8.1_linux use and user management of pipelines

What is a pipe?

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M01/85/4F/wKioL1ef9n7xilg1AABhH_ly20w292.png "title=" 8.png " alt= "Wkiol1ef9n7xilg1aabhh_ly20w292.png"/>

The pipeline is the standard output of command 1 sent to the standard input of command 2, the standard output of command 2 sent to the standard input of command 3 ...

The last command executes in the child shell process of the current shell process to

The pipeline implements a small program with a single purpose, and combines small programs to accomplish complex tasks.

Piping needs to be used in conjunction with other commands

The use of TR commands, often used in conjunction with piping

    -c or--complerment: takes the complement of the character set     -d or--delete: Deletes all characters belonging to the first character set;     -s or-squeeze-repeats: the consecutive repeating character is represented by a single character     - T or--truncate-set1: First remove the characters from the first character set that are more than the second character set     \NNN       octal value NNN   characters (1 to 3 digits)     \\         backslash      \a         Terminal ringing     \b          BACKSPACE     \f         Page change     \n         line Break     \r          Enter     \t          Horizontal Tabs     \v         Vertical Tabs     [:alnum:]     all the letters and numbers   &nbsp [:alpha:]     All letters    [:blank:]     all white space characters in horizontal order     [:cntrl:]     all the control characters    [:d igit:]     all the numbers    [:graph:]     all printable characters, excluding spaces    [:lower:]      All lowercase letters    [:p rint:]     all printable characters, including spaces    [:p unct:]      All punctuation characters    [:space:]     all white-space characters that are arranged horizontally or vertically    [ :upper:]     All capital letters    [:xdigit:]    all hexadecimal numbers     [= character =]      All characters equal to the specified character

e.g. LS | Tr ' A-Z ' A-z ' with ls command to convert all lowercase letters of standard output to uppercase

[[email protected] ~]# ls -l | tr  ' A-Z '   ' A-Z ' total 124-rw-r--r--.  1 root root   860 jul 28 17:33 1test-rw-r--r--.  1  ROOT ROOT   909 JUL 28 17:34 2TEST-RW-------.  1 ROOT  root  1482 jul 20 17:25 anaconda-ks. Cfg-rw-r--r--.  1 root root    43 aug  1 10:47 a. Txtdrwxr-xr-x. 2 root root  4096 jul 22 12:51 desktopdrwxr-xr-x.  2 ROOT ROOT  4096 JUL 20 21:24 DOCUMENTSDRWXR-XR-X. 2  Root root  4096 jul 20 21:24 downloads-rw-r--r--.  1 ROOT  Root     0 jul 28 10:18 f[a-z]-rw-r--r--.  1 ROOT  Root     0 jul 28 10:18 f{a-z}-rw-r--r--.  1 root root     0 jul 28 10:18  f[a-z]-rw-r--r--.  1 root root 55348 jul 20 17:24 install. Log-rw-r--r--.  1 ROOT ROOT 10608 JUL 20 17:20  INSTALL. log.syslogdrwxr-xr-x. 2 root root  4096 jul 20 21:24  musicdrwxr-xr-x. 2 root root  4096 jul 20 21:24  picturesdrwxr-xr-x. 2 root root  4096 jul 20 21:24  publicdrwxr-xr-x. 2 root root  4096 jul 20 21:24  templatesdrwxr-xr-x. 2 root root  4096 jul 20 21:24  videosdrwxr-xr-x. 9 root root  4096 oct 19  2015  Vmware-tools-distrib

Tee commands, often used with pipes

Name       tee - read from standard input and  write to standard output and files            #  is used to output standard input to standard output and can be saved as a file synopsis       tee  [option]... [file] ... Description       copy standard input to each file ,  and also to standard output.       -a, -- append              append to  the given files, do not overwrite               #  attaches to the specified file and does not overwrite        -i, -- Ignore-interrupts              ignore interrupt signals               #  Ignore interrupt signal        --help display this help  and exit              #  Show Help and Exit        --version               output version information and exit               #  display version information and exit         if a file is -, copy again to standard output.        #  If the file type is a file, copy the file file to standard output.

