Linux User and group Rights Management

1. List the user name of all logged-in users on the current system, note: The same user logged in multiple times, only once.

Use the WHO command to view

Example:

[Email protected] ~]# whoroot pts/0 2016-08-19 10:41 (192.168.2.102) developer PTS/3 2016-08-19 10:41 (1 92.168.2.102)

Explanation of the above output: User name, TTY number, time and date, host address

2. Remove the information about the user who last logged in to the current system.

Use the last command to view

[[email protected] ~]# last-x-N 3 rootroot pts/0 192.168.2.102 Fri in the 10:41 still logged in root PTS/2 192.168.2.102 Fri 10:31-10:41 (00:09) root pts/1 192.168.2.102 Fri 19 09 : 43-10:41 (00:57)

Explanation of the above output: User name, TTY number, IP address of login, time and date of login, time of logout, terminal work duration

3. Remove the shell that is the user's default shell on the current system.

[[email protected] etc]# cut-d:-f7/etc/passwd|uniq-c|sort-n |tail-n 1 |awk ' {print $} '/sbin/nologin

4, the third field in the/etc/passwd the value of the largest 10 users of the information is changed to uppercase and saved to the/tmp/maxusers.txt file.

The effect is as follows

[[email protected] etc]# sort -n -k 3  -t ":"  /etc/passwd | tail -n 10 | tr [a-z] [A-Z] >  /tmp/maxusers.txt[[email protected] etc]# sort -n -k 3 -t ":"  / Etc/passwd | tail -n 10 | tr [a-z] [a-z] systemd-network:x : 998:996:systemd network management:/:/sbin/nologinsystemd-bus-proxy:x:999:997:systemd bus  proxy:/:/sbin/nologinnginx:x:1000:1000::/home/nginx:/sbin/nologinmysql:x:1001:1001::/home/mysql:/bin/ FALSEBSB:X:1002:1002::/HOME/BSB:/SBIN/NOLOGINSLACKWARE:X:2016:1004::/HOME/SLACKWARE:/BIN/BASHBBB:X:2017:2017: :/home/bbb:/bin/bashbsbd:x:2018:2018::/home/bsbd:/bin/bashopenstack:x:2019:2019::/home/openstack:/bin/ Bashnfsnobody:x:65534:65534:anonymous nfs user:/var/lib/nfs:/sbin/nologin 

5, take out the IP address of the current host, hint: The result of ifconfig command is sliced.

The effect is as follows, here I use two methods to intercept the address, the method is not a lot of demonstrations, like friends can try their own.

[[Email protected] etc]# ifconfig eno16777736: flags=4163<up,broadcast,running, multicast>  mtu 1500        inet 192.168.2.104   netmask 255.255.255.0  broadcast 192.168.2.255         inet6 fe80::20c:29ff:fea3:b9d9  prefixlen 64  scopeid  0x20<link>        ether 00:0c:29:a3:b9:d9   txqueuelen 1000   (Ethernet)         rx packets  86190  bytes 23306723  (22.2&NBSP;MIB)          RX errors 0  dropped 0  overruns 0  frame 0         TX packets 26301  bytes 20574763  (19.6 &NBSP;MIB)     &Nbsp;   tx errors 0  dropped 0 overruns 0  carrier  0  collisions 0lo: flags=73<up,loopback,running>  mtu 65536         inet 127.0.0.1  netmask 255.0.0.0         inet6 ::1  prefixlen 128  scopeid  0x10

6. List the file names of all files ending with. conf in/etc directory and convert their names to uppercase and save them to the/tmp/etc.conf file.
ls/etc/| Grep-e ". conf$" | tr [A-z] [a-z] >/tmp/etc.conf

7. Displays the total number of sub-directories or files in the/var directory.
[Email protected] var]# Ls-l | grep "^[d|-" | Wc-l17

8. Remove the names of the 10 groups with the smallest number of the third field in the/etc/group file.
[[email protected] var]# sort-n-T ":"-K 3/etc/group | Head-n 10 | Cut-d:-f1rootbindaemonsysadmttydisklpmemkmem

9, the contents of the/etc/fstab and/etc/issue files are merged into the same content and saved to the/tmp/etc.test file.
Cat/etc/fstab/etc/issue >>/tmp/etc/test Explanation: If the above operation is to add cat to see issue file content appended to the test,>> means append does not overwrite > Clear the original content and append issue content to test, in the process of use must pay attention to distinguish. Veteran players can skip over and give new people a wake up call.

