In case of Perl,multiple inheritance is also possible.

Take this perl program for example:


#here the package A has the new constructor which is responsible for creating the Perl object.Here it creates #anonymous hash by using "{}" and blessing into package which comes through shift.
#it also has a subroutine A_method
package A;
sub new { bless {}, shift };
sub A_Method {
print "A_Method\n";
}


package B;
#here the inherutance is defined and @ISA of package B is assigned to A.This makes Package B to inherit
# from A.It has two sub-routines.
@ISA=qw(A);
sub B_Method {
print "B_Method\n";
}
sub Method {
print "Method (in B)\n";
}


package C;
#here @ISA is assigned to B. Now the Package C inherits both from B and A as B inherits from A.It also #has two subroutines.
@ISA = qw(B);
sub C_Method{
print "C_Method\n";
}
sub Method {
print "Method (in B)\n";
}


package main;
# By this method a object reference of the package is returned.
$a = new A;
#here the method first gets converted into  A::new(A) in the format of class::Method('class','arg1','arg2')
#here the new method of Package A is inherited to return the object reference for B.
$b=new B;
#here the new method of Package A is inherited to return the object reference for B.
$c=new C;
$c->C_Method(); #here it calls C_Method of class C
$c->Method();  #here it calls Method of class C
$c->B_Method();#here it calls inherited B_Method of class B
$b->A_Method();#here it calls inherited A_Method of class A
$a->B_Method();#returns a fatal error as the Object A does not inherit B.

OUTPUT:

G:\perl_programs>perl perlinherit.pl
C_Method
Method (in B)
B_Method
A_Method
Can't locate object method "B_Method" via package "A" at perlinherit.pl line 43.


For better understanding also refer to the below program.

Here there are two Classes Person and Student.
The Package Student inherits the new sub-routine of Class Person to define a Student.


package Person;
sub new
{
my $pkg=shift;
bless{ @_ },$pkg;
}
package Student;
# here the Student inherits the Person Package.
@ISA=qw(Person);
$ddd=new Person(name=>"jjjjj",age=>55);
$aaa=new Student(name=>'ssss',id=>55,class=>"tenth");
print $ddd->{name}; # here it prints the name of the Person
print $aaa->{name}; # here it prints the name of the Student.

Output:

jjjjj
ssss

Wednesday, June 15, 2011

use vs require in perl

Use  and require both are used to load the modules with slight differences..

Use:
1)The loading the modules takes place at the compile time.
20The use can be used only to load the module.i.e. the .pm file.
3)the file Extensions should not be specified.
It will be used as
use sample 
if the module name is sample.pm

Require:
1)In case of require the module loading takes place at the run time.
2)The require can be used to load both module and .pl file.
3)The file Extensions has to be specified.
It will be used as
use sample.pm 
if the module name is sample.pm.


use export in perl

Exporter is generally used to import the variables and functions of the modules into the user's namespace.Here there is no need to declare the object and call the function of the modules using that object.

These are the things which have to be included in the module from where you need to export:
use Exporter.
@ISA=qw(Exporter);
@EXPORT = qw(add subtract);
@EXPORT_OK=qw(multiply divide);

Here use Exporter loads the module into the user namespace at the compile time.
@ISA is similar to the inheritance.
Here we add Exporter to the @ISA array.
@EXPORT contains the list of symbols which are exported into the user's namespace.
@EXPORT_OK contains the list of symbols which can be exported if requested by the user.
How really the export takes place:
For example:
consider the module example.pm:

use Example;
use Exporter.

@ISA=qw(Exporter);
@EXPORT = qw(add subtract);
@EXPORT_OK=qw(multiply divide);
sub add
{
($no1,$no2)=@_;
$no3=$no1+$no2;
return $no3;
}
sub subtract
{
($no1,$no2)=@_;
$no3=$no1-$no2;
return $no3;
}
sub multiply
{
($no1,$no2)=@_;
$no3=$no1*$no2;
return $no3;
}
sub divide
{
($no1,$no2)=@_;
$no3=$no1/$no2;
return $no3;
}
1;# this important to signify the end of the package.

