RedHat Linux User management experience bit _unix Linux

RedHat Linux is one of the more popular versions of Linux distributions. This paper discusses the user management under Redhat Linux in combination with the author's experience. The author uses the Redhat 5.1 release, the core version of 2.2.11, if not specifically stated, the following operations are done under the root account.

To add disk quota limits for normal users and user groups

The Linux quota program allows you to specify the disk quotas that you can use for each user or group of users on your system. Currently, quota can only work on ext2 type file systems. The following two points need to be determined using quota:

1 the current system core support quota.

The 2 system has properly installed the quota package.

If your current system core does not support quota, please recompile your core when the system prompts:

Quota Support (Config-quota) [n]

Answer y to generate a new system core.

If there is no quota package, please download the quota source program and compile it at the following address.

Ftp://ftp.funet.fi/pub/Linux/PEOPLE/Linus/subsystems/quota/all.tar.gz

The core of the general Linux distribution includes the quota support and the quota package, which allows quota to work by simply installing the quota and setting it up.

Quota specific steps to set up:

1. Edit System initial script (Redhat is/etc/rc.d/rc.sysinit, other distributions may be different) let it check quota and activate quota.

# Check Quota and then turn quota on.

if [-x/usr/sbin/quotacheck]

Then

echo″checking quotas. This may take some Time.″

/usr/sbin/quotacheck-avug

Echo″done.″

Fi

if [-x/usr/sbin/quotaon]

Then

Echo″turning on Quota.″

/usr/sbin/quotaon-avug

Fi

The above statements are already included in the Redhat version 5.1/etc/rc.d/rc.sysinit file, please check your own system initial script file without adding. Note that it must be in/etc/fstab.

2. Edit/etc/fstab. Your/etc/fstab file may be like this:

/DEV/HDA1/EXT2 Defaults 1 1

/dev/hda2/home ext2 Defaults 1 1

Select the fourth field in the row where the user is located, and add quota support to the user, as follows:

/DEV/HDA1/EXT2 Defaults 1 1

/dev/hda2/home ext2 Defaults,usrquota 1 1

If you are adding quota support for a user group, you can replace Usrquota with Grpquota.

In the case of both, the two items can be written together as follows:

/DEV/HDA1/EXT2 Defaults 1 1

/dev/hda2/home ext2 Defaults,usrquota,grpquota 1 1

3. Establish quota record files Quota.user and Quota.group. Enter the root directory of the user's partition, as in the example above, to create the file by following the command: Cd/home

Touch Quota.user

Touch Quota.group

chmod Quota.user Quota.group

After completing the previous steps, restart the computer for the settings to take effect.

4. Set disk quota limits for users or groups of users. Suppose you have a user on your system that is Bob, and now want to give him a 10MB hard disk quota limit, the maximum number of files He has is no more than 100. To perform Edquota-u dquo, the system will enter the editing environment (depending on the editor variable setting), which will be the following three lines:

Quotas for user bob:

/dev/hda2:blocks in Use:14, limits (soft=0, Hard=0)

Inodes in Use:12, limits (soft=0, Hard=0)

To

Quotas for user bob:

/dev/hda2:blocks in Use:14, limits (soft=0, hard=10240)

Inodes in Use:12, limits (soft=0, hard=100)

which

Blocks in use: The user has used the size of the block, in kilobytes.

Inodes in use: The size of the user's existing file.

Both of these are automatically given by the system and do not need to be changed.

Soft limit (soft limits)

When a soft limit is usually set to a value that is close to a hard limit, the system warns the user that the maximum disk quota limit will be reached when the limit is exceeded. There is no soft limit when the soft limit is 0. When used in conjunction with grace period, any additional requirements for disk space will be immediately rejected as long as the user exceeds the soft limit and a grace period.

Hard limit (hard limits)

The absolute limit on disk quotas, and users who have set up quota cannot exceed this limit.

Grace period (Grace Period)

Grace is a period of relaxation when a user goes beyond a soft limit and does not reach a hard limit. During this time, users can freely use disk space within a hard limit, and over that time, all additional requirements for disk space will be denied, even if the user is still within a hard limit. The unit of grace period can be seconds, minutes, hours, days. Perform the EDQUOTA-T command to set a grace period. After you execute the command, change the two 0 days in the system prompt to the value you think is appropriate.

Sometimes you want to add the same limit to a group of users, for example, by adding the same limit to all 100 users on the system, by manually restricting Bob and then executing the following command:

Edquota-p bob′awk-f:′$3 > 499 {print $1}′/etc/passwd′

Setting a disk quota limit for a user group is similar to a common user, assuming a user group game, edquota-g game can be executed.

Controlling the user's logon location

File/etc/secruity/access.conf controls the user's logon location, and in order to use access.conf, you must include the following line in the file/etc/pam.d/login:

Account required/lib/security/pam-access.so

Format of access.conf file:

Permission:users:origins

which

Permission: Can be "+" or "-" to indicate permission or rejection.

User: Can be a username, user group name, and if all is all users.

Origins: Login Location. Local indicates that all locations, the console represents the console. In addition, origins can also be a network.

Adding except to the next two fields means "except". For example: Except for user wheel, shutdown, Sync, disable all console logins:

-:all EXCEPT wheel Shutdown sync:console

The login location of the root account is not controlled in the access.conf file, but is controlled by the/etc/securetty file.

Limit the size of messages that a user sends each time

The Linux system uses SendMail to send mail, the configuration file is/ETC/SENDMAIL.CF, and the TCP/IP protocol is used by default. Our Linux machines tend to have multiple users working at the same time, or simply use it as a mail server, at the same time, the system may have to send and receive a lot of mail, so it can not allow a user too much to occupy SendMail time. The SendMail default configuration has no limit on the size of each incoming or outgoing message, changes the profile/etc/sendmail.cf, finds O maxmessagesize, removes the # number from the beginning of the line, and changes the subsequent value to a suitable value in bytes. Such as:

O maxmessagesize = 1048576

The maximum number of messages per message is 1MB, and any messages exceeding this value will be rejected.