Linux User Management Case (version 2)

Source: Internet
Author: User

Linux User Management Case (version 2)
Batch add users

1. Write the user information file in the format of/etc/passwd.

Xiaofang01: 1001: 503:/home/xiaofang01:/bin/bash # note that you cannot leave blank lines. Otherwise, an error is reported.

2. newusers < # newusers command to import the user information file

3. pwunconv # disable the shadow password Function

4. Write the password file in the format of [User name: Password]

5. chpasswd < # import the password file

6. pwconv # Write the password to the shadow file

[Script-based programming is actually more efficient]

Restrict normal user su to root

1. groupadd sugroup

2. chmod 4550/bin/su // clear all others' Permissions

3. Change chgrp sugroup/bin/su // to sugroup

At this point: ls-l/bin/su

4. usermod-G sugroup test // Add User test to the sugroup group Group

Replace su with sudo:

-Temporarily become root when executing the sudo command

-The root password will not be leaked.

-Only provide users with limited command use Permissions

Configuration File:/etc/sudoers [edit the mongodo command for configuring this file]. Directly modifying the configuration file/etc/sudoers with vi will not take effect.

/Etc/sudoers file format

Username [% group name] host name [or IP address] = Command [use absolute path]

Case-authorize normal users to add/delete users [useradd/userdel]

1. mongodo

2. xiaofang hadoop =/usr/sbin/useradd,/usr/sbin/userdel

[Switch to this user]

3. sudo/usr/sbin/useradd test # Run The useradd Command [add sudo and absolute path]

4. Enter the password # xiaofang, not the root password

5. sudo-l # view the commands authorized by the current user to be executed only by the root user.



1. sudo allows common users to execute commands as root instead of commands that can be executed only by root.

2. When editing/etc/sudoers, you can make the command more accurate.

Example: guest hadoop =/sbin/shutdown-h now

Execute the-h now option only for guest. None of the other options can be executed.

Case study: authorize a common user to manage Apache

1. design the permissions that the user should have:

(1) edit the Apache configuration file

(2) Use the Apache Startup Script

(3) Update webpages, etc.

2. Implement function 1

Method 1: Change the owner of the file chown

Method 2: Change the group to which the file belongs, grant w permissions to the group, and then add the user to the group [more common]

Method 3: Do Method

Add: User address =/bin/vi/etc/httpd/conf/httpd. conf

3. Implement function 2

User host name =/etc/rc. d/init. d/http start,/etc/rc. d/init. d/http reload,/etc/rc. d/init. d/http fullstatus,/etc/rc. d/init. d/http configtest

4. function 3

You must have the write permission on the/var/www/html directory # change the owner/Group of the Directory



Detect User Password strength (Crack user password)

1. Install the cracking tool John the ripper


2. grep liming/etc/passwd>/test/liming. passwd # extract user information

3. grep liming/etc/shadow>/test/liming. shadow # extract the encrypted ciphertext of the User Password

4./test/john-1.6.6/run/unshadow/test/liming. *>/test/liming. john # merge into a file.

5./test/john-1.6.6/run/john/test/liming. john # crack the user password.

6./test/john-1.6.6/run/john/etc/shadow # crack passwords of all users

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.