Let us use  this module in another file sample.pl:

Content of sample.pl to use Export Module:


# in this case only the default subroutines add and subtract will be added to the user's namespace
use Example;
#But when you need multiply and divide subroutines you need to specify as these are available only on #demand basis in @EXPORT_OK.
use Example qw(multiply divide);
# once it is imported into the namespace you can directly use it
$ss=add(10,50);
print "addition results are:$ss";
#In similar way all the subroutines can be called
The significance of @ISA here is :when the perl program or module cannot find the perl program in the current module ,it will search for in the modules added in the @ISA array before throwing any error.

How this works:
When the sample.pl loads the module Example.pm  the import module in the Example.pm is called automatically making  the functions and variables to be added into the user's namespace.

Tuesday, June 14, 2011

sudo -l not working

sudo -l is a substiitute for profile -l in Solaris.

sudo -l  just prints the commands for which the user has permission to run.

The general way to do it is:

su to the corresponding user and type sudo -l

su user

It will print all the commands the user has perminission to run.

sudo -l   username 
will not work in Linux though profile -l username works for Solaris.

If you get error that the user is not in sudoers or permission denied.

Then it says this particular user is not in the /etc/sudoers.
Check whether  user is present  in any of USER_ALIAS in the /etc/sudoers .
If not add the user to a  appropriate group(USER_ALIAS) in the sudoers file.

For immediate requirement you can also find the  command list by manually tracing  through  the /etc/sudoers file for the user.


netstat getnameinfo failed error

netstat -pt shows getname info failed error when u try to grep something from the output.

the error is due to one of the IP's in the netstat output cannot be converted into hostname as it does not exist in the /etc/hosts instead it is getting converted to UNKNOWN.

You avert the error by using


1) netstat -pt --numeric_ports  | grep something
when you use this command the IP's will not  be converted into hostnames and the error will not arise.

2)or try to find for which IP's the hostname is not generated and in the netstat  output it shows as UNKNOWN and try to add those IP's to the /etc/hosts.
And in some cases it may also be tunnel IP's which is unknown to the system and it will be of different format.

Sunday, June 12, 2011

RBAC in solaris and Linux

RBAC  in Solaris
The following figure illustrates how the RBAC databases work together.
In case of Solaris the user_attr,prof_attr,auth_attr,policy.c work together to make the RBAC work.

Figure 7–1 RBAC Database Relations
Diagram shows data flow from exec_attr and auth_attr to prof_attr, which in turn flows to user_attr and policy.conf file, then to the user or role.
The user_attr database 
stores the basic definitions for both users and roles, which are differentiated by the type field. The user_attrdatabase contains the attributes that are shown in the figure, which includes a comma-separated list of rights profile names. 
The user_attr is responsile for assigning the  profiles,authorizations to the roles or users.
The prof_attr database 
contains rights profile identification information, authorizations that are assigned to the profile, and supplementary profiles. 
The exec_attr database 
 identifies the security policy and contains commands with their associated security attributes. The auth_attr database supplies authorization information to the Sun Management Console tools.This is responsible for restricting users to run only certain commands.This defines the profiles to the commands which can be run by them.
The auth_attr database
defines the authorizations which can be given to users or roles in the user_attr database or the prof_attr database.
The policy.conf data base:
 supplies default authorizations and rights profiles that are to be applied to all users.

The user_attr Database
The user_attr database contains user and role information that supplements the passwd and shadow databases. The user_attrdatabase contains extended user attributes such as authorizations, rights profiles, and assigned roles. The fields in the user_attrdatabase are separated by colons, as follows:
user:qualifier:res1:res2:attr
The following table describes these fields.
Field Name 
Description 
user
The name of the user or role as specified in the passwd database.
qualifier
Reserved for future use.  
res1
Reserved for future use. 
res2
Reserved for future use. 
attr
An optional list of semicolon-separated (;) key-value pairs that describes the security attributes to be applied when the user runs commands. The four valid keys are typeauthsprofiles, and roles.

