User Management,

Source: Internet
Author: User

User Management,
Chapter 1 view other ip Methods ip1.1 ip address = ip

View All Nic information.

[Root @ znix ~] # Ip

1: lo: <LOOPBACK, UP, LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN

Link/loopback 00: 00: 00: 00: 00: 00 brd 00: 00: 00: 00: 00: 00

Inet 127.0.0.1/8 scope host lo

Inet6: 1/128 scope host

Valid_lft forever preferred_lft forever

2: eth0: <BROADCAST, MULTICAST, UP, LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

Link/ether 00: 0c: 29: a8: e4: 14 brd ff: ff

Inet 10.0.0.201/24 brd 10.0.0.255 scope global eth0

Inet6 fe80: 20c: 29ff: fea8: e414/64 scope link

Valid_lft forever preferred_lft forever

1.2 ip address show eth0 = ip a s eth0

View the information of the first ENI.

[Root @ znix ~] # Ip a s eth0

2: eth0: <BROADCAST, MULTICAST, UP, LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

Link/ether 00: 0c: 29: a8: e4: 14 brd ff: ff

Inet 10.0.0.201/24 brd 10.0.0.255 scope global eth0

Inet6 fe80: 20c: 29ff: fea8: e414/64 scope link

Valid_lft forever preferred_lft forever

1.3 ip route = ip r

View the gateway.

[Root @ znix ~] # Ip r

10.0.0.0/24 dev eth0 proto kernel scope link src 10.0.0.201

169.254.0.0/16 dev eth0 scope link metric 1002

Default via 10.0.0.2 dev eth0

Chapter 2 vi/vim Common Errors 2nd swap file exist errors 2.1.1 causes

When editing the file, the system suddenly exits, the network is disconnected, and the power is down.

2.1.2 error message

Found a swap file by the name ". 1.swp"

......

Swap file ". 1.swp" already exists!

[O] pen Read-Only, (E) dit anyway, (R) ecover, (D) elete it, (Q) uit, (A) bort:

2.1.3 Solution

(E) dit anyway to continue editing ignore this error

(R) ecover replies to the content not saved just now and continues editing

(D) elete it deletes this temporary file

Solution for versions earlier than 2.1.4 6.x

". 1.swp": Find the. swp hidden file with the same name as the edited file.

Chapter 4 User Management 3rd User Classification

Type UID

Root 0

Virtual user 1-499

When a virtual user is running, each service/process in the system must have a user and a home.

500 + ordinary users

3.1.1 two common Shells

/Bin/bash default command interpreter for common users

/Sbin/nologin used by virtual users

3.2 user-related configuration files

[Root @ znix ~] # Ll/etc/passwd/etc/shadow/etc/group/etc/gshadow

-Rw-r -- 1 root 648 Sep 12 12:05/etc/group user group information

---------- 1 root 529 Sep 12/etc/gshadow user group password

-Rw-r -- 1 root 1271 Sep 12 12:05/etc/passwd user information

---------- 1 root 936 Sep 12/etc/shadow User Password

3.2.1/etc/passwd file details

[Root @ znix ~] # Head-1/etc/passwd

Root: x: 0: 0: root:/bin/bash

Username: the original password storage location: UID: GID: Description: Home Directory: shell (command interpreter)

Chapter 4 User-related directories 4.1.1/etc/skel

The/etc/skel directory is a template for adding a new user's hometown under linux.

4.1.2 create a new user process

The three hidden files in the new user's home directory are the same as those in/etc. skel.

[Root @ znix skel] # useradd alex888

[Root @ znix skel] # su-alex888

[Alex888 @ znix ~] $ Ll-

Total 20

Drwx ------ 2 alex888 alex888 4096 Sep 12.

Drwxr-xr-x. 6 root 4096 Sep 12 :18 ..

-Rw-r -- 1 alex888 alex888 18 Mar 23 08:15. bash_logout

-Rw-r -- 1 alex888 alex888 176 Mar 23. bash_profile

-Rw-r -- 1 alex888 alex888 124 Mar 23. bashrc

 

4.1.3 file details under the/etc/skel directory

[Root @ znix skel] # ll-a/etc/skel/

Total 20

Drwxr-xr-x. 2 root 4096 Aug 10.

