Introduction to Linux System Management (1)

Each Linux system has at least one person responsible for system maintenance and operations, which is the system administrator. PC users can have multiple roles as both users and system administrators. The role of the system administrator is to ensure that the system operates smoothly and executes various tasks that require special privileges. Specifically, the system administrator should do the following:

Set up the entire computer system, including hardware and software, such as installing hardware devices, installing operating systems and software packages, and creating accounts for users.

Make appropriate copies of regular files in the backup system) and recovery as needed.

Handle problems due to limited computer resources, such as disk space and number of processes.

Eliminate system communication network congestion caused by connection problems.

Upgrade and maintain the operating system.

Provides regular support for users.

Depending on the system size and number of users, the system management work can be much less, it can be a daily task at any time, or it may be a daily or even monthly maintenance work. If the system is small, the maintenance work can be carried out continuously. The system administrator must work conscientiously and responsibly. He has the privilege to control system operation. If he is careless, the system performance will be affected and even the system will crash.

User and workgroup Management

To access the Linux system, all new users must create an account in advance by the system administrator. User Accounts help system administrators record people who use the system and control their access to system resources. Account Management also helps organize user files and control other users' access to them. In this way, managing and maintaining user accounts, passwords, and permissions becomes an important part of the daily work of system administrators.

User Account

When using Linux, you must ensure that you are a legal user authorized by the system. Managing User Accounts, passwords, and access permissions is an important part of the daily work of the Linux system administrator.

In Unix/Linux systems, the concept of user accounts has a variety of meanings, the most important of which is based on identity authentication and security reasons. The system must differentiate the users who use machines. The account concept provides a way to differentiate users. In the system, each user has a personal account, and each account has a different user name and password. Users can set protection for their files to allow or restrict others' access to them.

In addition to an ordinary personal account, there must also be an advanced user who can manage the system. For example, the root account is the default account used by the system administrator to maintain the system. In addition, there are some special accounts in the system that cannot interact with people, such as bin and sync.

1. passwd file)

In Linux, users' key information is stored in the system's/etc/passwd file. Each valid user account of the system corresponds to a row of records in the file. This line of records defines the attributes of each user account. The following is an example of a passwd file (partial excerpt ):

Root: x: 0: 0: root:/bin/bash

Bin: x: 1: 1: bin:/sbin/nologin

Daemon: x: 2: 2: daemon:/sbin/nologin

......

Desktop: x: 80: 80: desktop:/var/lib/menu/kde:/sbin/nologin

Mengqc: x: 500: 500: mengqc:/home/mengqc:/bin/bash

In this file, the data segments of each row of user records are separated by ":", which defines various user attributes. The order and meaning of each field are as follows:

Registration Name: Password: User ID: Group ID: User name: User main directory: Command Interpreter

(1) Registration Name (login_name): used to distinguish different users. The registration name is unique in the same system. In many systems, this field is limited to 8 characters (letters or numbers). Note that letters are usually case sensitive in Linux. This is different from ms dos/Windows.

(2) passwd: The system uses a password to verify the validity of the user. Super User root or some advanced users can use the system command passwd to change the passwords of all users in the system. Common users can also use the passwd command to change their passwords after logging on to the system.

In current Unix/Linux systems, passwords are no longer directly stored in the passwd file. Generally, the password field in the passwd file is replaced by an "x, use/etc/shadow as a real password file to save data including personal passwords. Of course, shadow files cannot be read by common users. Only Super Users have the right to read them.

In addition, it should be noted that if the first character in the passwd field is "*", it means that the account is blocked and the system does not allow users with this account to log on.

(3) User ID (UID): UID is a numerical value and the only user ID in Linux system. It is used to distinguish different users. Use the UID field to manage processes and file protection in the system. In Linux, both the registration name and UID can be used to identify the user, but the UID is more important for the system. For users, the registration name is more convenient to use. For some specific purposes, there may be multiple users with different registration names but the same UID in the system. In fact, these users with different registration names are actually the same user.