  • The type key can be set to normal, if this account is for a normal user, or to role, if this account is for a role.
  • The auths key specifies a comma-separated list of authorization names that are chosen from names that are defined in the auth_attr database. Authorization names can include the asterisk (*) character as a wildcard. For example, solaris.device.* means all of the Solaris device authorizations.
  • The profiles key specifies an ordered, comma-separated list of rights profile names from the prof_attrdatabase. The order of rights profiles works similarly to UNIX search paths. The first rights profile in the list that contains the command to be executed defines which (if any) attributes are to be applied to the command.
  • The roles key can be assigned to the user through a comma-separated list of role names. Note that roles are defined in the same user_attr database. Roles are indicated by setting the type value to role. Roles cannot be assigned to other roles.
The following example demonstrates how the Operator role is defined in a typical user_attr database and how it is assigned to userjohnDoe. Roles and users are differentiated by the type keyword.
% grep operator /etc/user_attr 
johnDoe::::type=normal;roles=sysadmin,operator
operator::::profiles=Operator;type=role

The auth_attr Database

All authorizations are stored in the auth_attr database. Authorizations can be assigned directly to users (or roles) in the user_attrdatabase. Authorizations can also be assigned to rights profiles, which are assigned to users.
The fields in the auth_attr database are separated by colons, as follows:
authname:res1:res2:short_desc:long_desc:attr
The following table describes these fields.
Field Name 
Description 
authname
A unique character string that is used to identify the authorization in the format prefix.[suffix]. Authorizations for the Solaris operating environment use solaris as a prefix. All other authorizations should use a prefix that begins with the reverse-order Internet domain name of the organization that creates the authorization (for example, com.xyzcompany). The suffix indicates what is being authorized, which is typically the functional area and operation.
When the authname consists of a prefix and functional area and ends with a period, the authname serves as a heading to be used by applications in their GUIs, rather than as an actual authorization. The authname ofsolaris.printmgr. is an example of a heading.
When authname ends with the word “grant,” the authname serves as a grant authorization and lets the user delegate authorizations with the same prefix and functional area to other users. The authname ofsolaris.printmgr.grant is an example of a grant authorization. solaris.printmgr.grant gives the user the right to delegate such authorizations as solaris.printmgr.admin and solaris.printmgr.nobanner to other users.
res1
Reserved for future use. 
res2
Reserved for future use. 
short_desc
A terse name for the authorization that is suitable for display in user interfaces, such as in a scrolling list in a GUI. 
long_desc
A long description. This field identifies the purpose of the authorization, the applications in which it is used, and the type of user who might be interested in using it. The long description can be displayed in the help text of an application. 
attr
An optional list of semicolon-separated (;) key-value pairs that describe the attributes of an authorization. Zero or more keys can be specified.  
The keyword help identifies a help file in HTML. Help files can be accessed from the index.html file in the/usr/lib/help/auths/locale/C directory.
The following example shows an auth_attr database with some typical values.
% grep printer /etc/security/auth_attr 
solaris.admin.printer.:::Printer Information::help=AuthPrinterHeader.html
solaris.admin.printer.delete:::Delete Printer Information::help=AuthPrinterDelete.html
solaris.admin.printer.modify:::Update Printer Information::help=AuthPrinterModify.html
solaris.admin.printer.read:::View Printer Information::help=AuthPrinterRead.html
Note that solaris.admin.printer. is defined to be a heading, because it ends in a dot (.). Headings are used by the GUIs to organize families of authorizations.

The prof_attr Database

The prof_attr database stores the name, description, help file location, and authorizations that are assigned to rights profiles. The commands and security attributes that are assigned to rights profiles are stored in the exec_attr database (see The exec_attrDatabase). The fields in the prof_attr database are separated by colons:
profname:res1:res2:desc:attr
The following table describes these fields.
Field Name 
Description 
profname
The name of the rights profile. Rights profile names are case-sensitive. This name is also used by the user_attrdatabase to indicate rights profiles that are assigned to roles and users.
res1
Reserved for future use. 
res2
Reserved for future use. 
desc
A long description. This field should explain the purpose of the rights profile, including what type of user would be interested in using it. The long description should be suitable for display in the help text of an application. 
attr
An optional list of key-value pairs that are separated by semicolons (;) that describes the security attributes to apply to the object on execution. Zero or more keys can be specified. The two valid keys are help and auths.
The keyword help identifies a help file in HTML. Help files can be accessed from the index.html file in the/usr/lib/help/auths/locale/C directory.
The keyword auths specifies a comma-separated list of authorization names that are chosen from those names that are defined in the auth_attr database. Authorization names can be specified with the asterisk (*) character as a wildcard.
The following example shows a typical prof_attr database. Note that the Printer Management rights profile is a supplementary rights profile that is assigned to the Operator rights profile.
% grep 'Printer Management' /etc/security/prof_attr 
Printer Management:::Manage printers, daemons, spooling:help=RtPrntAdmin.html; \ 
auths=solaris.admin.printer.read,solaris.admin.printer.modify,solaris.admin.printer.delete \
Operator:::Can perform simple administrative tasks:profiles=Printer Management,\
Media Backup,All;help=RtOperator.html
...

