Linux User and file management

Help commands

Whatis command #显示命令的简短功能

Man command #查看手册页和命令描述

Command--help #适用于外部命令

Help command #适用于内部命令

Type command #查看命令内嵌还是外部

File Management location judgment

Absolute path: From/start

Relative path: in . or . Started with

File Management

TOUCH/MKDIR/MV/RM/CP #创建/Modify/move/delete/copy

#创建文件

Touch #创建空文件, file has modified time

Touch FILE{1..N} #批量创建文件

VI File #vi创建文件

Cat eof<< >file #重定向创建文件

Xxxxxx

Eof

echo "xxx" >file #重定向创建文件

#创建目录

MKDIR-P/A/B/C #父目录子目录一起创建

mkdir-v/a #创建显示信息

MKDIR-P/A/{1..101} #批量创建目录

#移动文件

MV File1 File2 #重命名文件

Mv/a/file1/b #移动文件

#删除文件

rm-r/a/* #删除目录下所有文件

rm-rf/a/* #强制删除不提示

#复制文件

Syntax cp-r source file destination file

Cp-r/a/b #递归, with subdirectories in the included directory

#查看文件

Ls-a file #显示所有文件及文件夹

Ls-l file #格式化显示目录下的内容列表

Cat-n file #对输出的所有行进行编号

Cat-b file #对非空的输出行进行编号

Cat-s file #多行的空行合并为一个空行

More file #分布显示文件内容, page forward not supported

Less file #可前后翻页

Head-n file #显示从文件头开始到n的行数, the first 10 rows are displayed by default

Tail file #显示文件尾部内容, display the end 10 lines by default

TAIL-NF file #动态显示文件末尾n行的内容

XFS File system backup and recovery XFS backup introduction

XFS provides Xfsdump and Xfsrestore tools to assist in backing up data from XFS file systems. Xfsdump back up an XFS file system in Inode order.

Unlike traditional UNIX file systems, XFS does not need to be unloaded before dump, and a dump of the in-use XFS file system can guarantee the consistency of the image. Unlike XFS's implementation of snapshots, the process of the dump and restore of XFS can be interrupted and then resumed without the need to freeze the file system. Xfsdump even provides high-performance multi-threaded backup operations that split a dump into multiple streams, each of which can be sent to different destinations.

First of all, the Xfsdump backup level has the following two kinds, the default is 0 (that is, full backup)

Full backup 0

Incremental backup 1-9

Backup

Syntax: xfsdump–f backup storage location to back up the path

#交互式备份

xfsdump-f/opt/dump_sdb1/sdb1

#-L Specify Backup session label-m Specify device backup label

#非交互式备份

xfsdump-f/opt/dump_sdb1/sdb1-ldump_sdb1-mmedia0

# Specify file backup

Xfsdump-f/opt/dump_sda1_passwd-spasswd/sda1-ldump_sda1_passwd-mmedia1

#克隆目录到另一个目录

Xfsdump-/sda1 | Xfsrestore-/data/

#克隆指定目录到另一个目录

xfsdump--stest/sda1 | xfsrestore-/data/

Recovery

Syntax: xfsrestore–f Specifies the location of the recovered files to restore the directory

Xfsrestore-f/OPT/DUMP_SDB1/SDB1

#指定恢复单个文件

Xfsrestore-f/opt/dump_sdb1-spasswd/sdb1

User Management User Classification

Superuser: Root has the highest administrative power over the system

Normal User: System user uid:1-999 (RHEL7) 1-499 (RHEL6)

? Local User uid:1000+

Virtual User: Pseudo-user is generally not used to log into the system, it is mainly used to maintain the normal operation of a service

#创建用户

Useradd-m-u-d-G "Initial group"-G "additional group"-S "landed shell" user "