(4) group ID: This is the default workgroup ID of the current user. Multiple users with similar attributes can be assigned to the same group. Each group has its own group name and is distinguished by its own group ID. Like UID, the user's group ID is also stored in the passwd file. In modern Unix/Linux, each user can belong to multiple groups at the same time. In addition to specifying the basic group in the passwd file, you can also specify a group of users in the/etc/group file.

(5) user_name: contains information about the user, such as the real name, office address, and contact number of the user. In Linux, mail, finger, and other programs use this information to identify the users of the system.

(6) user home directory (home_directory): this field defines the Home Directory of an individual user. After a user logs on, his Shell uses this directory as the working directory of the user. In Unix/Linux systems, the root working directory is/root, while other individual users have their own independent working environments under the/home directory, the system configures its own home directory for each user in this directory. Files of individual users are stored in their respective home directories.

(7) Shell: Shell is the name of a program that runs when you log on to the system. It is usually the full path name of a Shell program, such as/bin/bash.

After a user logs on, the program is started to receive user input and execute the corresponding commands. From the perspective of Linux core, Shell is an intermediate layer for users to communicate with the core. It is used to interpret the command strings entered by users as system calls or interrupt subroutines that the core can understand, at the same time, the core work results are interpreted as visualized output results that users can understand. Therefore, for users, Shell is called a command interpreter, while for the core, Shell is also called a Shell program.

Note that the system administrator usually does not need to directly modify the passwd file. Linux provides some account management tools to help the system administrator create and maintain user accounts.

2. shadow file

Currently, in most Unix/Linux systems, the/etc/shadow file is used to store the encrypted password information and password validity period information of the user account. The following example shows several records in the shadow file (corresponding to the above passwd file ):

Root: $1 $ Vfcp2rdI $ R0bDID/CvD3FfTeTtnk7u.: 12489: 0: 99999: 7 :::

Bin: *: 12489: 0: 99999: 7 :::

Daemon: *: 12489: 0: 99999: 7 :::

......

Desktop :!! : 12489: 0: 99999: 7 :::

Mengqc: $1 $ pNPtXOsd $ gk5mQEfx5hJfPzpmgQ78k/: 12489: 0: 99999: 7 :::

In the shadow file of the Linux system, each user is provided with a record and each field is separated by ":". The nine fields are listed in the following order:

◆ Registration name;

◆ Ciphertext password;

◆ The last time the password was changed, the number of days since January 1, January 1, 1970;

◆ The number of days that cannot be changed after the password is changed;

◆ The number of days after the password is changed (that is, the password validity period );

◆ Number of days before password failure warning to users;

◆ The number of days after the password expires before the account is blocked;

◆ The number of days from January 1, January 1, 1970 when the account is blocked;

◆ Reserved fields.

The mechanism for changing the password in Unix/Linux is simple: when you change the password, use the passwd command, which is usually located in/usr/bin. A common user can only change his or her own password, and must answer the old password. root can change the password of any user in the system, and the system will not ask the old user's password at this time.

Create and delete accounts

To create a user account, follow these steps:

Step 1: Add a record to the/etc/passwd file; Step 2: Create the user's home directory; Step 3: Set the user's default configuration file (such. bashrc ).

In almost all Linux systems, the useradd or adduser commands are provided, which can complete the above work. These two commands are usually the same. In addition, root users can use the KDE Desktop System to create accounts and passwords for new users. The procedure is "Control Panel" → "user and group" → "Add new user". Enter the relevant parameters as prompted on the screen, including the user name and description (optional), password and confirmation, and then set the user-group relationship.

To delete an existing user account, you must delete this user's record item from the/etc/passwd file and delete the user mentioned in the/etc/group file, delete the user's home directory and other files created or belonging to the user. You can use the userdel command or the Desktop System "Control Panel"> "user and group ", in the "local users and groups" window, select the user to be deleted, click the "delete" icon, and click "OK ".

