Linux-practice (20-22)

20. Brief answer:

Background description: Xiaoqiang, Wangcai, and Tangbohu basic groups of three users are groups with the same user name, but they all use the Qiuxiang group as the secondary group.

1). When user Xiaoqiang does not have execute permission on the/testdir directory and has no Read permission, what does it mean that Xiaoqiang is unable to complete the operation?

For:

No Execute permissions: Cannot access commands, nothing can be executed, cannot be deleted, cannot be created, use the "ll" command to see what files are available, but no specific information is visible.

When no Read permission: The file name cannot be displayed, you cannot see what files are inside the folder, if you know what is in the folder, you can delete it, or you can create it inside.

2). Can I modify and delete the file when the user Wangcai only write permission to the/testfile file? If not, what can wangcai do with the file?

For:

It is not certain that because the file is modified and deleted, it is sufficient to have write access to the directory where the file resides.

You can add something to a file and delete something. Write permission to delete the file, but still cannot modify the file

3). If the user tangbohu a directory in the/tmp directory Mydir, he wants to let Wangcai and Xiaoqiang the two users can create, modify and delete files in the directory, what can you think of to achieve this purpose?

For:

1, chmod 777/tmp/mydir

2, Chgrp Qiuxiang/tmp/mydir

chmod 775/tmp/mydir

3, Setfacl-m-u:wangcai:rwx/tmp/mkdir

Setfacl-m-u:xiaoqiang:rwx/tmp/mkdir

4, Setfacl-m-g:qiuxiang:rwx/tmp/mkdir

Cases:

[Email protected] ~]# Groupadd Qiuxiang

[Email protected] ~]#

[Email protected] ~]# Cat/etc/group

[Email protected] ~]# tail-1/etc/group

QIUXIANG:X:5002:

[Email protected] ~]#

[Email protected] ~]# useradd xiaoqiang-g 5002; Useradd wangcai-g 5002; Useradd tangbohu-g 5002

[Email protected] ~]# tail-4/etc/group

Qiuxiang:x:5002:xiaoqiang,wangcai,tangbohu

XIAOQIANG:X:5003:

WANGCAI:X:5004:

TANGBOHU:X:5005:

[Email protected] ~]#

[Email protected] ~]# Su-tangbohu

[Email protected] ~]$ Mkdir-pv/tmp/mydir

[Email protected] ~]$

[Email protected] ~]$ Ls/tmp | grep "^my*"

Mydir

[Email protected] ~]$

[[email protected] ~]$ ID

uid=5004 (Tangbohu) gid=5005 (Tangbohu) groups=5005 (Tangbohu), 5002 (Qiuxiang)

[Email protected] ~]$ chmod 775/tmp/mydir

[Email protected] ~]$ chgrp 5002/tmp/mydir

[Email protected] ~]$ chmod 775/tmp/mydir/

[email protected] ~]$ su

Password:

[Email protected] tangbohu]# usermod-g 5004 Wangcai; Usermod-g 5004 Xiaoqiang

21. Background Description: Xiaoqiang, Wangcai, and tangbohu the basic groups of three users are groups with the same user name, but they all use the Qiuxiang group as the subordinate group.

1. Copy the/etc/fstab file to/var/tmp, at the same time set the file is the main Wangcai have read and write permissions, belong to the group of Xiaoqiang Group has read-only permission, other people do not have permission, please write the command;

For:

Law One:

# cp/etc/fstab/var/tmp/

# Groupadd Xiaoqiang

# chmod 640 Fstab

# ls-l

Law II:

# cp/etc/fstab/var/tmp/

# chown Wang:xiaoqiang fstab

# chmod 640 Fstab

2. Create user xiaoming without using the Useradd command, which has the following properties:

1) UID is 8089;

2) The main group is Xiaoming,gid 8089;

3) Its user name is "Wang xiaoming";

4) home directory in/home/xiaoming;

5) Default login shell is/bin/bash;

6) password changes within 5 days after the password can not be changed again;

7) Passwords are used for up to 30 days;

8) The password expires 3 days before starting to remind users to change the password;

9) After the password expires, the user will not be allowed to log in within 7 days;

For:

# Vim +/etc/passwd

Xiaoming:x:8089:8089:wang Xiaoming:/home/xiaoming:/bin/bash

# Vim +/etc/shadow

xiaoming:!! : 17264:5:30:3:7::

# Vim +/etc/group

xiaoming:x:8089:

# Vim +/etc/gshadow

xiaoming:!:8089:

# cp-a/etc/skel//home/xiaoming

# chmod 700-r/home/xiaoming/

# Chown Xiaoming:-r/home/xiaoming

# echo "Xiaoming" | passwd--stdin Xiaoming

3. User Xiaoming created a file in his own home directory Project.plan, in order for WANGCAI users to be able to read the contents of the file, xiaoming copy the/bin/cat file to/tmp/xmcat,/tmp/ Xmcat only the main xiaoming and WANGCAI users are able to execute, each time Wangcai execute "[[email protected] ~]$/tmp/xmcat/home/xiaoming/project.plan" command to see the contents of the file;