The exec_attr Database

An execution attribute is a command that is associated with a specific UID or GID and that is assigned to a rights profile. The command with its security attributes can be run by users or roles to whom the rights profile is assigned.
The exec_attr database stores the definitions of the execution attributes.
The fields in the exec_attr database are separated by colons:
name:policy:type:res1:res2:id:attr
The following table describes these fields.
Field Name 
Description 
name
The name of the rights profile. Rights profile names are case-sensitive. The name refers to a rights profile in theprof_attr database.
policy
The security policy that is associated with this entry. Currently, suser (the superuser policy model) is the only valid entry.
type
The type of entity that is specified. Currently, the only valid entity type is cmd (command).
res1
Reserved for future use. 
res2
Reserved for future use. 
id
A string that identifies the entity. Commands should have the full path or a path with a wildcard. To specify arguments, write a script with the arguments and point the id to the script.
attr
An optional list of semicolon (;) separated key-value pairs that describes the security attributes to apply to the entity on execution. Zero or more keys can be specified. The list of valid keywords depends on the policy that is enforced. The four valid keys are euiduidegid, and gid.
The euid and uid keywords contain a single user name or a numeric user ID (UID). Commands that are designated witheuid run with the effective UID indicated, which is similar to setting the setuid bit on an executable file. Commands that are designated with uid run with both the real and effective UIDs.
The egid and gid keywords contain a single group name or numeric group ID (GID). Commands that are designated with egid run with the effective GID indicated, which is similar to setting the setgid bit on an executable file. Commands that are designated with gid run with both the real and effective GIDs.
The following example shows some typical values from an exec_attr database.
% grep 'Printer Management' /etc/security/exec_attr
Printer Management:suser:cmd:::/usr/sbin/accept:euid=lp
Printer Management:suser:cmd:::/usr/ucb/lpq:euid=0
Printer Management:suser:cmd:::/etc/init.d/lp:euid=0
.
.
.

The policy.conf File

The policy.conf file provides a way of granting specific rights profiles and authorizations to all users. The two types of entries in the file consist of key-value pairs. They are the following:
  • AUTHS_GRANTED=authorizations – Refers to one or more authorizations
  • PROFS_GRANTED=right profiles – Refers to one or more rights profiles
The following example shows some typical values from a policy.conf database.
# grep AUTHS /etc/security/policy
AUTHS_GRANTED=solaris.device.cdrw

# grep PROFS /etc/security/policy
PROFS_GRANTED=Basic Solaris User

This was referred from:http://download.oracle.com/docs/cd/E19683-01/817-0365/6mg5vpmek/index.html