-M Create user home directory//

-G Sets the user's initial group name or ID

-G Set User satellite group

-S Set User login shell,/sbin/nologin disable login system

-u Specifies the user's UUID

-D Specify the user's home directory

#改变用户信息

USERMOD-AG Group name User name

-U UID

-D Host Directory

-G Start Group #只能有一个

-G Additional Group #可以有多个

-S Login Shell

-L Lock

#删除用户及家目录

Userdel-r User

#创建用户密码

passwd user

echo123456 |passwd--stdin User

#修改密码

Chage used to change user password expiration information

-M: The minimum number of days the password can be changed. For 0 o'clock delegates can change the password at any time

-M: Maximum number of days the password remains valid

-W: Number of days to receive warning messages before user password expires

-E: The date when the account expires. This account will not be available after this day

-D: The date of the last change, 0 means that the password is forced to be updated at the next logon

-I: Stasis period. If a password has expired these days, then this account will not be available

-L: (list) lists the current settings, which are not privileged users to determine when their passwords or accounts expire

#添加用户到指定组

gpasswd

-A: adding users to groups;

-D: Remove users from the group;

-A: Specify the Administrator;

-M: The use of the specified group member and-A is similar;

-r: Remove password;

-R: Restricts the user from logging into the group, only members in the group can join the group with NEWGRP.

Gpasswd-a Users User

License # Create User

Useradd user

#编辑sudoers文件

Vi/etc/sudoers

# # allows people in group wheel to run all commands

%wheel all= (All) all

# # Same thing without a password

#%wheel all= (All) Nopasswd:all

Use Rall= (All) Nopasswd:all

Add% represents the group, NOPASSWD indicates that using sudo does not require password authentication

File Rights Management File basic permissions # View file permissions

ll/etc/passwd

-rw-r--r--. 1root root9305 Month 2306:46/etc/passwd

P indicates named pipe file

D Represents a catalog file

L represents a symbolic connection file

-Denotes normal file

s represents a socket socket interface file, such as when we enable MySQL, a mysql.sock file is generated

C represents a character device file

b represents a block device file

#文件属性说明

-|rw-|r--|r--| | group | Modification Time | object: File name

rw-file owner has read, write permissions to the file

Users in the r--user group have Read permissions

r--other users have Read permissions

#更改文件的属主和属组

Syntax: chown chgrp+ file or directory

Chown User:user Text.txt Change the owner of the file, belong to the group

Chown User Text.txt Change the owner of the file

Chown:user Text.txt Change the genus Group of a file

Chown-r User:user/text Change the owner of a directory, belong to a group

CHGRP user Text.txt Change the genus Group of the file

#修改权限

Syntax: chmod+ file or directory

+-= Add or remove the corresponding permissions

R=4,w=2,x=1 Digital Permissions

u+-= (rwx) Add Delete Owner permission

g+-= (rwx) Add permission to delete a group

o+-= (rwx) add remove other permissions

a+-= (rwx) Add permission to remove all users

Chmodu+x Test.txt To add the permissions that the owner can perform

Chmoda-r text.txt Remove Everyone-readable permission

#文件默认权限

Umask set the default value of the file, remove some permissions from the permissions

Umask 000-777

The default Create directory permission is 777-022=755

Default Create file permission is 666-022=644

Modify the Umask value to change the default file directory permissions

Vi/etc/profile | $[home]/.bash.profile | $[home]/.profile

if[$UID-gt199] && ["' id-gn '" = "' Id-un '"];then

umask002

Else

umask022

#查看文件权限

ll/etc/passwd

-rw-r--r--. 1root root9815 Month 2517:34/etc/passwd

Stat-c%a/etc/passwd

644

Stat-c%a/etc/passwd

-rw-r--r--

File Advanced Permissions Special permissions

SUID: Limit: Can only be set on the binary executable program, the directory settings are not valid.

Function: The program's permissions are changed from performer to program owner.

SGID: Limit: Both can be set to the binary executable program, you can also set the directory.

Function: When a file is established under a directory with Sgid permissions set, the group that owns the newly created file inherits the group to which the parent directory belongs.