For:

$ install-m 4700/bin/cat/tmp/xmcat

$ setfacl-m U:wangcai:r-x/tmp/xmcat

Cases:

[Email protected] tangbohu]# Install-o wangcai-g xiaoqiang-m 740/etc/fstab/var/tmp

[Email protected] tangbohu]#

[Email protected] tangbohu]# ls/var/tmp

Fstab YUM-LITTLE-FVN5BR

[Email protected] tangbohu]# echo "Xiaoming:x:8089:8089:wang xiaoming:/home/xiaoming:/bin/bash" >>/etc/passwd

[Email protected] tangbohu]#

[[Email protected] tangbohu]# CD

[Email protected] ~]# ls/var/tmp

Fstab YUM-LITTLE-FVN5BR

[Email protected] ~]# CAT/ETC/PASSWD

[Email protected] ~]# cp-a/etc/skel/home/xiaoming

[Email protected] ~]#

[Email protected] ~]# chmod 700/home/xiaoming

[Email protected] ~]#

[Email protected] ~]# chowm-r 8089:8089/home/xiaoming

Bash:chowm:command not found

[Email protected] ~]#

[Email protected] ~]# chown-r 8089:8089/home/xiaoming

[Email protected] ~]#

[Email protected] ~]# echo "Xiaoming::17262:5:30:3:7::" >>/etc/shadow

[Email protected] ~]#

[Email protected] ~]# passwd xiaoming

Changing password for user xiaoming.

New Password:

Retype new Password:

Passwd:all authentication tokens updated successfully.

[Email protected] ~]#

[Email protected] ~]# su-xiaoming

[email protected] ~]$ Touch Project.plan

[Email protected] ~]$

[[email protected] ~]$ ls

Project.plan

[Email protected] ~]$ install-m 770/bin/cat/tmp/xmcat

[Email protected] ~]$ ls/tmp

[Email protected] ~]$ su-c "usermod-g 8089 Wangcai"

[Email protected] ~]$

[Email protected] ~]$ ls/tmp

[Email protected] ~]$/tmp/xmcat/home/xiaoming/project.plan

22. Logical relationship Exercise:

1. If there is a/backup directory in the file system to show that the directory already exists, otherwise it will be created;

For:

# ls-d/backup &>/dev/null && echo "This_dir exist" | | Mikdir-p/backup

2. If there is a/backup directory in the file system, all the. Conf end-level non-catalog files in the/etc directory (files in subdirectories that do not contain the end of the. conf) are backed up into the directory;

For:

# ls-d/backup &>/dev/null && cp/etc/*.conf/backup

3. Try to explain the meaning of the following commands:

(! ID little &>/dev/null | |! ls-d/home/little &>/dev/null) && echo "Error" | | Userdel-r Little

! (ID little &>/dev/null && ls-d/home/little &>/dev/null) && useradd-md/home/little lit tle | | echo "Error"

For:

If the little user and his or her home directory do not exist, the output "Error", or delete the user, and his home directory, the loop delete.

If the little user and his or her home directory do not exist, create the user and force the creation of their home directory/home/little; otherwise output "Error"

Useradd command:

-D: Create home directory

-M: Create User with home directory

Cases:

[[email protected] ~]# LS/

Backup boot etc lib lost+found misc net proc sbin SRV tmp var

Bin Dev Home lib64 media mnt opt root selinux sys usr YSU

[Email protected] ~]#

[Email protected] ~]# ls-d/backup &>/dev/null && echo "This is exist." | | echo "This was not exist"

This is exist.

[Email protected] ~]# ls/backup/

etc-2017-11-15_16:43:00

[Email protected] ~]#

[Email protected] ~]# ls-d/backup &>/dev/null && cp/etc/*.conf/backup

[Email protected] ~]#

[Email protected] ~]# ls/backup/

trolltech.conf latrace.conf prelink.conf

asound.conf ld.so.conf readahead.conf

autofs.conf libaudit.conf reader.conf

autofs_ldap_auth.conf libuser.conf request-key.conf

cas.conf logrotate.conf resolv.conf

dnsmasq.conf ltrace.conf rsyslog.conf

dracut.conf mke2fs.conf sestatus.conf

etc-2017-11-15_16:43:00 mtools.conf smartd.conf

fprintd.conf named.conf sos.conf

gai.conf nfsmount.conf sudo-ldap.conf

grub.conf nsswitch.conf sudo.conf

gssapi_mech.conf ntp.conf sysctl.conf

hba.conf oddjobd.conf updatedb.conf

host.conf openct.conf warnquota.conf

idmapd.conf pbm2ppa.conf yp.conf

kdump.conf pm-utils-hd-apm-restore.conf yum.conf

krb5.conf pnm2ppa.conf

[Email protected] ~]#

Linux-practice (20-22)