File types and user management for Linux

Source: Internet
Author: User
Tags aliases clear screen echo command md5 stdin line editor

File types for Linux
-,f: Normal file
D: Directory file, Path mapping
L: Link file (symbolic link) soft Connect
Device files:
C: Character device, one-time access to a character
B: Block device
P: Pipeline File
Fi,fo
S: Socket file, socket

    文件系统:    格式化:创建文件系统

Linux file timestamp
Access time:
Modification Time: Write data
Change time: Time of metadata change
LS: Use default to select the current directory
-A: Show all files, including hidden files
-A: not realistic. and. Common generic paths
--color: Display Color
-L: Long format display
File type permissions hard-link number belongs to the primary group last modified time file name, original file
-rw-r--r--. 1 root root 1612 may 04:30/etc/passwd
-D: Displays the properties of the directory itself, usually in conjunction with-l
-r: Enables reverse display
-R: Recursive display
-i:inode, index node
-H: File size is displayed in human readable format
Tree: Displays the table of contents in trees, to be installed on its own
Name resolution: Name Resolving
Feature four of the Bash Shell: command aliases
Clear: Clear Screen
Alias: Displays all aliases defined in the current shell;
Any attributes that occur with the process will end in the process and the property disappears
~]# alias alias= ' COMMAND [options] [arguments]
Unalias Alias--de-defined alias
Add \ Use the command itself before the command, not the alias
Commands to view only plain text files
File File: : View the format of a file's contents
Cat: Connect text to display on standard output
-E,--show-ends displays end-of-line terminator $
-E: Equals-ve
-V: Show nonprinting characters
-N: Show each line sequentially numbered
-S: Merge multiple contiguous blank rows to display a blank line
TAC: Displaying files in reverse order
Split screen Display
MORE: Support backward only (exit after file tail)
Less: Supports front and rear rollover
Head
-N #: Show Front # lines
Tail
-N # display after # line
-F: Display append data in real-time when the file data is growing output appended the grows;
Use of the echo command:
-e: Enables escape character enable interpretation of backslash escapes
? \b: Delete the preceding character
? \ t: Tab
? \v: Vertical tab
? \ n: Line break
? \0NNN (): Octal value byte with octal value NNN
o Start \033[##;##; #mString
? First #:3 front view
? The first #:4 background color after a semicolon
? Second #: Color (1-7)
? Semicolon-separated plus a second set of control colors
? ps1= "\033[34;42m[\[email protected]\h \w]\033[0m\$"
O End \033[0m
-N: Turn off the Wrap line feature
Bash feature five: globbing, file name wildcard
Wildcard characters:
*: matches any character of any length
?: matches any single character
[]: matches any single character within the specified range of characters, not case-sensitive
[[: Upper:]]: Uppercase
[[: Lower:]]: lowercase letters
[[: Alpha:]]: All letters [A-z]
[[:d Igit:]]: All numbers
[[: Alnum:]]: Letters + numbers
[[: Blank:]]: Horizontal tab;
[[: Space:]]: horizontal and vertical whitespace characters; space, tab, enter
[[:p UNCT:]]: punctuation; special characters
[^string]: matches any single character outside the specified range of characters
Command summary: Cat, TAC, LS, more,less, tail, head, echo, tree

File operation: TOUCH,CP,MV,RM
CP copy
CP SRC DEST
If SRC is a file:
If the target is a file and the target exists: Overwrite
If the destination file does not exist: Create a new file
if the target exists , and is a directory: Copy the source to the destination directory and keep the original
CP SRC ... DEST
If SRC has multiple files:
If the target exists and is a file: replication cannot proceed
if the target exists and is a directory: Copy the files to the destination directory and keep the original original
if the target does not exist: replication cannot proceed
If SRC has only one and directory: use-R to recursively copy the source directory to the target directory
If the destination is a file and the destination exists: failed
If the destination file does not exist: Create a new directory
if the target exists and is a directory: Copy the source directory to the destination directory and keep the original one
Common options for the CP command:
-r: Recursive
-I: prompt, interactive
-f: Force overwrite
-a:same as-dr--preserve=all Keep all file information
-D: When the source is a connection file, copy the linked file itself, Instead of pointing to the source file
-P: Keep the original property
-u: only overwrite the source than the target file New file
--backup-numbered: Before overwriting, rename the old file to the file name. ~ Numbers ~
MV: Move, cut, close to CP
You can move the directory directly, without the-r option
RM: Remove, delete the non-empty directory RM-RF
Touch: Used to modify the timestamp, create an empty file
-C: Do not create an empty file, only modify the timestamp
-T: Specify timestamp
-A: Modify access time only
-M: Modify only the modified time
-M, at the Add-T followed by time
Access Atime
Modify times Mtime
Change times ctime
Stat: Display file source data information, details
~]# stat FILE
Linux editor
Line editor: sed
Full screen editor: Nano,vi,vim

