Basic knowledge of Linux system (ii) User management operations and file operation supplement based on Linux system

1, (think) the system why to have users

1.1 Users
?? The lowest-level security settings in the system, and reclaim (limit) rights.
1.2 Groups
?? Share rights. Divided into the following two kinds:
?? (1) Additional groups: groups determined by the user (not necessarily all users);
?? (2) Initial group: Groups that the user cannot decide for themselves (each user has).

2, the user in the system of the existence of the form

?? Data in the system + configuration files in the System (table + table called configuration file)

3. User Configuration file

3.1 User information file (/etc/passwd)
?? User information file command:?/etc/passwd
?? Composition:? User name: Password: User id: Group ID: User description: User home directory: The shell that the user uses by default

3.2 User group information (/etc/group)
?? User group Information command:?/etc/group
?? Composition:? Group: Group password: Group ID: Additional Group member

3.3 User home directory (/home/username)
?? User home directory:?/home/username

3.4 User bone Files (user environment configuration,/etc/skel.*)
?? User bone file (user environment configuration):?/etc/skel.*

4, the user's view

?? WHOAMI:? View the name of the current user.

?? Id?username:? View the user's ID information.

?? Id?-u?username:? View uid information for the user.

?? Id?-g?username:? View the user's GID (group ID) information.

?? Id?-g?username:? View ID information for all groups where the user resides.

?? Id?-n?username:? Displays information by name.

?? Id?-un?username:? Displays the user name corresponding to the ID.

5. Establishment and deletion of user/group

5.1 User Delete
(1) Userdel?username: Delete user identity, its profile is not deleted.

(2) Userdel?-r?username: Delete user identities and their configuration files.

5.2 User Establishment
(1) Useradd?username:? Using default rules to establish a user (rule view etc/login.defs)

(2) Useradd?-u?uid username:? Specifies the UID of the user.

(3) Useradd?-g?gid username:? Specifies the initial group ID of the user.

(4) useradd?-g? Additional Group ID Username:? Specify additional groups for the user.

(5) useradd?-c? " Description text "Username:?" Specifies the user's descriptive text.

(6) Useradd?-s?shell username:? The shell of the specified user (the shell that the user can use is viewable in/etc/shells).

(7) useradd?-d directory username:? Specify the user's home directory.

5.3 Establishment and deletion of groups
(1) Groupadd?groupname: Create a group.

(2) Groupadd?-g?groupname: Create a group and specify the group ID.

(3) Groupdel?groupname: Delete Group.

5.4 Viewing the Create and delete commands for users and groups
?? Watch?-n?1? ' Tail?-n?4?/etc/passwd?/etc/group;ls? -1?/home '

6. User Management

(1) Usermod?-l?newusername?oldusername: Modify the user name.

(2) Usermod?-u?uid?username: Modify user uid.

(3) Usermod?-g?gid?username: Modify user gid (initial group ID).

(4) usermod?-g? Additional group Id?username:? Change additional groups (replace the original additional groups).

(5) Usermod?-g? " "? Username:? Clear all additional groups.

(6) Usermod?-ag? Additional group Id?username:? Add additional groups.

(7) usermod?-c description text? Username: Modify the user's description text.

(8) usermod?-c? " "? Username:" Clear the explanatory text.

(9) usermod?-d directory? Username: Change the user home directory to point to.

USERMOD?-MD directory? Username: Change the user home directory to point and rename the home directory.

(one) Usermod?-s?newshell?username: Change the user shell.

(12) View the User Management status command
?? Watch?-n?1? ' Tail?-n?4?/etc/passwd?/etc/group;ls? -1?/home '

7. User Switching

7.1 Commands
?? Su?-? username:? Switch user. If an advanced user switches to a low-level user, no password is required, and if a low-level user switches to an advanced or peer user, the latter password is needed.
?? Super user switch to normal User:

?? Normal user switch to Super User:

7.2 Precautions (important)
(1) When the user switches, you need to exit and switch to the next user.
(2) "su?-" means to switch user identity and user environment. If you remove the "-" can only switch user identity, but not switch user environment.

