Shut down the system's Firewall: (1) Close iptables chkconfig iptables off
(2) Close selinux:vim/etc/sysconfig/selinux Modify ' selinx=disabled ', save and exit.
(3) Reboot system: Reboot or Init 6
The PID number corresponding to the INIT process is always "1".
Init configuration file
/etc/inittab Configuring the default run level
/etc/sysconfig/init control the number of opening of the TTY terminal, the terminal color scheme
/etc/init/rcs.conf loading the Rc.sysinit script to complete the system initialization task
/ETC/INIT/RC.CONF compatible scripts, responsible for call handling at each RunLevel
/etc/ini/rcs-sulogin.con starting the/sbin/sushell environment for single-user mode
Ctrl+alt+del Hotkey operation under the/etc/init/control-alt-delete.conf control terminal
/etc/init/start-ttys.conf Configuring the number of open TTY terminals, device files
/etc/init/tty.conf control the opening of the TTY terminal
Id:runlevels:action:process
Mark: Run Level: Action type: Program or script
Meaning and purpose of each operating level
Init 0: Shutdown state, the host will be turned off when this level is used.
Init 1: Single user mode, no password Authentication required to log into the system, more for system maintenance.
Init 2: Multi-user mode for the character interface (network access is not supported).
Init 3: The full multi-user mode of the character interface, most server hosts run at this level.
Init 4: Not allocated for use.
Init 5: Graphical interface for multi-user mode, providing a graphical desktop operating environment.
Init 6: Reboot, the host will be restarted when this level is used.
Switching the operating level of the system: Init number
To view the operating level of the system: RunLevel
System Service Control
Service Service Name control type or/etc/rc.d/init.d/name control type
Common Types of controls
? Start: Runs the specified system service program and implements the service function.
? Stop: Terminates the specified system service program and turns off the appropriate functionality.
? Restart (restart): Exit first, and then rerun the specified system service program.
? Reload (Heavy): Do not exit the service program, just refresh the configuration.
? status (View status): View the running status of the specified system service and related information.
Optimized boot auto-load service
1) using the NTSYSV graphical tool: [] there is * for the start.
2) using the Chkconfig tool:
Chkconfig--list//View the default boot status for all services
Chkconfig--list Service Name//view the default startup state of a service
Chkconfig--level Run Level list service name On|off//can specify that a service is turned on or off
Linux Command classification
Internal command: Refers to some special instructions, also known as built-in (built-in) directives, that are integrated into the Shell interpreter program (such as bash).
External command: Refers to a Linux system to complete a specific function of the script file or binary program, each external command corresponds to a file in the system, is a command outside the Shell interpreter program. The Linux system must know the file location of the external command before it can be loaded and executed by the shell.
Format of the Linux command line: command word [options] [parameters]
1) command word: The command name is the most critical part of the entire command.
2) The function of the option is to adjust the specific function of the command, and determine how the command executes.
Different command words can use different options (number of options and content).
The number of options can be multiple or omitted. When you use multiple options at the same time, the options are separated by a space. If you do not use the option, the default function of the command Word will be executed.
? When using the option of a single character, the "-" symbol (the half-width minus sign) is generally used before the option to boot, called the short format option, such as "-L". Multiple single-word check items can be grouped together, such as "-al" equivalent to "-a-l".
When using options with multiple characters, the "--" symbol (two-half-width minus sign) is generally used before the option to boot, called the long format option, such as "--help".
3) Parameters: The command parameter is the processing object of the command word, usually the command parameter can be a file name, directory (path) name or user name, and so on.
Get command Help
1) using the Help command is a helpful look at the commands inside each shell.
2) Use "--help" option for most Linux external commands, you can display the corresponding command Word format and options and other help.
3) Man Manual (manual page) is one of the most commonly used online help forms in Linux systems.
Columns such as: [[email protected] ~] #man ls | Col-b > Lshelp.txt
In this sake, where Col is a command program that filters some special control characters in the text, and also uses the "|" and the ">" symbol, which is the two special functional applications in the shell environment, called "Pipe", "redirected Output", respectively.
