3rd Day of Linux Learning

3rd day of Linux learning

Time: 20180718

Directory

Linux User and Group management

Sudo

Kernel space

User space

Library calls

System calls

How to install a virtual machine

Basic knowledge of computers

Linux User and Group management

Administrator Root ID 0

Normal User 1-65535

Configuration file Resolution

/etc/password

7 field: Name:password:UID:GID:GECOS:directory:shell

/etc/group Group and its attribute information

4 field: Group_name:password:GID:user_list

/etc/shadow user passwords and their associated properties

9 fields

Login Name

Encrypted password

Date of last password change

Minimum password age

Maximum password age

Password warning Period

Password Inactivity Period

Account Expiration Date

Reserved field

/etc/gshadow group password and its related properties

4 field: Group_name:password:GID:user_list

The complexity strategy for passwords

1 use of at least 3 of the numbers, uppercase letters, lowercase and special characters

2 long enough

3 Use random password (no regular password, use system generated random sequence number)

4 regular replacement, do not use the most recently used password

User and group-related administrative commands

Useradd, Groupadd, Su, Usermod, passwd, Userdel, Groupmod, Groupdel

GPASSWD, Newgrp, Chage, CHFN, Chsh, finger

(Detailed command explanation see another document)

sudo This command allows an administrator to authorize regular users to use commands that some non-ordinary users can use

The most important thing is that at the same time, ordinary users do not know the administrator's password when using the command, greatly reducing the system

Security, you need to configure the/etc/sudoers file if you want to make it effective

This file has a configuration syntax rule, so it is not recommended to open the configuration directly, there is a command dedicated to the configuration

This file, and will check the configured syntax error on exit, the command is Visudo

Defining formatting Rules

The source hostname of the account login = (switchable identity) commands that can be executed via sudo

Such as

Mysky all= (Root)/usr/bin/passwd

Precautions

1 means all the all must be capitalized

2 The following command must be an absolute path

3 The front user can be the representation of a group group%group_name

4 If you do not need to enter a password when you execute sudo, you can say it in front of the command

Nopasswd:command Enforce password authentication using Passwd:command

User accounts, commands executed can also be defined using some aliases

The keyword User_alias represents a username alias such as User_alias Userg=mysky,centos

The keyword Cmnd_alias represents a command alias such as Cmnd_alias Comm_g=/sbin/fdisk,...

The keyword Host_alias represents a host alias such as Host_alias Host_g=myskyhost,...

-K clears tokens from previous memory

-L View the sudo command that the current user can execute, and the other is to display the line in the sudo configuration file

-u USERNAME command to run command commands with the specified user

3rd Day of Linux Learning