8, the user's authentication information

8.1/etc/shadow
?? User authentication information.
8.2 Composition of user authentication information
?? User name: User password: Password last modified: password minimum validity: Password expiry: password expiration warning: Password inactive period: Account expiry date: no user Defined
?? General User Bighead Certification information:

?? Authentication information for Superuser root:

(1) The last time the password was modified
?? When this digit is 0 o'clock, the user is forced to change the password the first time they log on to the system.
?? For example: Set the last modified time to 8 and 0, respectively, with two commands:
?? Chage?-d?8?username

?? Passwd?-e?username

(2) Password change command
?? Passwd?username: Only the Super user can change the password command (the superuser can change their own password, or modify the normal user password)
?? Super user to modify their own password:

?? Super user changes the password of the ordinary user:

?? passwd: Ordinary users modify their own passwords.

(3) Freezing and unlocking of user accounts
?? Usermod?-l?username?: Frozen Account

?? Usermod?-u?username?: Unlocking

?? Passwd?-l?username?: Frozen Account

?? Passwd?-u?username?: Unlocking

?? In the two ways of freezing accounts and unlocking, the passwd mode freezes and unlocks stronger than the Usermod mode.
(4) Minimum password period
?? For example, the two commands have a minimum password validity of 1 and 3, respectively:
?? Chage?-m?1?username

?? Passwd?-n?3?username

(5) Maximum password period
?? For example, the two commands are set to a maximum of 30 and 40 for each password:
?? Chage?-m?30?username

?? Passwd?-x?40?username

(6) Maximum password period
?? May exceed the specified time limit.
?? For example, the two commands set the password inactive period to 2 and 0 respectively:
?? Chage?-i?2?username

?? Passwd?-i?0?username

(7) Password expiration warning
?? How long before the password expires to warn the user.
?? For example, the two commands set the password expiration warning to 2 and 0, respectively:
?? Chage?-w?2?username

?? Passwd?-w?0?username

(8) Account expiry date
?? When the account expires.
?? For example: Set account expiry date is December 12, 2018:
?? Chage?-e? " 2018-12-12 "? username

(9) Clear password
?? Passwd?-d?username

(10) View user authentication information Change command
?? Watch?-n?1? ' Tail?/etc/shadow '

9. User decentralization

9.1 Configuration Files
?? /etc/sudoers
9.2 Configuration Commands
?? Visudo (This command provides syntax checking)
?? Given the power of a superuser, there are two ways to do this:
(1) Command mode that requires normal user authentication:
?? User name? hostname = (Execute program identity)? command
?? For example, giving ordinary users bighead the right to increase users and delete users:

?? Right test:
Add Users:

To delete a user:

(2) Command mode that does not require an ordinary user to authenticate:
?? User name? hostname = (Execute program identity)? NOPASSWD: Command
?? For example, giving ordinary users bighead the right to increase users and delete users:

9.3 Delegation of authority Test order
?? First switch the superuser to the normal User:? su?-? User name
?? Next test rights, such as testing the right to add a user:? sudo?useradd?username

10. (supplemental) file operation under Linux system

10.1 Display file information (LS)
(1) LS
?? Displays all non-hidden files and directories in the current directory.

(2) Ls?-l
?? Display directory (or file) information/properties as a long list (output information includes file name, type of permission, number of hard connections, owner, group, file size, last modified time of file, etc.)

(3) Ls?-a
?? Show all files, including hidden files (with "." (Beginning of)

(4) Ls?-s
?? Show file Size

(5) Ls?-s
?? Sort by file size

(7) ls?-d
?? Displays the file directory (displays the filename or directory name, does not display the contents of the directory)

(8) Ls?-s?-ld
?? Show directory itself properties

(9) Ls?-r
?? Recursive display

(Ten) Ls?-da? *
?? Show hidden files

10.2 Wildcard Characters
(1) *
?? Matches any character 0~ (except hidden files).
?? LS?/ECT/*.CONF displays all files ending with. conf in the ETC directory (except hidden files):

(2)?
?? Match a single character
?? For example: Ls?fil?: Displays all file names that begin with fi in the current directory, followed by a single character (except hidden files).