Pipe: Using the vertical bar symbol "|" Indicates that the screen output of the preceding command is used as the Action object (input) of the following command. It's like a pipe, from which you plug in content and come out from the other end.
REDIRECT output: Using the greater than symbol ">" means that after the previous command executes successfully, its screen output will be saved to the file specified behind the ">" (overwrite), instead of being output directly to the screen. ">>" means append does not overwrite.
Some common commands and functions
command Example function
Uname-r View the current Linux kernel version information used
Cat/proc/cpuinfo View current host CPU model, specifications and other information
Cat/proc/meminfo View memory information for the current host
Hostname View the full name of the current host
Ifconfig eth0 View address information for the 1th Ethernet card
Shutdown-h now shutdown
Shutdown-r now restart
PWD Displays the location of the working directory where the user is currently located
cd-changing the user's working directory to a different location
? -Current Working directory
?? -Top level directory of the current directory
~ User name-Specifies the user's host directory, omitting the user name for the current user
-Previous working directory
Ls Displays the contents of the directory, including information about the properties of subdirectories and files, etc.
-l display in long format, including information such as permissions, size, last update time, and more
-a displays all subdirectories and files, including hidden directories and hidden files
-D Displays the properties of the directory itself instead of displaying the contents of the directory
-H displays size in units such as K, M, and not the default byte
Du statistics Specifies the size of disk space occupied by a directory (or file)
-a-statistics include all the files, not just the statistics directory
-h-display statistical results in units such as K, M, etc.
-s-only the total size of the statistics parameter, not the size of subdirectories, files
Touch creates an empty file
MkDir used to create a new empty directory
-p-creating nested Multilayer catalogs at once
ln establishes a linked file (a shortcut like Windows) for a file or directory
-s-Creating a soft link
CP Copy files or directories
-f-overwrite a file or directory with the same name without a reminder and directly force replication
-i-when overwriting a file or directory with the same name reminds the user to confirm
-p-preserve the permissions of the source file, the owner and the time tag when copying
-r-when replicating directories, which means recursively copying all files and subdirectories
RM is used to delete the specified file or directory
-f-Delete a file or directory without a reminder, and force delete directly
-i-remind users to confirm when deleting files or directories
-r-when deleting a directory, indicating recursive deletion of the entire directory tree
MV transfers the specified file or directory to the location, if the target location is the same as the source location, the effect is equivalent to renaming a file or directory
Which find the directory where the command files that the user executes are stored
Find file or directory
-name-based on the name of the target file, you can use "*" and "? "Pass-the-lose character
-size-search based on the size of the target file
-user-lookup based on whether the file belongs to the target user
-type-Search by file type (F/D/B/C)
View and retrieve files
1) Cat command-displays and connects the contents of the (concatenate) file
Example: View Cat/etc/sysconfig/network-scripts/ifcfg-eth0
Device=eth0//First NIC
Onboot=yes
Bootproto=none//define NIC, static or none; dynamic DHCP.
netmask=255.255.255.0//Subnet mask
ipaddr=192.168.4.11//ipv4 Address
gateway=192.168.4.254//Gateway
Type=ethernet//Type: Ethernet
View the contents of multiple files Cat/etc/redhat-release/proc/version
The former records the release information of Rhel system, the latter records the system kernel and development environment, time and other information.
2) More and less commands-paging to view the contents of a file
For example, split-screen view of the contents of the More/etc/httpd/conf/httpd.conf (Web site configuration file).
In this reading interface, you can press ENTER to scroll down by line, press SPACEBAR to scroll down a screen, press the B key up one screen, press the Q key to exit and return to the original command environment.
The more command can be combined with a pipe symbol "|" In addition to viewing the contents of a file in a split screen. Split-screen View the output information when the command is executed, which is particularly useful in situations where the command output is large.
For example, paging through the/etc/directory has those configuration files with the extension ". conf". The command is as follows:
ls–lh/etc/. conf | more
3) Head and Tail command-view part of the file at the beginning or the end
The "Head-n" head is the header (n is the exact number of rows). "Tail-n" tail look at the end, with "-F" to track dynamic updates.
