Linux operating System Fundamentals (II.)

Command creation User: Useradd

To create a user manually:

/etc/passwd

/etc/shadow

/etc/gshadow

/home/User name/

/var/spool/mail

ID user to view the user's personal information.

User home directory of hidden files template/etc/skel

Ls-ld Viewing directory Details

Chown-r Oldboy:oldboy/home/oldboy Recursive change

Home Directory Environment configuration file
ENV Query Environment variables
Set query all variables
Environment variables can inherit from the quilt process export b=2
Custom variables cannot be inherited by the quilt process a=1

Environment profile (exists under each user's home directory)
. bash_history Save the user's history command when the user exits the save to file
. bash_logout save a command to execute when the user exits
. BASHRC Save User alias (opens a new terminal to read the file)
. bash_profile where to save user search commands

. BASHRC shell-level environment variable configuration file
. bash_profile logon Level environment variable profile

Su-Logon level switching
SU Shell level switch

Global Environment configuration file
/etc/bashrc
/etc/profile

Load order
/etc/profile
. bash_profile
. BASHRC
/etc/bashrc

Defining variable file Order
/etc/profile1
/etc/profile2
. bash_profile1
. bashrc1
/etc/bashrc1
/etc/bashrc2
. bashrc2
. bash_profile2

Permissions (Basic and Advanced permissions)
[Email protected] ~]# ls-l Install.log
-rw-r--r--1 Robin Upup 39751 05-23 11:15 aa.txt
rwx | rwx | Rwx
Robin Upup Other
Uid=0----->uid=robin----->group=upup----->other

For file R--------Cat head tail ....
W--------vim,gedit,vi,> >>
x--------execute./absolute path
For directory R--------LS r-x view the file information in the directory
W--------mkdir TOUHC rm rwx
X--------CD
User U
Group G
Other O

chmod u+r File/dir
chmod u+r,g+w File/dir
chmod UG-RW File/dir
chmod ugo+rwx File/dir
chmod a+rwx File/dir

chmod u=r File/dir
chmod u=r,g=w File/dir
chmod UO=RW File/dir
chmod ugo=rwx File/dir
chmod a=rwx File/dir

/rwxr-xr-x 755
/etc/rwxr-xr-x 755
/usr/rwxr-xr-x 755
/var/rwxr-xr-x 755
/TMPRWXRWXRWT 1777
/ETC/SHADOWR--------400
/etc/passwdrw-r--r--644
/HOME/ROBINRWX------700
/rootrwxr-x---750
Root Create file default permissions rw-r--r--644
Root Create directory default permissions rwxr-xr-x 755
Normal user Create file default permissions rw-rw-r--664
Normal user Create directory default permissions Rwxrwxr-x 775

R------4 W------2 x-----1
777
RWXR----x 741 123--x-w--wx
r-x-wx-w-532 456r--r-xrw-

Default Permissions calculation method
666023
110110110000010011
111101100111101100
110100100
644

Chmod-r 777/test

Modify the owning group
Chown Robin Tt.txt
Chgrp uplooking Tt.txt
Chown robin.uplooking Tt.txt
Chown. uplooking Tt.txt
.=:
Chown-r robin.uplooking dir/

Practice:
Create User Tom and Jerry
1. Create a file in the/tmp directory Tt.txt
Requirements:
Tt.txt permission set to 651 is changed to RWXR----x
chmod 651/tmp/tt.txt
chmod u=rwx,g=r,o=x/tmp/tt.txt

Set up tt.txt file owning this Tom belongs to the group Jerry
Chown Tom.jerry/tmp/tt.txt

2. Set up owners and permissions according to the following requirements
Create the directory test/in the/tmp directory and create the file in the test directory Aa.txt
Tom can read and write files Aa.txt cannot be deleted
Jerry can not read and write files Aa.txt can be deleted

mkdir/tmp/test/
Touch/tmp/test/aa.txt

/tmp/test/jerry Root Rwxr-xr-x
/tmp/test/aa.txt Tom Root Rw-r-----

Primary Group Attach Group
Robin Robin Robin,uplooking
/tmp/test rwxrwx---root uplooking
Robin, can you go in/tmp/test? Why?
Can be because the additional group has uplooking
Create a file after entering aa.txt the file owner belongs to the group??
Robin Robin
What if the user wants to create a file that belongs to the uplooking group?
SG uplooking
Robin Uplooking robin,uplooking
Tt.txt Robin Uplooking