In some cases, you need to temporarily invalidate an account. For example, if the user does not pay, or the system administrator suspects that the hacker has obtained the password of an account, the account can still log on after the restriction is lifted, this is the so-called account seizure. When you need to seal up an account, you can remove the user records from the/etc/passwd file, but keep the user's home directory and other files; or in the/etc/passwd (or/etc/shadow) file, add the symbol "*" before the first character of the passwd field recorded by the relevant user. For example, to seal up the user account mengqc mentioned above, modify the user record in the/etc/shadow file as follows:

Mengqc: * $1 $ pNPtXOsd $ gk5mQEfx5hJfPzpmgQ78k/: 12489: 0: 99999: 7 :::

In this way, the login of this user account is restricted.

However, this will make it difficult for users to figure out what has happened. To avoid unnecessary misunderstanding, the administrator can also use another method to seal up the user: Set the Shell of the user account to a specific program that prints only one piece of information. In this way, anyone who wants to log on to this account will not be able to log on and learn the specific cause. You can also contact the system administrator to solve the problem.

The following is a "tail scripts" sample program used to replace the User Shell Program:

#! /Usr/bin/tail + 2

This account has been closed due to a security breach.

Please call 36 and wait for the men in black to arrive.

The first two characters (#!) in the above Code (#!) Tell the core that the other part of this line is to explain the commands to be run in this file. In this way, the tail command will display everything except the first line on the screen. Generally, this type of tail scripts is stored in a path independent of the user directory to avoid confusion with user commands.

Workgroup Management

The Working Group can be used to organize related user accounts logically. With the support of the Group, users are allowed to share files in the group. In Linux, each file has a user and a group owner. That is to say, any file in the system belongs to a user in a group. Use the "ls-l" command to view the users and groups to which the file belongs. For example, the file ex1 ex1 exexexists in the/home/mengqc directory. Run "ls-l" to output the following results:

$ Ls-l ex1

-Rwxr-x --- 1 mengqc 31 Aug 17 09:18 ex1

Each user belongs to at least one group. This subordination corresponds to the gid field in the system/etc/group file, but a user can belong to multiple groups. Similar to the/etc/passwd file, each group in the system corresponds to a row of records in the/etc/group file. The attributes of each field in the record are defined as follows:

Group Name: Password: Group ID: User List

The meaning of each field is as follows:

◆ Group name (group_name): As the name suggests, the group name is the name of the Working Group.

◆ Passwd: The group password, which is not commonly used. Other users in this group are allowed to use newgrp to access resources in this group.

◆ Group ID: GID is used by the system to identify different groups. It is unique in the system. In the/etc/passwd file, the user's group ID field uses this number to specify the user's default group.

◆ User list (user_list): the user list is a set of user registration names separated by commas (,), listing all the members of this group. However, note that these listed users correspond to the GID field (that is, the user's default group) in the/etc/passwd file) it is different from the GID field in the current/etc/group file. That is to say, the default user of the group does not have to be listed in this field.

The following are some record items extracted from A/etc/group file:

Root: x: 0: root

Bin: x: 1: root, bin, daemon

Daemon: x: 2: root, bin, daemon

......

Desktop: x: 80:

Mengqc: x: 500:

In Linux, both root and bin are management groups. Many files in the system belong to these two groups. Mengqc is a common user group.

In practice, the password field is completely unnecessary. In fact, many systems do not provide tools to set group passwords. This is because to make a user a member of multiple groups, you only need to add the user registration name to the user list fields of these groups.

You can use the groups command to list the names of all groups to which the current user belongs.

When a user logs on, the GID attribute in the/etc/passwd file is automatically assigned to the user, and the user group is listed in the/etc/group file.

Working group settings mainly include the following work items:

◆ Create and delete a working group;

◆ Modify group attributes;

◆ Adjust the user group;

◆ Set group permissions.

The command for adding a group is groupadd, the command for deleting a group is groupdel, and the command for modifying group attributes is groupmod. You can also use the desktop system to implement the above functions.