For example: View the user account file/etc/passwd beginning from line 1th to line 4th of the content. Head-4/etc/passwd
For example: View the last ten lines of the system's public log file/var/log/messages and trace the contents of the new record in the file at the end (press CTRL + C to terminate). Tail-f/var/log/messages
Statistics and retrieval of file contents
1) WC command-information about the number of words in the statistics file content (Word count), number of lines, and so on
Parameters:?-c: Number of bytes in the content of the statistics file
?-L: Statistics the number of rows in a file's contents
?-W: Count the number of words in the file contents
The three options above are used by default when using the WC command without any parameter options.
For example, see how many rows are in the/etc/passwd file. Wc-l/etc/passwd
To count the total number of files in the/etc/directory that have the extension ". conf", you can go through the "Find/etc-name"The. conf "" command identifies the location of the file that matches the condition, and each line records the contents of a file. Find/etc-name "*.conf" | Wc-l
2) grep command-retrieve and filter file contents
Parameter:?-I: Case is ignored when finding content (Lgnore).
(option)?-V: Reverse lookup (invert), which outputs rows that do not match the lookup criteria.
For example: Execute "grep" ftp "/etc/passwd" command, in the account file/etc/passwd to find the line containing "FTP" string, actually output the user account named FTP information.
For example: Displays the lines that begin with "#" in the/etc/vsftpd/vsftpd.conf file, and what is outside the empty line. ($ represents a blank line). The command is as follows:
Grep-v "^#"/etc/yum.conf | Grep-v "^$"
Using the compression and decompression tools
1) gzip and Gunzip commands
Compressed files made with GZIP have the default extension of ". Gz". When making a compressed file, using the "9" option increases the compression ratio, but it can take more time when the file is larger.
gzip file or directory this is a. GZ compression. Unzip: Gzip–d file. gz or gunzip file. gz
2) bzip2 and BUNZIP2 commands are used in the same way as gzip, gunzip commands, and compressed files made with BZIP2 have the default extension ". bz2"
Several options for using the TAR Archive and release tool
?-C (lowercase): Creates (create), Tar-formatted package files.
?-C: Specifies the target folder to release when extracting.
?-F: Indicates the use of an archive file.
-j: Call the BZIP2 program for compression or decompression.
?-p (lowercase): Preserves file and directory permissions while packaging.
?-P: Preserves the absolute path to files and directories when packaged.
?-T: List to view the files within the package.
?-V: Output details (verbose).
?-X: Unzip the package file in. tar format.
?-Z: Call the gzip program for compression or decompression.
Command format: tar [options]??? Archive and compress file names for source files or directories that need to be archived???
For example, in the current directory, an archive compressed package named Sysfile.tar.gz is generated.
Tar zcf sysfile.tar.gz/etc/boot//sysfile.tar.gz archive for boot compression of etc
To use archive compression packages in the format ". tar.bz2", change the "-Z" option to "-j" option.
Recover data from archive file in lost format
tar [options]??? Archive and Compress file names [-C (uppercase) target directory]
For example: Restore data from the backup usershome.tar.bz2 and release it to the root directory (overwriting the existing file).
Tar jxf/tmp/usershome.tar.bz2-c/
Set the command alias for example: Point VI to the VIM program command as follows.
Alias vi= '/usr/bin/vim '
Which-a vi vim View the location of the command
VI Editor Mode of operation:
Command mode input mode last line mode
Basic operations in the command mode
1) Mode switching
? A: Insert content after the current cursor position.
? A: Inserts the content at the end of the line where the cursor is located (end of line).
? I: Insert content before the current cursor position.
? l: Inserts the content at the beginning of the line where the cursor is located (at the beginning).
? o: Inserts a new line after the cursor line.
? O: Insert a new line in front of the line where the cursor is located.
2) Move cursor
Page
? Use the PAGE DOWN key or the CTRL+F key to turn down a whole page of content.
? Use the page UP key or the CTRL+B key to flip up a full page of content.