User and Rights Management:
? What is a user?
? No use of user, can Yes
? User: Resource acquisition identifier, resource allocation, one of the core elements of the security permissions model
? Password: To implement the user authentication
? Linux is a multi-user operating system
? Repository: User Password
? Name resolution: User IDentifier UID
? Containers: containers that can accommodate many users, assign permissions: Groups, roles (role)
? Team Name: Group IDentifier GID
? Parse: Find the corresponding entry in the database by search code and find the process that corresponds to the additional data
The database has the following content
? Text file:
? SQL database
? LDAP database

Linux User Categories
Admin: 0
Normal Users: 1-65535
System User: 1-499 (CENTOS6), 1-999 (CENTOS7)
Access to resources for the daemon to assign permissions;
Login User: CENTOS6, 1000+ (CENTOS7)
Interactive login;

Linux User groups
Administrators group: root,0
Normal Group:
System Group: 1-499 (CENTOS6), 1-999 (CENTOS7)
General group: CENTOS6, 1000+ (CENTOS7)

Linux Security Context:
Running programs: Processes (process)
Run as the initiator of the process;
Root:cat
Tom:cat
Permissions on all resources that a process can access, depending on the identity of the initiator of the process
The running process has its owner and owner group, depending on the group and owner of the process

The category of the Linux group;

    1. Basic group: Displays the GID field in/etc/passwd, the base group for the user, the primary group
      The group name is the same as the user name and contains only one user: private group
    2. Additional groups: additional groups;/etc/group

Summary of Commands
Useradd,usedel,groupadd,passwd,gpasswd,chsh,chfn,usermod,getent,groupmod,groupdel,chage,id,who, Whoami,su
File Summary
/etc/passwd: User Information
/etc/group: Group name: Password placeholder: GID: User list (additional group)
/etc/skel: Default copy file Address
/etc/ Default/useradd: Configuration file, creating user

by default value

Create User Useradd<-->adduser
Useradd UserName
-u uid: Specify UID
-G GID: Specifies the GID, which is the user's basic group, but the GID must exist beforehand
-G GID: Specifies the user's extra group, but the GID must exist beforehand
-D DIR: Specifies the home directory location, if the creation of the system user is used with-m, requires the system user in the specified directory does not exist in the directory with the same name, if the same name does not copy the contents of/etc/skel/to the specified home directory;
-C Note: remarks
-s/bin/shell: Specifies the default shell, which should be specified using the shell that appears in the/etc/shells file
-M: Forces the user to create a home directory when creating a user
-M: When creating a user, but not creating a home directory
-r: Create a System user
Centos 6:id<500
Centos 7:id<1000
Features: ID 1-499 does not create a home directory for users, the default shell is/sbin/nologin (self-setting-s/sbin/nologin)
Default setting: In the/etc/default/useradd file
-d-options arguments
[[email protected] ~]# useradd-d-e 999 modify default expiration time
[[email protected] ~]# useradd-d View default values
group=100
Home=/home
Inactive=-1
expire=999
Shell=/bin/bash
Skel=/etc/skel
Create_mail_spool=yes
Adding user Exercises

userdel UserName        --删除用户,默认会保留家目录    -r:同时删除家目录groupadd GroupName    -g GID:创建组,并为其指定GID    -r:创建系统组            Centos 6:ID<500            Centos 7:ID<1000     

Linux User and group-related configuration files
/ETC/PASSWD: User and its attribute information (name, UID, base group ID, etc.)
Name:password:UID:GID:GECOS:directory:shell
User name: Password placeholder: uid:guid (Basic group ID): User notes information (multiple, separated): Home directory: Default Shell
/etc/group: Attribute information for a group
Group_name:passwd:GID:user_list
Group name: group Password placeholder: GID: List of users with the current group as additional groups (comma delimiter)
Group passwords are used when a user completes a basic group switch
/etc/shadow:
Username: encrypted password: Last password change time (distance from 1970-1-1): Password minimum Age: Maximum password Age: Password warning time period: password Disable period (login will change password): Account expiration Date: Reserved field