RBAC in LINUX
In case of Linux all these are taken care by a single file /etc/sudoers
To my understanding there is no right profile concept in Linux.It's all taken care
by grouping users.
CMD_ALIAS takes care of the work done by user_attr in Solaris.In Linux CMD_ALIAS is used to group commands whereas in Solaris user_attr is used to define commands to a particular profile.
For example:
# All the shutdown commands
 Cmnd_Alias SHUTDOWN_CMDS = /sbin/shutdown, /sbin/reboot, /sbin/halt
 # Printing commands
 Cmnd_Alias PRINTING_CMDS = /usr/sbin/lpc, /usr/sbin/lprm
 # Admin commands
 Cmnd_Alias ADMIN_CMDS = /usr/sbin/passwd, /usr/sbin/useradd, /usr/sbin/userdel, /usr/sbin/usermod, /usr/sbin/visudo
 # Web commands
 Cmnd_Alias WEB_CMDS = /etc/init.d/apache2
In Linux USER_ALIAS is used to group the users where as in Solaris we individually assign a role,profile to user in /etc/user_attr
For example:
# Everybody in the system group "admin" is covered by the alias ADMINS
 User_Alias ADMINS = %admin
 # The users "tom", "dick", and "harry" are covered by the USERS alias
 User_Alias USERS = tom, dick, harry
 # The users "tom" and "mary" are in the WEBMASTERS alias
 User_Alias WEBMASTERS = tom, mary
 # You can also use ! to exclude users from an alias
 # This matches anybody in the USERS alias who isn't in WEBMASTERS or ADMINS aliases
 User_Alias LIMITED_USERS = USERS, !WEBMASTERS, !ADMINS
Assigning a role or group to commands takes place in a single line in Linux whereas in Solaris we need to first define a role and then we need to independently assign the user to the role.
It takes place in Linux by the following step:
# User privilege specification
root    ALL=(ALL) ALL
Here root can run any command from any terminal acting as any user.
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
Here user belonging to the admin group can run any command from any terminal acting as any user.
To summarize in Linux it may look more simple to accomplish RBAC ,in Solaris it may look  more standarized.sudo and the RBAC implementation accomplish the same basic objectives. The RBAC implementation has a GUI, a finer granularity, and name
service compatibility. Most importantly, sudo is freeware, but RBAC is supported by sun.
For more detailed understanding you may refer to the below url:
http://www.sun.com/software/whitepapers/wp-rbac/wp-rbac.pdf

Wednesday, June 8, 2011

wireless sensor network project


INTELLIGENT SPEED PREVENTION USING
WIRELESS SENSOR NETWORKS




Abstract:


In present world, where accidents have become more a day to day happening .It is high time that we come up with a plan to suppress it down. Our paper concentrates on how these daunting accidents which has great toll on valuable lives be curtailed .In India; we don’t have a complicated system which could facilitate to control the accidents. So we have a taken an initiative to control the dreadful accidents, which is at soaring rates at present by means of this paper.
 Our paper is about the prevention of accidents in case of bent roads where most accidents is suspected to happen as in this case vehicle on one side  ignorant about the vehicle coming on the other side. In this paper, we instill awareness in the driver of vehicle coming on one side of the road about the speed and type of other side vehicle of a bent road and make him cautious about the dangers befall him.  
In this paper we have used wireless sensors to demonstrate our idea. Wireless Sensors being a novel concept we really suppose this will help us to transcend our idea. We really presume that this paper will really help in reducing the atrocious accidents which takes a heavy toll on lives.

Scope:
This project been implemented in bent roads where accidents are common will greatly help in preventing the accidents in a great way.

IMPLEMENTATION:
BASIC DIAGRAM:





 SENSOR NODE HARDWARE
 Sensor node a part of the wireless sensor, which consists of a processor,
·        A radio and processor,
·        A magnetometer,
·        A battery and
·         A cover for protection from the vehicles.


The processor and the radio are located in MICA2DOT, the latest family of Berkeley motes .The microprocessor is Atmel ATmega128L with 128kB of programmable memory and 512kB of data flash memory.
It runs TinyOS, an operating system developed at UC Berkeley, from its internal flash memory.
TinyOS enables the single processor board to run the sensor processing and the radio Communication simultaneously.
The radio is ChipCon CC1000 916MHz, frequency shift keying (FSK) RF transceiver, capable
of delivering up to 40kbps. The RF transmit power can be changed in software.
        There are two HMC1051Z magnetic sensors, based on anisotropic magneto resistive (AMR) sensor technology. To receive one sample, the magnetometer is active for 0.9 msec and the energy spent for taking one sample is 0.9μJ. The magnetometer is turned off between samples for energy conservation.
  The battery is Tadiran Lithium TL5135, with 1.7Ah capacity in a compact size. The
entire unit is encased in a Smart Stud cover, designed to be placed on pavement and able to withstand 16,000 lbs. So the node is protected and can be glued on anywhere on the pavement.
                                                                                                    
                                                                 
SENSOR NODE BASIC  DIAGRAM




GATEWAY NODE:

In a communications network, a network node equipped for interfacing with another network node.
In this case Gateway Node is used to receive the signals from the sensor node on one side of the road and to transmit the signal to the sensor node on the other side of the road.It is simply a node
Which can receive the signal from one side and transmit the data to the other side.
We program the gateway node using netc in tinyos according to our need.