The cursor moves up or down.
Quick Jump in line
? Press the Home key or the ^ key, the number 0 key to quickly jump to the beginning of the line.
? Press the end key or the key to quickly jump the cursor to the end of the line.
Quick Jump between rows
? Use the key command 1G or GG to jump to the 1th line of the file contents.
? Use the key command G to jump to the last line of the file.
? Use the key command #g to jump to the # # line in the file (where the "#" number is replaced with a specific number).
Last row use
": Set nu" command to display line numbers ": Set Nonu" command to suppress line numbers.
3) Copy, paste and delete
Delete operation
? Use the X key or the DEL key to delete a single character at the cursor.
? Use the key command DD to delete the current cursor line, using the form of #dd can also be deleted from the beginning of the cursor # line content (where "#" is replaced with a specific number).
? Use the key command d^ to delete all characters before the current cursor to the beginning of the line.
? Use the key command d$ to delete all characters at the end of the line at the current cursor.
Copy operation
? Use the key command yy to copy the contents of the entire row of the current line to the Clipboard, using the form of #yy, you can also copy the # line content (where the "#" number is replaced with a specific number) starting at the cursor. The copied content needs to be pasted before it can be used.
Paste operation
In the VI editor, the previous deleted or copied content will be saved to the Clipboard buffer, press the P (lowercase) key to paste the contents of the buffer at the cursor position, and press the P (uppercase) key until the cursor position.
4) Find File contents
In command mode, you can enter the specified character channeling after pressing the/key, starting at the current cursor and looking backwards (? Looking forward).
5) Retreat Edit and save and exit
When editing the contents of a file, it is sometimes necessary to undo some of the errors of editing, which you can use by pressing the U,u key.
When you save the current file contents and exit the VI editor, you can press the ZZ command.
Basic operations in the last-line mode
- Save file: W For example: Save the current to the/root directory, the file name is NewFile. : W/root/newfile
- Exit editor ": Q" command. "Q!" command to forcibly exit.
- Save and exit. ": Wq" or ": X".
- Open a new file for editing ": E"
- Read other file contents in the current file ": R"
Replace file contents
: [Replace Range] Sub/old content/new content [/g]
%: Find and replace the entire file content.
N,m: Find and Replace in file contents within the specified number of lines.
The "/g" section at the very end is also optional, indicating that all matching results for each row in the replacement range are replaced, and omitting "/g" will replace only the first matching result in each row.
For example: Replace the "Initdefault" character in line 5th to 15th of the document with "DEFAULT".
Command:: 5,15 sub/initdefault/default/g
If all the "5,15" is replaced by "%", the% is all.
The relationship between Linux commands and applications
The execution files of the application commands are mostly small and are usually placed in the/bin and/sbin directories. For internal commands, it is often integrated within a bash program rather than executing files independently.
The command file is typically installed together with the operating system to assist in the management of the operating system itself.
The command line is most suitable for general formatting in the form of command word option parameters.
The command is only run in the character operator interface.
The application's execution files are usually placed in directories such as/usr/bin,/usr/sbin, and/usr/local/bin,/usr/local/sbin, and so on.
? Applications generally need to be installed outside of the operating system, providing relatively independent operating system functionality, sometimes equivalent to the concept of "software".
? The application generally does not have a fixed execution format, which is defined by the program developer itself.
The application may use a graphical interface in various forms.
? Some applications provide executable files that can be run in the same format as Linux commands, so they are often referred to as program commands.
The composition of the Linux application
? normal executable Program files. Generally stored in the "/usr/bin" directory, ordinary users can execute.
? server programs, hypervisor files. Generally saved in the "/usr/sbin" command, only the administrator can execute.
? configuration file. Typically saved in the "/etc" command, the corresponding subdirectory is established when more profiles are available.
? log file. Typically saved in the "/var/log" directory.
? data about the application's reference documentation. Typically saved in the "/usr/share/doc/" directory.
The man manual page that executes the file and the configuration file. Typically saved in the "/usr/share/man/" directory.
Execute the "rpm-ql postfix" command to see a list of directories and files that the Postfix package installs in the system.
