Lexis (the Linux Exam Invigilation System) allows students to take examinations securely on Linux workstations. It reconfigures a number of lab PCs to provide an “exam only” mode, allowing only a set of registered candidates to log in. It provides each candidate with a prescribed set of files that they can access during the exam, prevents network access via client-side firewalling rules, thus limiting the potential for various forms of cheating, e.g. finding answers on websites, or emailing/chatting with other students in the exam. Lexis also periodically backs up every student’s work while the exam is in progress (typically every minute or two), and retrieves the students’ work at the end of the exam.
A Lexis exam is administered by one or more trusted administrators on one or more designated Lexis servers. The workstations the students use to take the exam are ‘clients’ and are controlled by the Lexis server. A single Lexis server can control all the clients, or for very large exams there can be several servers, each controlling a separate subset of lab machines. A typical configuration uses one server to control 48 clients, although this is merely a pragmatic choice to reduce start up time and dump times. Lexis does not at present have any server-side fault tolerance, i.e. should a Lexis server PC lose its hard disk entirely, the backups of the exam so far on that server would be lost. However, Lexis does have the ability for another server PC to take over from a dead server PC in order to continue backups for the rest of the exam.
The server maintains a connection to all the client machines via ssh. In Lexis mode, any student may sit at any client machine, and they log in using a low-security exam password. While Lexis does record which user sat at which client PC during an exam, it does not provide cryptographic proof that “Fred is really Fred” – that this is a responsibility of the invigilators. We have considered allowing Kerberos/Active Directory authentication through the Lexis client-side firewall, to enable users to log in with their standard password, but have not implemented this as yet.
Once logged in, students see a standard Linux lab environment under Lexis, with all the usual software available. However, network volumes are not available as all network access is blocked. When the candidates log in, their home directory will be /exam . All files made available for the Lexis session will be available within this directory.
They work normally, creating and editing program files, compiling, testing and debugging their programs, using whatever normal Linux-based tools are installed routinely. Students are reminded to save their program files regularly so that the automatic backups contain the newest version of their program files.
When the exam is over, students log out, and leave the exam room, with the client PCs still in Lexis mode. On each server, the Lexis administrator takes a final backup, and then signals the end of the exam; this causes each client PC to reconfigure itself back into normal lab mode and reboot.
The Lexis administrator then copies all the dumps, including each intermediate backups, from each server PC’s local hard disk onto some shared volume. The final state of each candidate’s /exam home directory is extracted automatically, and (usually) copied to some other shared location for auto-testing and marking.
Lexis was written by Mike Wyer and has been maintained and extensively rewritten and modified by Duncan White. It has been ported between many different versions of Linux (covering Redhat, Mandrake, SuSE and most recently Ubuntu). If you are interested in using Lexis in your own institution please email help@doc.ic.ac.uk in the first instance to start a dialog.