Linux 11th day file and user management

Linux 11th Day

Time: 20180728

Directory

User and Group Management commands

File Rights Management Commands

Text Processing Tools

User and Group Management

That is, adding users, deleting users, managing groups, etc.

/etc/passwd

/etc/shadow

Getent output specified information in the specified database

Getent [OPTION ...] database [key ...]

Supported databases:

Ahosts ahostsv4 ahostsv6 aliases ethers Group Gshadow hosts Initgroups

Netgroup networks passwd Protocols RPC Services Shadow

Example Getent passwd root

Getent Shadow Root

Useradd

-U UID

-D back if the Add parameter modifies the configuration in the/etc/defaults/useradd, the file information is displayed without parameters.

-D Specify user home directory path

-R indicates that the user created is a system user (no home directory)

-M Create home directory

-s Specifies the user's shell

Gid of G-genus Group

-C Comment Information

-G Additional Group information

-N does not create the same group as the user name, but instead reads the GID creation in the/etc/defaults/useradd

-O does not do UID duplicate detection, that is, the user can be created using the UID that already exists in the system

Usermod

-a append often used in conjunction with-G, indicating that the original additional group is appended, without this option will overwrite the original

-L Modify the current user name to a new user name

-u unlock already locked users

-E Specify Expiration time

-F inactifve Specifies that the password expires after a few days will be completely disabled this account

Userdel

-R Delete User's home directory when deleting user

OpenSSL generates random passwords

Rand-base64

Authconfig Configuring System Authentication Resources

--passalgo Setting the system default encryption algorithm

--update saves the configured options to the appropriate file, which is equivalent to configuring their corresponding configuration file directly

Groupadd Adding a user group

-G GID

-R creates a system group, that is, the group ID is 201-999

Groupdel Deleting a user group

Groups output a user with a group of other users

Groupmems managing users ' primary Group members

-g gname specified user group

-D Delete Removes a member from the specified group groupmems-d scnet-g Mysky

-l list lists the members in the specified user group Groupmems-lg GroupName

-A add a user to the specified user group groupmems-a user-g GroupName

NEWGRP temporarily switches the primary group of a user to the specified group

PASSWD Create a user's password

-D Delete the password for the specified user

-L LOCKS the specified user

-U unlocks locked user

-e Specifies the user's expiration time

-F Prompts the user for a blank password when unlocking-U is a null password and can log on, this option enforces

-N Password minimum use length

-X Password maximum age

The number of days before the-W password expires prompt requires user to change password

How many days after the-I inactive password expires you can log on to this server and must change the password after login

--stdin accepts input by standard input echo "string" | passwd--stdin Admin

gpasswd

-A add a user to the specified group

-D del Deletes a user from a specified group

-A sets a user as the administrator of the specified group, which can be added to remove users in the group

Chage

-L lists time information for a specified user account

-D Modify the user's last password modification time

-e Setting the user's expiration time

-I set how many days a user can sign in after the expiration time

-M set the minimum duration of password usage

-M sets the maximum length of password usage

-W Sets the password for the number of days before the expiration time to warn the user to change the password

Pwck checking the/etc/passwd file for syntax errors

GRPCK checking the/etc/group file for syntax errors

NewUsers adding user accounts to a file in bulk

Add user's account information in this format

Pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell

Then use newusers filename to implement bulk add users

CHPASSWD Bulk modification of user passwords

Add user's account information to a file in this format

user_name:passwd

Then use CHPASSWD filename to bulk Modify user passwords

File Rights Management

chmod Modifying file permissions

Chown Modifying the owning group of a file

CHGRP Modifying the owning group of a file

Relative files

R can read the contents of the file

W can modify file contents

X can execute the file

Relative directory

R uses LS to list files in this directory but cannot use the-l option, or you can use the CD to enter the directory

W can delete the contents of this directory

X you can enter the directory by CD, and you can use the LS-L option

Umask

-S use u=,g=,o= instead of traditional way 0002

-P output Umask is also preceded by the command name Umask-p >> ~/.BASHRC

Chattr changing file properties

[-|+]i immutable This file can not be changed to delete rename, move, etc.

[-|+]a append can only attach content to this file can not delete the contents of the file

Lsattr View the properties of the file

Acl

File ACLs are Linux in order to set permissions for close-up users, because the permissions given by the files themselves do not meet the requirements,

You can use ACLs at this point to specify the user or user group's access to the file for a specific file, but not

All file systems are supported by FACL

Setfacl Additional permissions for the settings file

-m modify ACL permissions for the current file

-m reads ACL permissions from the specified file and applies the permission to the specified file

-X removes the specified permission

-X reads ACL permissions from the specified file and deletes the permission for the specified file

-B Remove All ACL permissions

-R recursive Recursive application permissions

-D is typically a folder setting, when a new file is created in this folder, this ACL permission is appended

-K Removes the default permissions specified by-D

--set-file empty existing permissions and apply Read permissions from the given file to the given file

--restore=file Read permissions from file and restore ACLs to the given target file or directory

Getfacl to view the specified file or folder ACL permissions

ACL Permission Recognition order

Generic ACL definition user ACL custom group other people

SUID

When a file is given the suid permission, when a user has Execute permission on the file, the initiated process is the master of the file

Instead of the default to run the file with the initiator of the process

Performance: Set Suid's file whose user permission's X will change to S, and if the user does not have X permission, it will display uppercase S

chmod u+s File ...

SGID

If a file is given Sgid permissions, when the user starts the file, the group of the process belongs to the group of the file, not the default

Group of initiators of the process

If the directory is given Sgid permissions, the files or folders that are created by users who have write permission under this folder

Inherits the group to which the directory belongs

Performance: Set Sgid's file whose group permission's X will change to S, and if group does not have an X permission then it will show uppercase S

chmod g+s File ...

Sticky

When the directory is set sticky permissions, any user who has write permission in the folder can only delete the user's own

Created files, you cannot delete files created by others.

Table: Set sticky permissions for the folder whose other permissions x will change to T if the other does not have X permission when the uppercase T is displayed

Text Processing Tools

Cat

-N Displays line numbers, and blank lines are counted as a row

-a displays all characters including newline tabs, and so on.

-B Displays line numbers, empty lines are not line numbers

-s compresses adjacent whitespace behavior one line displays the file

TAC in contrast to cat, the displayed file is also displayed in reverse

Less opens the file to view the content and does not exit to the command line when browsing to the end of the file, the biggest difference is when the command opens

Large text files are faster

More open File View file contents

Rev reverses and outputs each line of the given file to standard output

The first 10 lines of the head output file to standard output

-n Specifies the pre-output # line

-c Specifies the first # bytes of the output file

Tail outputs the following 10 lines of the specified file to the standard output

-n Specifies the pre-output # line

-F View the Post # line of the file and keep updating, if the file is updated later, it will be displayed in standard output

-F is basically similar to-F, except that-F is not prompted when the file is deleted, and the-f file is prompted when it is deleted

-C output file after # bytes

Tailf similar to tail-f just this optimizer better some

Cut to crop the file and output the specified column

-D delimiter Specifies the delimiter when cropping

-F fields Specifies the field to display

-C Select the specified column of character constants for Cut-c 18-20 to specify the column character of the connection

Linux 11th day file and user management