Package Types for Packages
? RPM Package: This package file has an extension of ". RPM" and can only be installed in a Linux operating system using the RPM mechanism.
? Deb Package: This package file has the extension ". Deb" and can only be installed in a Linux operating system using the DPKG mechanism.
? source code Package: This package when the programmer developed the original code, is generally made into ". tar.gz", ". tar.bz2" and other format of the compressed package file, because most of the tar command is packaged, called "TarBall", need to use the corresponding compilation tool, such as the C language compiler in Linux, GCC.
? Package with Installer: This package has a different extension, but it is mostly thrown in tarball format.
For example: Mount the RHEL6.5 DVD-ROM device and view the bash and fontconfig-devel packages in it.
Mkdir-p/media/cdrom//Establish CD Mount location
Mount/dev/cdrom/media/cdrom//mount the optical device to this file
cd/media/cdrom/packges///Enter into the CD-ROM installation package
LS-LH BashFontconfig-develDisplay with opening letter installation package
Using the RPM package to manage commands--rpm
The "man RPM" command provides detailed help for the rpm command.
Three types of functions:? query, verify information about RPM packages.
Install, upgrade, and uninstall RPM packages.
Maintain integrated management operations such as RPM database information.
1) Query the installed RPM package information
Q: Whether a package that queries a known name is already installed
? QC: Displays the configuration file for the specified package installation
? QD: Displays only documentation files for the specified package installation
? QA: Displays a list of all software installed on the current system in rpm
? Qi: View Details (--info) of the name, version, license Agreement, purpose description, and so on for the specified package.
? QL: Displays all directories, file lists (--list) that are installed on the current system for the specified package.
? QF: To see which package (--file) is installed by the specified file or directory.
Example: Rpm-qa | Wc-l//Can count the number of RPM packages. A row represents one.
Rpm-qa | Grep-i Samba//query if a package named "Samba" is installed, the query is not case-sensitive.
Rpm-q elinks Lynx//query If you have installed elinks and lynx packages
Rpm-qi elinks//Learn about ELinks software package summary information
RPM-QL wget//List of directories and files for wget package installation
which vim//Find out the VIM program location
/usr/bin/vim//Location
Rpm-qf/usr/bin/vim//learned that the Vim editor program was generated when the Vim-enhanced software package was installed.
2) Query the RPM package file for relevant information
QPi: View details about the name, version, license Agreement, purpose description, and so on for the specified package.
QPL: Check the package for all target directories, file lists to be installed.
Install, upgrade, and uninstall RPM packages
?-I: Install a new RPM package in the current system
?-e: Uninstall the package with the specified name
?-U: Checks and upgrades a package in the system, which is equivalent to the "-i" option if the package is not originally installed.
?-F: Checks for and updates a package in the system and discards the installation if the package is not originally installed.
--force: You can use this option when you force a package to be installed, when you need to replace a currently installed package and file, or when you install a software that is older than the version of the software you are currently using.
--nodeps: When installing or upgrading, uninstalling a package, the dependencies of other packages are not checked.
?-H: During the installation or upgrade of the package, the "#" sign displays the installation progress.
?-V: Displays detailed information during the software installation process.
1) installation, upgrade packages often use the "-IVH" combination of options to understand the installation process information, timely tracking the installation progress.
2) The uninstall package mainly uses the "-e" option.
Maintain RPM Database
1) Rebuild RPM database rpm--REBUILDDB or RPM--INITDB
2) Import verify public key RPM--import/media/cdrom/rpm-gpg-key-redhat-release//import in the CD directory
Compiling the installer from source code
Several scenarios where source code compilation is required
? When installing a newer version of an application? When a program is currently installed that does not meet the application requirements? When adding new features to an application
Compiling the source code GCC and make are the best C + + language compilers.
Basic procedures for compiling and installing
Download the source code installation package file: Step 1 Tar Unpack
Purpose: Unpack and unpack the source code package. Release to the specified directory, waiting for compilation
Step 2:/configure configuration
Purpose: Set the target folder for installation, select the function module to install, etc.