ACTUATOR:


The actuator receive signal from the sensor node about the type and speed of the vehicle coming on the other side. The microprocessor processes the data and it switches on a corresponding relay based on the information supplied by the sensor node.
For ex:  a lorry or heavy locomotive coming a red light will be switched on making the driver cautious about the presence of a heavy locomotive on the other side.
VEHICLE DETECTION:




The sensor detects distortions of the Earth’s field caused by a large ferrous object like a vehicle.
Such a vehicle can be modeled by a composite of many dipole magnets. Since

the distortion depends on the ferrous material, its size and orientation, a magnetic signature is induced  corresponding to the vehicle’s shape and configuration.


Based on the distortions produced in the sensor we may detect the speed and the type of vehicle.


These distortions are processed by the processor and based on the magnitude the type of vehicle is found out.
Speed detection:
                                                     
                     VEHICLE             A                  B
                                                     SENSOR
                                                       NODE
                                                     
                             
To detect the speed of the vehicle the time when sensor node A and node B suffers distortions
is processed by the  processor in the GATEWAY node and the speed is found out by the simple formulae
    

 Since the distance between the sensor node A and sensor node B is constant and
The time when sensor node A and sensor node B suffer distortions, this information is send to the GATEWAY Node which calculates the time difference and calculates the speed of the vehicle using the formulae specified above. This information is then send to the sensor Node on the other side which excites the actuator which switches on a particular light based on the speed and type of vehicle.




The following graph shows the excitation in the output of the node A and node B when a vehicles passes across

Likewise the speed is detected and the type of vehicle is also detected and consequently a particular output signal is triggered by the actuator based on the data supplied to it.

 COMMUNICATION PROTOCOL

Since the communication is wireless it is must to write protocol to control the communication between the sensor nodes and the GATEWAY Nodes.
In a sensor node, battery energy is mostly consumed by the radio. Therefore, the networks


Communication protocol, which determines how the radios are operated, has a decisive influence
on battery lifetime. Existing MAC protocols fall into one of two categories: random
Access and time division multiple access (TDMA).
In this paper we use random access  since the information must be passed to the gate way node whenever there is a vehicle.But at other times it is said to be inactive state on the verge of conserving power.Once the information passed to the gateway node ,this information is processed and  passed on to the sensor node located on the other side of the road which as a result produces the output signal.

Salient Features:


  • The process is wireless so no need of placing wires under the ground.
  • Till date in india we don’t have a complicated system to curb down the accidents.
  • This can be installed in every bent roads where accidents are frequent.
  • There is no need of maintenance since the work can be automated with the help of protocols and programs written in Netc in TinyOS environment.
  • This will greatly help in reducing the soaring accident rates .



FUTURE ENHANCEMENTS:


·         This paper can be extended so that vehicles may receive the signals directly from the sensor node than viewing as signal on the side of the road.
·         A camera can also be embedded on the bottom of the road so that the reg no of the vehicle can be picturised and corresponding speed can be stored in the database along with it.
·         It can be also extended to be used for overspeed prevention by informing the traffic department about the vehicle no which have exceeded the speed limit of that locality.


REFERENCES:
BOOKS:
1.       Networking Wireless Sensors 
                    by Bhaskar Krishnamachari

2.       Wireless Sensors and Instruments: Networks, Design, and Applications
by Halit Eren

WEB LINKS:
1.      en.wikipedia.org/wiki/Wireless_Sensor_Networks

2.      www.xbow.com/

3.     http://www.sensorsmag.com/articles/0499/0499_10/main.shtml


SOFTWARE USED:
1.      NETC IN TINYOS ENVIRONMENT

I Posted it  just to give a idea regarding the sensor network projects.Ki ndly don't imitate it in any of the paper presentations.
I am always open to comments.Kindly comment in case you want to ask something regarding this paper.
Tell me your comments about this paper