$ Command 1 | Tee File name | Command 2

Save the standard output of command 1 in the file name, and then pipe input to command 2

Use:

Save output at different stages

Troubleshooting Complex Pipelines

View and record output at the same time

User Management

What is a user? User Resource Acquisition identifier, resource allocation, one of the core elements of the security permissions model

No use for users, can you? The answer is yes.

Linux User categories:

Administrator uid:root,0

System User uid:1-499 (CentOS 6), 1-1000 (CentOS 7)

Login User uid:500+ (CentOS 6), 1000+ (CentOS 7)

User Group Category:

Administrators group gid:root,0

System Group gid:1-499 (CentOS 6), 1-1000 (CentOS 7)

Common Group gid:500+ (CentOS 6), 1000+ (CentOS 7)

Categories of Linux groups:

Primary group of users (primary group, owner):

The user must belong to one and only one primary group

The group name is the same as the user name and contains only one user: private group

Additional groups for users (secondary groups, genera groups):

A user can belong to 0 or more secondary groups

CentOS6 and 7 have different default UID and GID, this is due to the default value in the/etc/login.defs file

CentOS 6 UID and GID default values

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/85/51/wKiom1egC9bSuxIAAAAkwAzZhvU369.png "style=" float: none; "title=" 9.png "alt=" Wkiom1egc9bsuxiaaaakwazzhvu369.png "/>

CentOS 7 UID and GID default values

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/85/51/wKioL1egC9bAeHcFAABGjOhu7ec016.png "style=" float: none; "title=" 9.2.png "alt=" Wkiol1egc9baehcfaabgjohu7ec016.png "/>

Primary configuration files for Linux users and groups

/ETC/PASSWD: User and its attribute information (name, UID, primary group ID, etc.)

There are a total of 7 items in the document, including

# [[Email protected] ~]# cat/etc/passwd# root (username): x (password): 0 (UID): 0 (GID): root (Note):/root (home directory):/bin/bash (default shell)

If the UID of the ordinary user is changed to 0, the ordinary user will become the Administrator account, because in the Linux system, to identify the administrator is the administrator, is to see the user's UID number, 0 is the administrator, in the production environment, may be the administrator root of the account to be changed to another name, This is done to prevent hackers from attacking the root account to hack.

/etc/group: Group and its attribute information

# [[Email protected] ~]# cat/etc/group# root (primary Group): X (group password): 0 (GID): Gentoo (additional group user list)

/etc/shadow: User passwords and their associated properties

# [[Email protected] ~]# cat/etc/shadow# root (username): $6$ (encryption method) JYARRUD3 (random number, commonly known as salt) $ 6ABKTJO7BD7HQAMNK.XX6YO7TJ3OOJ9TECCLQL5KCZ18TVT7ERKXPV212SST32SFMEMS0WEGJSNHS0MIKTLKD0 (user password): 17008 (the date the password was last changed, Starting January 1, 1970): 0 (password can be changed in a few days): 99999 (password Expires): 7 (password expires before the reminder time): (password expires days after the account will be locked): (from January 1, 1970, how many days after the account expires): (Reserved)

The user who set the password above shows the

Now let's create a new user and see

[Email protected] ~]# useradd wan[[email protected] ~]# tail-1/etc/shadowwan:!! : 17015:0:99999:7:::

We will see the account password there are two!!, which means that the account is locked, no password to allow the user to log in, if there is a password, but there is still an exclamation mark, also means that the account is locked, do not unlock the user will not be able to login. If there is no exclamation mark, the user can directly log in without the password. However, this feature can only be implemented in CentOS 5 and older versions, and for security reasons, this issue has been fixed since CentOS 6.

/etc/gshadow: group password and its related properties

# cat/etc/gshadow# root/(Primary Group): (Group password): (Group Administrator list): Gentoo (user list for additional groups)

Note: For security reasons, now generally do not have a group password, direct administrator assignment, because when other users know the group password, you can join the group, it is not safe to appear.