Step 3 Make Compile
Purpose: Changes the source code to an executable binary based on the previous step configuration
Step 4 Make install installation
Purpose: Copy the compiled binaries to the system and set the application environment
Example: 1 unpacking tar zxf httpd-2.2.15.tar.gz-c/usr/src///extract to/usr/src/directory
2 configuration cd/usr/src/httpd-2.2.15.tar.gz///Enter into the extracted directory
?/configure--prefix=/usr/local/apache//install to the specified file directory
3 Compiling and installing make && make install
vim/usr/local/apache/conf/httpd.conf//Enter the 97th line of text to remove the # number and launch Apache
/usr/local/apache/bin/apachectl start
Manage user accounts and group accounts
User account: Superuser (Root) general user program user
Group account: A group of users is formed by grouping multiple users together based on a particular connection. Each user account belongs to at least one group, which is the base group (or private group) of the user, and if the user also includes other groups, these groups are called additional groups (or public groups) for that user.
UID and GID number
UID (user Identity), which indicates that the user is unique. The UID number of the root user account is fixed value 0, and the UID number of the program user account defaults to 1~499,500~60000 UID number is assigned to normal user by default.
GID (group Identity, set Identifier). Indicates that the group is unique. The GID number of the root group account is fixed value 0, and the GID number of the program group account defaults to 1~499,500~60000, which is assigned to the normal group by default.
User account File:
There are two main configuration files related to user account,/etc/passwd,/etc/shadow, respectively. The former is used to save the user name, host directory, login shell and other basic information, the latter is used to save the user's password, account validity and other information.
Example: 1) configuration line format in the passwd file (one row represents a user)
Teacher:x:500:500:teacher:/home/teacher:/bin/bash used ":" to divide the meaning of seven paragraphs
? The 1th field: the name of the user account and the distinguished name used when logging on to the system.
? The 2nd field: The encrypted user password string, or the password placeholder "x".
? The 3rd field: The UID number of the user account.
The 4th field: The GID number of the account that belongs to the base group.
? The 5th field: The user's full name, you can fill in the user-related description information.
? 6th field: The host directory, which is the default working directory where the user is logged on.
? The 7th field: Login Shell and other information, the user to complete the use of the shell after login.
2) Shadow (one line on behalf of a user)
The shadow file is also known as a "shadow file", which holds the password information for each user's account, so access to the shadow file should be strictly restricted. By default, only the root user can read the contents of the file, but not directly edit the contents of the file.
Root:$1$55hb4hhghfj$695gfdjg753:14374:0:9999:7::: With ":" divided by 9 paragraphs, the meaning
? 1th field: User account name.
The 2nd field: Use MD5 encrypted password string information when it is "*" or "!! "Indicates that this user cannot log on to the system. If the field content is empty, the user can log on to the system without a password.
? 3rd field: The last time the password was modified, representing the number of days from January 01, 1970 to the most recent password change interval.
The 4th field: the minimum effective number of days for a password, which must be passed at least once after the password has been modified in order to change the password again. The default value is 0, which means no restrictions are made.
? 5th field: The maximum effective number of days for a password, after which the password must be changed again after that number of days. The default value is 99999, which means no restrictions are made.
? 6th field: How many days in advance warning the user password will expire, the default value is 7.
? field 7th: The user is disabled within days after the password expires.
? 8th field: Account Expiration time, this field specifies the number of days that the user expires, the default value is empty, indicating that the account is permanently available.
? 9th field: Reserved field, currently no specific purpose.
Add, delete, and modify user accounts
In the RHEL6 system, use the Useradd command to add the tasks that the user account mainly accomplishes:
Add a record of the user's account at the end of the/etc/passwd file and the/etc/shadow file.
If the user's host directory is not explicitly specified, a host directory with the same name as the user account is automatically created in the/home directory, and the user's various initial profiles are established in that directory.
If you do not explicitly specify the group to which the user belongs, a basic group account with the same name as the user account is created automatically, and the record information for the group account is saved to the/etc/group,/etc/gshadow file.
