Start points of Linux System Management

Article Title: basic start point of Linux system management. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.

1. At the user account management level, whether it is Linux or Windows, it is a top priority for user account management, because it is the first entry to the system, as an O & M personnel, you must have a clear understanding of the basic management of user accounts, the permissions of user accounts, and the permissions of user accounts. When a user cannot access the system again, the user's account must be disabled. An unused user account is unnecessary. Otherwise, it may be your first nightmare to wake up one morning. Of course, before deleting an account, you need to back up all the files under this account and transfer them to other locations.

Learn how to manage user accounts under the character command line. In Linux, how to use the VI editor to operate on/etc/passwd or directly use user account management commands such as addusr and deleusr, use the newgrp command to add the user account to the new group, as well as the property commands chown and chgrp. The complexity and effectiveness of passwords also need to be very clear. is a temporary user account a permanent user account?

In Linux, the root account has unlimited authority and master the killing power of the entire system file ^ _ ^. Therefore, it is very important to avoid using the root account directly as much as possible, maintenance of the root account is also a key issue. For some related operations, you can set the sudo user to improve this situation. Here, remember several files that must be protected:/etc/passwd file,/etc/shadow file,/etc/group file.

2. As a qualified SA, security and log management must be able to identify the cause of the fault based on the system fault. Generally, the system records the fault and writes it to the log. The Linux system is usually under/var/log/, such as message (including system startup information ), wtmp (Records of user logon and system exit), lastlog (including the user's last logon information), these logs need to be checked frequently to maintain access permissions.

Large log files should be separated by specialized tools or self-compiled scripts, such as apache's log segmentation tool cronolog, which can be divided by date or level. For log files that are longer in time, archive and back up the files and transfer them to other media to avoid disk space waste. If you cannot use tools or manually edit scripts for segmentation, you can use multiple file name suffixes for rotation (for example, log.1 log.2 ...... Log.7 ).

[1] [2] Next page