User and Group Management commands

User Management commands

useradd [Options] LOGIN Add user

-u uid: Specify UID

-O with the-u option, without checking UID uniqueness,

-G GID: Specifies the GID, which is the user's primary group, but the GID must exist beforehand

-G GID: Specifies the user's extra group, but the GID must exist beforehand

-N Do not create private group master group, use the Users group master Group

-D Directory: Specify home directory

-M force the user to create a home directory when creating a user

-M creates a user, but does not create a home directory

-C Remarks: Comments

-S Shell: Specifies the default shell, which should be specified using the shell that appears in the/etc/shells file

-R Create System user features: CentOS 6:id<500,centos 7:id<1000 default shell is/sbin/nologin

-D display or change the default setting (default setting:/etc/default/useradd file) (This command is equivalent to cat/e tc/default/useradd)

[Email protected] ~]# Useradd-dgroup=100home=/homeinactive=-1expire=shell=/bin/bashskel=/etc/skelcreate_mail_ Spool=yes

This command, you can view the default values when creating a user

For example, change other user's default home directory and default shell and so on and so on the parameter is in here face

/etc/skel home directory files from the source, in this folder to create a new file, the creation of the user will be created with the specified new files

/etc/login.defs files that are created by default settings such as some users and groups

usermod [Options] LOGIN to modify the specified user (similar to the Useradd command using the method)

-U uid changes the UID of the user

-G gid change user's GID

-G Additional group, configure-A to append a new group, otherwise overwrite

-S shell changes the user's default shell

-C Comment

-D home, with-m simultaneously with mobile home directory data

-M mobile home directory data, with-D simultaneous

-L new name, rename the user

-e Specifies the expiration date yyyy-mm-dd

-F Set Inactivity period

-l lock specified user, add in/etc/shadow! (with the explanations of the above/etc/shadow)

-U unlocks the user and takes out the/etc/shadow inside! (with the explanation of the above/etc/shadow)

Userdel [options] LOGIN to delete a specified user

-R is deleted along with home directory and mailbox

User Group Management commands

Groupadd [Options] group add a specified group

-G: Specify the user's GID

Groupmod [Options] group modify a specified group

-G: Modify the group's GID

-N: Modifying group names for groups

Groupdel [Options] group delete a specified group

Groupmems-a User_name | -D user_name | [-G group_name] | -L | -P (This command is only possible with CentOS 7)

-L-G user name: see which users belong to this group under the specified user name group

-A to increase the group-G User: Add additional groups

Switch users or execute commands as other users

How to switch users:

Su UserName: Non-logon switch, that is, does not read the target user's profile, does not change the current working directory

Su-username: Login switch, will read the target user's profile, switch to home directory, completely switch

Root Su to other users no password required, non-root user need password to switch

To change the identity of the execution command:

Su [-] username-c ' COMMAND '

Option:-L--login:

Su-l UserName equivalent to Su-username

View user-related ID information

ID [OPTION] ... [USER]

-U: View uid of user

-G: View the user's GID

-G: View the user's groups

-N: View the user's name

Getent Passwd,shadow,gourp,gshadow Username/groupname

Directly view the contents of the Passwd,shadow,gourp,gshadow file within the specified user/group

Summary of OTHER commands:

CHSH: Modifying the default shell

CHFN: Modify User comments

VIPW: Use vim to edit passwd files

VIGR: Use Vim to edit group files

Pwconv:pwconv command to open the user's projection password

Pwunconv:pwconv command to turn off the user's projection password

The user and group passwords in the Linux system are stored in files named passwd and group, and these two files are located in the/etc directory. As the system works, anyone can read them, creating a security flaw. The projection password changes the password inside the file into the shadow and Gshadow files in the/etc directory, only allows the System Manager to read, and replaces the original password with the "X" character, which effectively strengthens the security of the system.

OpenSSL Rand base64 10 randomly generated 10-digit

Bulk add users and change passwords

NewUsers file (formatted file) bulk add the format of the user file format/etc/passwd files Root:x:0:0::/root:/bin/bash

Ex. NewUsers User.txt

CHPASSWD file (formatted files) bulk Change Password Username:password

Ex. Cat P.txt |CHPASSWD

Note that following the steps above to add users and passwords in bulk, the user's home directory is not configured, this time we need to manually copy the configuration inside their home directory

/etc/skel This file is about the variable file inside the user's initial configuration.

Cp-r/etc/skel/. [^.] */home/username

This article is from the "~ Breeze ~" blog, please be sure to keep this source http://wanweifeng.blog.51cto.com/1957995/1833672

8.1_linux use and user management of pipelines