1) Useradd command--Add user account: Useradd [options] Username
?-u: Specifies the uid of the user, which requires that the UID number is not used by another user.
?-D: Specifies the user's host directory location (not valid when used with-m).
?-e: Specifies the user's account expiration time, which can be used in the YYYY-MM-DD date format.
?-G: Specify the user's base group name (or use the GID number).
?-G: Specify the user's additional group name (or use the GID number).
?-M: Do not establish the host directory, even if the host directory is set up in the/etc/login.defs system configuration.
?-S: Specifies the user's login shell.
For example: Create a secondary Admin Account admin, specify its basic group as "wheel", the additional group is "root", and the host directory is designated as "/admin". useradd-d/admin-g wheel-g Root admin
Create an FTP account named B_down (disable terminal login), the account will expire in 2020-12-31.
Useradd-e 2020-12-31-s/sbin/nologin B_down
2) passwd command--set password for user account: passwd [option] Username
?-D: Clears the password for the specified user and logs in to the system using only the user name.
?-L: Locks the user account.
?-S: View the status of the user account (whether locked).
?-U: Unlocks user accounts.
3) Usermod command--Modify user account properties
?-u: Modifies the UID number of the user.
?-D: Modifies the user's host directory location.
?-e: Modifies the user's account expiration time and can use the YYYY-MM-DD date format.
?-G: Modifies the user's base group name (or uses the GID number).
?-G: Modifies the user's additional group name (or use the GID number).
?-S: Specifies the user's login shell.
?-L: Change the login name of the user account (login).
?-L: Locks the user account.
?-U: Unlocks user accounts.
For example, transfer the host directory of the Admin user from/admin to/home/admin.
mv/admin/home///Convert directory First
usermod-d/home/admin Admin//In the specified directory location, followed by the account name
4) Userdel command--delete user account
?-r: You can delete the host directory at the same time.
Initial configuration file for user account:
After adding a new user account, the Useradd command establishes some initial profiles in the user's host directory, which are from the account template directory "/etc/skel", which are basically hidden files, and the more commonly used initial profiles include ". Bash_logout", ". Bash_profile ",". BASHRC ". Where the directory in the ". Bashrc_profile" file is executed each time the user logs on, the commands in the ". BASHRC" file are executed every time the "/bin/bash" program is loaded (including, of course, the login system); ". Bash_logout" The commands in the file will be executed each time the user exits the login.
Group account Management
- Group account files: There are two profiles associated with the group account, respectively,/etc/group,/etc/gshadow. The former is used to save the group account name, GID number, group members and other basic information, the latter is used to save the group account of the encrypted password string and other information.
For example, learn which user members are included in the root group and which groups contain root users.
grep "^root"/etc/group//retrieves which users are included in the root group
grep "root"/etc/group//retrieves which groups include the root user
- Add, delete, modify group accounts
1) Groupadd Command--Add group account
2) GPASSWD command--Add, set, delete group members (also set the group password)
When you need to add or remove member users, you can use the "-a" and "-D" options respectively.
For example: Add the Member user Mike to the root group, and delete the member user webmaster.
Gpasswd-a Mike Root gpasswd-d webmaster Root
Groups Mike//confirm Mike Join the Group groups Webmaster//Confirm webmaster user has exited
You can use the "-M" option if you need to specify all member users of the group account at the same time.
For example: Specify the group account ADM Root, adm, daemon, webmaster, Mike these five member users.
Gpasswd-m Root,adm,daemon,webmaster,mike ADM//Add these five users to the ADM group.
grep "^adm"/etc/group//See if Join succeeded
3) groupdel--Delete group account format: Groupdel Group name
Enquiry Account Information
- Groups command--query the group to which the user account belongs
- id--querying the identity of the user account
- Finger command--Query login properties of user account
W, users, who--query the current host user logon situation
Managing the properties of directories and files
In the security model of the Linux file system, two properties are assigned to files (or directories) in the system: access rights and file owners, referred to as "permissions" and "Attribution". Among them, access rights include read, write, executable three basic types, attribution includes the owner (the user account that owns the file), belongs to the group (the group account that owns the file). The Linux system controls the process by which the user accesses the data based on the access rights and attribution of the file or directory.