(3) [[: Alpha:]]
?? Single letter
?? For example: Ls?fi[[:alpha:]]le: Displays all the file names (except hidden files) that start with fi in the current directory, with a single letter in the middle, and the following Le.

(4) [[: Upper:]]
?? Single uppercase
?? For example: Ls?fi[[:upper:]]le: Displays all the file names starting with Fi in the current directory, with the middle being a single uppercase letter, followed by Le (except for hidden files)

(5) [[: Lower:]]
?? Single lowercase Letter
?? For example: Ls?fi[[:lower:]]le: Displays all the file names (except hidden files) that start with fi in the current directory, with the middle being a single lowercase letter, and the following Le.

(6) [[:d Igit:]]
?? Single digit
?? For example: ls?fi[[:d igit:]]le: Displays all the file names starting with Fi in the current directory, with a single number in the middle and the name of Le after (except for hidden files)

(7) [[: Alnum:]]
?? Single digit or letter
?? For example: Ls?fi[[:alnum:]]le: Displays the name of all the files in the current directory starting with FI, the middle is a single letter or number, followed by Le (except hidden files)

(8) [[: Space:]]
?? Single space
?? For example: Ls?fi[[:space:]]le: Displays all the files in the current directory starting with Fi, with a single space in the middle, and the name of the file after Le (except for hidden files)

(9) [[:p UNCT:]]
?? Single symbol
?? For example: ls?fi[[:p unct:]]le: Displays all the file names starting with Fi in the current directory, with a single symbol in the middle, and the name of Le after (except for hidden files)

(10) {}
?? Exact match. For example: {1..3} represents 1 and 2 and 3.
(11) []
?? Fuzzy matching. For example: [1-3] means 1 or 2 or 3.
(12) ^/!
?? Non -. For example: [^ac] or [!AC] both represent non-A and non-C (except A and C).
[[: Alpha:][:p UNCT:]]
?? Symbols or letters
?? For example: ls?fi[[:alpha:][:p unct:]]le: Displays the name of the file in the current directory that starts with FI, in the middle as a single symbol or letter, followed by Le (except for hidden files)

(14) [! [: Alpha:] [:p UNCT:]]
?? In addition to symbols or letters
?? Example: ls?fi[! [: Alpha:] [:p UNCT:]] Le: Displays the name of the file in the current directory that starts with FI, except for a single symbol or letter, followed by Le (except for hidden files)

11, Linux Small Knowledge supplement

11.1 Meta Data
(1) What is meta data
?? The data in any file system is divided into data and meta data. Data refers to the actual data in a normal file, and metadata refers to system data that describes the characteristics of a file, such as access rights, file owners, and distribution information for file data blocks (Inode ...). Wait a minute. In a clustered file system, distribution information includes the location of the file on disk and the location of the disk in the cluster. The user needs to manipulate a file must first get its metadata to navigate to the location of the file and get the contents of the file or related properties.
(2) Meta-data management method
?? There are two ways of managing metadata. Centralized management and distributed management. Centralized management means that there is a node in the System specialized division metadata management, all metadata is stored on the node's storage device. Before all client requests for a file, the metadata must be requested for that Meta Data Manager. Distributed management means that the metadata is stored in any node of the system and can be migrated dynamically. The responsibility for metadata management is also distributed across different nodes. Most clustered file systems use centralized metadata management. Because centralized management is simple and easy to maintain, it can provide more satisfying performance in certain operation frequency. The disadvantage is a single failure point problem, if the server fails, the entire system will not work properly. Moreover, when the operation of metadata is too frequent, centralized meta-data management becomes the bottleneck of the whole system performance.
?? The benefit of distributed metadata management is that it solves a single point of failure for centralized management, and performance does not bottleneck with frequent operations. The disadvantage is that the implementation of complex, consistent maintenance complex, has a certain impact on performance.
11.2 Force End Process
?? Kill?-q? Process number
11.3 Search Keywords
?? /-Keywords
?? For example, search for keyword u:?/-u
11.4 Properties
?? The default directory in the system

Basic knowledge of Linux system (ii) User management operations and file operation supplement based on Linux system