Advanced Permissions
1.suid
must act on binary executable file
chmod u+s File
Function: Any user who executes a command with SUID permission executes as the owner of the command

Experiment:
Enable normal user Robin to view/etc/shadow file content using cat without changing/etc/shadow permissions
Which cat
chmod U+s/bin/cat
Robin user test

2.sgid
must act on the directory
chmod g+s dir
Role: Any user who creates a file in a directory that owns Sgid inherits the group of that directory

Useradd-g job-g uplooking Tom
Useradd-g Job-g uplooking Jerry
Useradd-g sal-g uplooking Zorro
Useradd-g sal-g uplooking Shrek

/job ZHB uplooking Rwxrwsr-x

Aa.txt Tom Job
Tt.txt Tom Uplooking rw-r-----

3.sticky (t adventure bit paste bit)
must act on the directory
chmod o+t dir
Role: Any user created under the directory with the T permission is the user's own, other people do not have permission to delete (root, directory owner)

Robin:$1$bj0exbfx$e24mczi0jmsidr:15847:2:10:3:2::

First column: User name
Second column: password (MD5)
Third column: Password last modified (days)
Fourth column: Minimum password time
Fifth column: Password maximum time (password validity period) (days)
Sixth column: Warning time before password expires
Seventh column: Password expiration payback date
Eighth column: Account validity
Nineth column: Reserved columns

Practice:
1. Add group KKK GID is 1500
Groupadd-g KKK
2. Add user Zorro UID 1500 belongs to KKK group description: Hello home directory/mnt Shell:bash

Useradd-u 1500-g kkk-c hello-d/mnt/zorro-s/bin/bash Zorro

3. Set the user password to 123 through the administrator
Terminal login Zorro set its own password to 123.com

Modify user Information
Usermod
Usermod-u-g-c-d-s Robin

Usermod-l ABC2ABC ABC2
Usermod-l Robin
Usermod-u Robin
usermod-f Password expiration Payback expiration time
USERMOD-E Account Expiration Date

Modify group Information
GROUPMOD-G 2500 uplooking
Groupmod-n Upup uplooking

Change Password and information
Passwd-n (minimum time)-X Max Time-W warning Time-I password expires payback number expires

Passwd-l Robin Lock Password
Passwd-u Robin unlock Password
Passwd-s Robin View password status

Add a user Tom and Jerry set two user password to 123 respectively
Lock Tom account lock Jerry Password
is the return value of the terminal login test consistent?
See Shedow files Two users what's the difference?
! Lock Account
!! Lock password

To delete a user:
Userdel-r ABC2
Delete a group
Groupdel Upup

Additional groups
Groupadd yw
Groupadd KF
USERADD-G KF,YW WG Overlay additional Group information
Useradd-a-G KF,YW WG Append additional group information

Groupadd boss
GPASSWD boss

Add an account manually
# # # # #1 Groupadd zu
1). Vim/etc/group
zu:x:2000:

##### #2. Useradd-g zu ZHB
1). vim/etc/passwd
Zhb:x:2000:2000::/home/zhb:/bin/bash
2). MKDIR/HOME/ZHB
3). cp/etc/skel/.bash*/home/zhb/

# # # # #3 passwd ZHB
1). Vim/etc/shadow
Zhb::15848:0:99999:7:::
2). Grub-md5-crypt generates a password to copy the password to the second column

Terminal login Test Create file?

Multi-User Import
1. The user and system passwd file user information in the import file (user.txt) does not conflict
2. User cannot conflict in import file (User.txt)

[email protected] ~]# cat User.txt
User1:x:3000:3000:ptuser:/home/user1:/bin/bash
User2:x:3001:3001:ptuser:/home/user2:/bin/bash

NewUsers < User.txt

[email protected] ~]# cat Passwd.txt
User1:123
User2:123

CHPASSWD < Passwd.txt

Linux operating System Fundamentals (II.)