To view the properties of a directory and a file
For example: [[email protected] ~]# LS-LD/ETC/ETC/PASSWD//List Detailed properties of/etc/directory and/etc/passwd file
Drwxr-xr-x. 119 root Root 12288 May 9 17:33/etc
-rw-r-r--. 1 root root 1678 May 9 17:33/etc/passwd
In the above output information, the data of the 3 and 4 fields respectively represents the owner and genus of the file (or directory), and the "/etc" and "/etc/passwd" files listed above belong to the root user, the root group, and the data in the 1th field represents the access rights of the file (or directory), such as " Drwxr-xr-x "and"-rw-r-r--".
The permission fields are made up of four parts, each of which has the meanings described below.
The 1th character: Indicates the type of the file, which can be D (directory), B (block device file), C (character device file), "-" (normal file), letter "L" (linked file), etc.
? 2nd ~ characters: Represents the owner (user) of the file's access rights to the file.
? The 5th to 7th character: represents the user (group) access to the file within the group.
? The 8th to 10th character: represents the access rights of any other user (other) to the file.
? 11th character: Here's "." There is no need to be concerned about SELinux.
When you represent a user or other user who has access to the file, it uses three different permission characters: R, W, X, respectively, which are readable, writable, and executable. If you need to remove the corresponding permission, use "-" to indicate. For example, the root user has a readable, writable, executable full permission (r W x) for the "/etc" directory, and any other user has only a readable executable permission (r–x) for the "/etc" directory, and the root user has a readable, writable permission (r W-) for the "/etc/passwd" file. Each user within the root group has only read access to the "/etc/passwd" file (r--).
权限 文件 目录
(4) R viewing the contents of a File View directory contents (display subdirectories, file list)
(2) W Modify the contents of the file to modify the contents of the directory (new, move, delete files or subdirectories in the directory)
(1) x Execute the file (program or script) Execute C d command to enter or exit the directory
Set permissions for directories and files
When you use the chmod command to set permissions for a file or directory, the basic command format is:
Chmod [Agoa ...] [+-=] [rwx] File or project .....
Or
Chmod nnn file or directory ...
You need to set the permissions for all subdirectories and files in a directory to the same value, and chmod is easily implemented with the "-r" option. Example: Chmod-r 644/var/ftp/pub
In the above format, the character combination "[Ugoa ...] [+-=] [RWX] "or a combination of numbers" nnn "represents the permission mode to be set. where "nnn" is the specific permission value that needs to be set, such as "755" "644" and so on; "[Ugoa ...] [+-=] In the form of [rwx], the meanings and usages of the three components are described below.
?“ Ugoa "indicates the user class to which this permission setting is directed. "U" represents the owner of the document, "G" represents the user within the group, "O" represents any other user, "A" represents all users (sum of u, G, O).
?“ +-= "represents an action action that sets permissions. "+" means to increase the appropriate permissions, "-" means to reduce the corresponding permissions, "=" to set only the corresponding permissions.
?“ R W X "is a character combination of permissions and can also be used for splitting, such as" R "," R X ", and so on.
To set the attribution of directories and files
Need to set the file or directory attribution, mainly through the chown command. You can set only the owner or the genus Group, or you can set both the owner and the genus. Use the basic format of the Chown command.
Chown owner [: [Genus]] file or directory .....
When you set the owner and the group, the user name and group name are separated by a colon ":". If you only set up a group, you use the form ": Group name". If you only need to set the directory or the owner of the file, directly to the user name for attribution, recursive modification of directory attribution can be used with the "-r" option.
For example: Change the owner of the/var/ftp/pub/directory from root to FTP (the user FTP will have "R W x" permissions after the adjustment).
Chown-r ftp/var/ftp/pub
Change the owner of the Mymkdir file to daemon, the genus group to wheel.
Chown daemon:wheel/opt/wwwroot/
LINUX6 basic Commands