10. Summarize the methods used to describe the user and group management commands and complete the following exercises:

(1), create group distro, its GID is 2016;
Groupadd Distro-g 2016
(2), create user Mandriva, whose ID number is 1005; basic group is distro;   
Useradd mandriva-u 1005-g distro
(3), create user Mageia, whose ID number is 1100, home directory is/home/linux;
Useradd mageia-u 1100-s-d/home/linux
(4), to the user mageia add password, password for mageedu;
echo ' mageedu ' | passwd--stdin Mageia
(5), delete Mandriva, but retain their home directory;
Userdel Mandriva
(6), create user Slackware, its ID number is 2002, the basic group is distro, additional group Peguin;
Useradd slackware-u 2002-g distro-g Peguin
(7), modify the Slackware default shell for/BIN/TCSH;
Usermod-s slackware/bin/tcsh
(8), add additional Group admins for user Slackware;
Groupadd Admins usermod slackware-a-G admins usermod slackware-g Admins
Note: As above two commands are the same effect, a generally follow-G with the use, the default can be removed, here to mention.
(9), add password for Slackware, and require the minimum password age of 3 days, the maximum is 180 days, warning for 3 days;  
echo "5858888" |passwd--stdin slackware && chage-w 3-e 180-i 3 Slackware
Note:&& Simple point description, indicating that after the completion of the previous operation, followed by performing the following operations, the veteran ignored, provided to novice understanding.
(10), add user OpenStack, whose ID number is 3003, the basic group is clouds, the additional group is Peguin and Nova;
Useradd openstack-u 3003-g clouds-g Peguin,nova
(11), add the system user MySQL, request its shell for/sbin/nologin;   
Useradd test-s/sbin/nologin
(12), use the echo command, non-interactive add a password for OpenStack.
echo "5858888" |passwd--stdin OpenStack
Summarize:
in this chapter of the study, the commands that appear are, tr, sort, useradd, usermod, LS, groupadd, echo, tail, cut, awk, head, WC. And so on, because it is often forgotten in daily work, the use of some commands To prepare for future needs. 
1, TR
 usage: tr [option]... set1 [set2] Replace, reduce, and/or delete characters from standard input and write the results to standard output. -C: First top up set1-d: Delete matches set1  content, do not replace-s: If the characters matching the set1  in the input sequence exist continuous        &NBSP;&NBSP;-T: The length of set1  is truncated to and set2  equal set  is a set of strings, which can generally be understood by literal meaning. The parsing sequence is as follows:  \nnn     octal value is nnn  (1  to 3  digits)   \\          anti-slash   \a         terminal ringing   \b         BACKSPACE   \f          page break   \n         line break   \r          Enter   \t         horizontal tab   \v         Vertical Tab 
2, Usermod
-a|--append # #把用户追加到某些组中, use only with the-G parameter with-c|--comment # #修改/etc/passwd file Fifth segment Comment-d|--home # #修改用户的家目录通常和-m option together-     E|--expiredate # #指定用户帐号禁用的日期, Format yy-mm-dd-f|--inactive # #用户密码过期多少天后采用就禁用该帐号, 0 means the account is disabled after the password has expired-1 means disable this feature, the default value is -1-g|--gid # #修改用户的gid, the reorganization must exist-g|--groups # #把用户追加到某些组中, use only with the-a option-l|--login # #修改用户的登录名称-l|--lock # #锁定用户的密码-m|--move-home # # Modifying a user's home directory is typically used with the-D option to use the-s|--shell # #修改用户的shell-u|--uid # #修改用户的uid, which must be unique-u|--unlock # #解锁用户的密码