/etc/shells:当前系统的安全shell列表加密机制:    加密:明文--> 密文    解密:密文--> 明文       对称加密:如果加密、解密使用相同的密码称之为对称加密    DES,3DES,AES    非对称加密:DSA,RSA    单向加密:提取数据指纹        MD5:message digest,128bits;信息摘要 128bit定长输出16个字符        SHA1:160bits;secure hash algorithm 安全的哈希算法         SHA224:224bits        SHA256:256bits        SHA384:384bits        SHA512:512bits        CRC32:循环冗余校验码        雪崩效应:初始的条件的微小改变,将会引起结果的巨大改变;        定长输出,不可逆    密码数据库:/etc/shadow~]# useradd tom~]# useradd jerry~]# echo "redhat" | passwd --stdin tom    --生产密码时加入杂质,防止密码一样~]# echo "redhat" | passwd --stdin jerry

$6$e5f7ssvvlcp8oq.r$dd0oquowqrslogbod12vthvlagrs8eex4umoluv3op5u4s3pt0xekrgpixnl9m8bphzbq6dpxavqao7yj0txo
$ crypto $ impurity $ garbled $: delimiter, 6:SHA512,1:MD5

密码的复杂性安全性策略
  1. Use at least three of the numbers, uppercase letters, small letters, and special characters
  2. Complex enough, long enough, cross
  3. Try to avoid using easy-to-guess passwords and use random passwords;
  4. change regularly; Do not use passwords that have been used recently;

    Group: User containers, role/etc/group
    Password:/etc/gshadow
    Groupname:encrypted password:administraters:menbers
    Set User password
    Normal User: passwd
    Administrator
    ? Change your password: passwd
    ? Change other user password: passwd UserName
    -L: Lock user user password before adding an exclamation point!!
    -U: Unlocking
    -E: Force user to change password at next logon
    ? echo "Hello" | passwd--stdin UserName set a password for UserName

    GPASSWD GroupName--setting group password
    User Property Modification
    CHSH: Modifying the default shell
    CHFN: Modify User comments
    Usermod: Similar to useradd command use method
    -U UID
    -G GID
    -G GID: Default overrides existing additional groups, if added, you can use the-a option at the same time
    -C COMMENT
    -D new Home does not migrate the user's home directory by default, if you want to migrate, use the-M option
    -M,--move-home
    -S SHELL
    -L new_login_name Modify user login name
    -E Expiration period
    -F Inactivity Period
    -L Lock user account
    -U unlock

    Getent passwd UserName View information for a specified user in passwd

    Groupmod: Modifying a group Property definition
    -G GID
    -N New group modify user's genus
    Groupdel
    GPASSWD root can be used, ordinary user group administrators can use
    -A,--add user add user to GROUP
    -D,--delete user remove user from GROUP
    -Q,--root Chroot_dir directory to CHROOT into
    -R,--delete-password remove the GROUP ' s password
    -R,--restrict restrict access to GROUP to it members
    -M,--members USER,... Set the list of members of GROUP
    -A,--administrators ADMIN,... Set the list of administrators for GROUP

    Chage: Modifying a user's Date property
    -e: Number of days from 1970-1-1, after this time, account is not accessible
    -I: Set active days
    -M: Change Password minimum usage time
    -M: Change Password maximum usage time
    -W: Warning time
    To view information about a user:
    Id
    -N Display Name
    -U display UID
    -G display Base Group ID
    -G Show all group IDs
    WHO displays the currently logged on user
    WHOAMI Displays the current terminal logon user
    Su swith user to switch users or execute commands as other users
    Su [Options ...] [-] [user [args ...]]
    How to switch users:
    Su UserName: Non-login switch, that is, the target user's configuration file will not be read;
    Su-username: Login switch, will read the target user's configuration file; switch completely;
    Root Su to other users need not password, non-root user switch requires a password;
    To change the identity of the execution command:
    -C do not switch user, execute command directly
    Su [-] username-c ' Commad '
    -L Login Switch
    "Su-l UserName" equivalent to "Su-username"

File types and user management for Linux

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.