< training | Eighth day > Super Admin Manage Linux User behavior permissions attached to monitor host status

As an operations engineer, system administrator, your greatest power is to assign power to others, and you can always control them, today to introduce you about the management of the user this aspect of the all the way.

The eighth day of the classes:

Main Course Outline: (Below I will identify myself as a company's super Administrator)

2. Add yesterday about the automatic Mount Software warehouse operation
4. To the company's new children "brainwashing", at the same time assigned to the department
6. Force the new to change their user password
8. The new memory is not good, forget the password to the whole
10. Don't feel right to look at these days who have been secretly logged into my console
12. Find you, the terminal warning you, see you next time dare not
14. For obedient children, give you a "promotion raise", assigned to you my power
16. For the disobedient children, sorry, you have been expelled!

Detailed Explanation:

• Add yesterday about the automatic Mount Software warehouse operation

　　Yesterday we introduced the production of software warehouse, but the only trouble is that the boot will be mounted every day to install things, can let it boot automatically mount, yes!

We just need to modify the configuration file, two, vim/etc/rc.local or Vim/etc/fstab

① If you are a virtual machine user or a CD user, you can add the first in the Rc.local, the second in the Fstab, but any one, without adding two.

　　

　　

② If you are an ISO image as the repository, then you can add the first in the rc.local, fstab add a second, the same can be any.

　　

　　

• To the company's new children "brainwashing", at the same time assigned to the department　

company New people, we always show them some such as the company rules and regulations Ah, what, then we Linux management this aspect, how to create a new user, the default to add some Readme.txt files to the user's home directory? And then the user logs on, You will see these readme files. in fact, when we create a new user, the user's home directory is a number of hidden files, these hidden files are copied from a directory of the Super administrator, this directory is the/etv/skel directory, then we only need to add a Readme file in this directory, Every user you create will see this readme file. ①first open the Super Administrator's/etc/skel-a directory and create a new Readme.txt file in the directory. 　　② So we didn't create a user, there would be a Readme.txt file in his home directory. 　　

• Force the new to change their user password

　　For convenience, we give each newly created user to set the same password, so that there is a hidden trouble, others will log in to your users, your password changed how to do, so we are here to force the new user in the login when the first thing is to change the password, how to achieve?

① we only need to change the time in the password file to expire, so that once the login will change the password, Vim/etc/shadow, we just need to change 17010 to 0, 17010 is what, he represents from January 1, 1970 0:0 to now how many days. So when we signed in to Tom, the first thing was prompted to change the password.

　　

　　

② the second implementation of the method, directly run the command passwd-e Tom, you can set Tom's password to expire, so it must be modified.

• The new memory is not good, forget the password to the whole

　　There are always some people have poor memory, go out forget their own password, how to do, there are ways to find Super Administrator, yes I, I will help you change the password, a lot of ways, say two:

① directly execute passwd+ username, change password directly

②passwd-d user, remove the user password, the past reset it!

• Don't feel right to look at these days who have been secretly logged into my console

　　The company's new people are very naughty, think they have two, on the brute force hack my password, log on to my host, then as a super administrator, how to check who logged in to my host it?

①last View last system boot and user logon information

②lastlog View last User login information

③lastb viewing a user who has failed to log on to my host

　　

• Find you, the terminal warning you, see you next time dare not

　　Some new people like to use sudo to improve their power, but as a super administrator how can I let you casually use, even if you use, I can find out what you use sudo to do something bad, directly warn you.

①fdisk-l commands are generally only root to execute, so the average user through sudo?

　　

② no, as a system administrator, I can find out who used sudo by looking at the logs,

[Email protected]~ #vim/var/log/secure

Found, user life, what command to use, what to do, at what time, where the login, clear.

　　

③ so I can send you a message via write Libin PTS/2 to warn you.

　　

• For obedient children, give you a "promotion raise", assigned to you my power

　　Some children, very obedient, dare not, so I will give you a promotion salary, you are my successor, my root power to you. Execute Visudo directly and add a line so that your power is root.

　　

• For the disobedient children, sorry, you have been expelled!

① Delete

② changed his login shell to a shell,chsh-s/sbin/nologin libin that could not be logged in, and his original shell was/bin/bash, now changed to/sbin/nologin

　　

③ lock you, passwd-l libin lock user, passwd-u libin unlock user

　　

Summarize:

Today is mainly about user management, in the company is still used more, maybe I talked about some of the wrong place, I hope that we have a lot of criticism.

Blog Park: Love family love wife of it male

QQ Group:145252709, I will upload resources, and there will be many great gods to discuss with you to learn to share

Public Number: program Ape's Wild Banana "get the tools that appear in the article"

< training | Eighth day > Super Admin Manage Linux User behavior permissions attached to monitor host status