3, Useradd
The Useradd command is used to establish the user account and create the user's starting directory, and the use of permissions is the ultimate user. 2. Format Useradd [-D home] [-s Shell] [-c comment] [-M [--template]] [-F inactive] [-e expire] [-P passwd] [-R] name3. Main parameter-C: Add the memo text, and the memo text is saved in the passwd's remarks column. -D: Specifies the start directory at which the user logged in. -D: Change the preset value. -e: Specifies the expiration date of the account and the default is permanent. -F: Specify the number of days after the password expires to close the account. -G: Specifies the starting group to which the user belongs. -G: Specifies the additional group to which the user belongs. -M: Automatically establish the user's login directory. -M: Do not automatically create a user's login directory. -N: Cancels the creation of a group named after the user name. -R: Set up the system account. -S: Specifies the shell to use when the user is logged in. -U: Specifies the user ID number.
4, Groupadd
Groupadd [-G GID] [-o]] [-R] [-F] groupname-g GID: Specifies the group ID number. -O: Allow group ID number, not unique. -R: Join the group ID number below the 499 system account. -F: When you join an existing group, the development program exits.
5. Cut
Cut [-bn] [file] or cut [-c] [file] or cut [-DF] [file] Use the description Cut command to cut bytes, characters, and fields from each line of the file and write those bytes, characters, and fields to standard output. If you do not specify a File parameter, the Cut command reads standard input. One of the-B,-C, or-f flags must be specified. Main parameter-B: Split in bytes. These byte locations will ignore multibyte character boundaries unless the-n flag is also specified. -C: Split in characters. -D: Custom delimiter, default is tab. -F: Used with-D to specify which area to display. -N: Cancels splitting multibyte characters. Used only with the-B flag. If the last byte of the character falls within the range of <br/> indicated by the List parameter of the-B flag, the character will be written out;
6. awk
awk command form:awk [-f|-f|-v]  ' begin{} //{command1;  command2} end{} '  file [-F|-f|-v]    large parameter,-F specify delimiter,-F call script,-v define variable  var=value '    '            reference code block begin    initialization code block, Before the processing of each row, the initialization code, mainly refers to the global variables, set the FS delimiter//            matching code block, Can be a string or regular expression {}            a command code block that contains one or more commands;            multiple commands use semicolons to separate end       end code blocks, A block of code that executes after each row is processed, mainly for final calculation or output end summary information   Special points:$0             represents the entire current row $1            the first field of each row nf            Field Quantity Variable nr           Record number per row, multi-file record increment 
fnr         is similar to NR, although multiple file records are not incremented and each file starts at 1 \t              Tab \n             line break Fs          begin define delimiter rs         record delimiter,  The default is a newline character (that is, the text is entered one line at a line) ~              match, not accurate compared to = =!~            mismatch, inaccurate comparison = =          equals, must be all equal, exact comparison!=             not equal to, exact comparison &&       logic with | |               logic or +              matches 1 or 1/[0-9][0-9]+/    or more than two or two digits/[0-9][0-9 ]*/     one or more digital filename  filesName ofs       output field delimiter,  default is also a space, you can change to a tab and so on ors          The record delimiter for the output, which defaults to a newline character, that is, the processing result is a line of output to screen-f ' [: #/] '     defines three separators.
7. Head
Usage: head [options] ... [File] ... The long option must use parameters that are also required for short options.                        -C: Displays the contents of the first K bytes of each file, and if the "-" parameter is appended, the remaining contents are displayed in addition to the last K-byte data for each file-N: Displays the contents of the first k lines of each file; If the "-" parameter is attached, all remaining content is displayed except for the last K line of each file-Q: Does not display a header with the given file name
8. WC
The function of the WC command is to count the number of bytes in the file, the number of words, the number of lines, and display the statistical results output-C,--bytes print bytes-M,--chars print the number of characters-L,--lines print the number of lines-L,--max-line-length the length of the longest line printed -W,--words print the number of words
Note: The above command describes the source network collection.

















This article is from the "thinking under the roof" blog, please be sure to keep this source http://wuyanxxk.blog.51cto.com/4130666/1840803
Linux User and group Rights Management