Stickybit: The sticky bit permission is for the directory, the file is invalid, also called the anti-delete bit.

SGID SUID Stickybit

U=4,u+s | G=2,g+s | O=1,o+t

#增加特殊权限

chmod u+s text.txt need executable permissions on files

chmod g+s/text for directory use

chmod O+t/text only for directories

chmod 4777 text.txt need executable permissions on files

chmod 2777/text for directory use

chmod 1777/text only for directories

ACL access control List ACL: Access control List

It is a universal paradigm outside of the allocation of permissions. For example, by default you need to confirm 3 permission groups: UGO. With ACLs, you can increase permissions to other users or groups, allowing the specified users a, B, and C to have write permissions instead of having write permissions for their entire group.

#ACL参数解释

Acl_user_obj: Equivalent to File_owner permissions in Linux

Acl_user: Defines the permissions that additional users can have on this file

Acl_group_obj: Equivalent to GROUP permissions in Linux

Acl_group: Defines the permissions that additional groups can have on this file

Acl_mask: Defines the maximum permissions for Acl_user, Acl_group_obj, and Acl_group

Acl_other: Equivalent to other permissions in Linux

#查看ACL

getfacl/etc/passwd

# FILE:ETC/PASSWD

# Owner:root

# Group:root

user::rw-

group::r--

other::r--

#设置文件权限 # Create a file

Touch A.txt

#查看acl

Getfacl A.txt

# File:a.txt

# Owner:root

# Group:root

user::rw-

group::r--

other::r--

#设置文件acl

SETFACL-M:: A.txt set user, group permissions

Setfacl-m: A.txt to set mask permissions

#设置默认目录权限

SETFACL-MD::: All new files in the/test directory inherit this permission, which does not take effect on the directory itself and does not affect files that already exist in the directory

#删除acl权限

Setfacl-x: a.txt Remove user group ACL permissions

SETFACL-XD:: A.txt Remove ACL permissions from the default directory

Setfacl-b a.txt Remove all ACL permissions

#acl权限复制

Getfacl/text | Setfacl--set-file=/text1

File lock

The chattr command is very useful, and modifying the file properties through the CHATTR command can improve the security of the system, including (root) but it is not suitable for all directories, CHATTR commands cannot protect directories such as/,/dev,/tmp,/var.

#chattr属性

chattr +-= File # Add, delete, give permission

Chattr +a

For files: Data can only be appended to the file, but existing data cannot be deleted or modified

For a directory: only allow files to be created and modified in the directory, but not allowed to delete

Chattr +i

For the file: Cannot modify, delete the file, and can not add and modify its data, but to view the contents of the file

For a directory: You can only modify file data under the directory, but you cannot create and delete files

Lsattr file #查看文件属性

#举例说明 (for files)

Touchb.txt

Chattr+a B.txt

echo "123456" >b.txt cannot be modified

-bash:b.txt: Operations not allowed

echo "123456" >>b.txt &&echook can be appended

Ok

Chattr+i B.txt

echo "123456" >b.txt

-bash:b.txt: Operations not allowed

echo "123456" >>b.txt

-bash:b.txt: Insufficient Authority

Catb.txt can view

123456

123456

123456

#举例说明 (for catalog)

Mkdirb

Chattr+a b

Touchb/{file1,file2}

Rm-rfb/file1

RM: Unable to delete "B/file1": Operation not allowed

Echo123456>b/file1

Catb/file1

123456

Chattr+i b

Touchb/file4

Touch: Unable to create "b/file4":

Rm-rfb/file1

RM: Unable to delete "B/file1": Insufficient permissions

Echoaaaa>b/file1

Catb/file1

Aaaa

I am Mikel pan, cloud-computing enthusiasts, regularly updated life sentiment, spiritual evolution in Mikel Pan, like I come to find me!

Blog Park Address: http://www.cnblogs.com/plyx/
Jane Book address: Https://www.jianshu.com/u/5986765934f4

Linux User and file management