Drwxr-xr-x. 78 root 4096 Sep 12 :18 ..

-Rw-r --. 1 root 18 Mar 23 08:15. bash_logout

-Rw-r --. 1 root 176 Mar 23 08:15. bash_profile

-Rw-r --. 1 root 124 Mar 23 08:15. bashrc

 

. Bash_logout the content in this file is run when the user logs out.

. Bash_profile environment variable

. Bashrc stores user aliases

4.2-bash-4.1 $ error solution 4.2.1 cause

Because the files related to environment variables in the user's home directory are deleted

. Bash_profile

. Bashrc

4.2.2 Solution

Step 1 switch to this user

[Root @ znix skel] # su-alex888

Bash-4.1 $

Step 2 copy the file under/etc/skel (. bash * hides the file)

Note: When copying hidden files, use. bash *.

-Bash-4.1 $ cp/etc/skel/. bash *~

-Bash-4.1 $ ll-

Total 24

Drwx ------ 2 alex888 alex888 4096 Sep 12.

Drwxr-xr-x. 6 root 4096 Sep 12 :18 ..

-Rw ------- 1 alex888 alex888 23 Sep 12 10:25. bash_history

-Rw-r -- 1 alex888 alex888 18 Sep 12 :27. bash_logout

-Rw-r -- 1 alex888 alex888 176 Sep 12. bash_profile

-Rw-r -- 1 alex888 alex888 124 Sep 12. bashrc

Step 3 Exit and reconnect

-Bash-4.1 $ logout

[Root @ znix skel] # su-alex888

[Alex888 @ znix ~] $

 

4.3. * extremely dangerous

. * Match when searching ..

.. Is the parent directory

Try to be as accurate as possible when operating files. bash *

Chapter 4 User-related commands 5th Add User useradd5.1.1 useradd and adduser

[Root @ znix home] # ls-l 'which useradd adduser'

Lrwxrwxrwx. 1 root 7 Aug 10 18:36/usr/sbin/adduser-> useradd

-Rwxr-x ---. 1 root 111320 May 11 2016/usr/sbin/useradd

5.1.2 description of useradd Parameters

-C: Add instructions

-U indicates the uid of the user.

-S: Specify the default command interpreter/bin/bash/sbin/nologin when adding a user

-M: do not create a home directory

-When you add a user to g, a home with the same user name will be created by default.

5.1.3 add user-specified uid to 666 prohibit user from logging on to the system and not creating home directories

[Root @ znix ~] # Useradd znix-u 666-M-s/sbin/nologin

[Root @ znix ~] # Grep znix/etc/passwd

Znix: x: 666: 666:/home/znix:/sbin/nologin

[Root @ znix ~] # Id znix

Uid = 666 (znix) gid = 666 (znix) groups = 666 (znix)

5.1.4/etc/login. defs controls the user's default information

The/etc/login. defs file defines user restrictions that match/etc/password and/etc/shadow. This file is required and missing does not affect the system usage, but may produce unexpected errors.

If the/etc/shadow file has the same options, the setting in/etc/shadow prevails. That is to say, the configuration priority of/etc/shadow is higher than that of/etc/login. defs.

5.1.5 basic information when adding a user (default information)

[Root @ znix ~] # Cat/etc/default/useradd

# Useradd defaults file

GROUP = 100

HOME =/home

INACTIVE =-1

EXPIRE =

SHELL =/bin/bash

SKEL =/etc/skel

CREATE_MAIL_SPOOL = yes

5.2 delete user userdel5.2.1 method 1 comment/etc/passwd

In/etc/passwd, add # comment on this line before this user line.

Try not to use userdel to delete users. Unexpected errors may occur.

5.2.2 Delete common error messages from users

[Root @ znix ~] # Userdel alex888

Userdel: user alex888 is currently used by process 23823

Tip: the user is in use by the 23823 process.

Step 1 check the process

[Root @ znix ~] # Ps-ef | grep 23864

Alex888 23864 23863 0 00:00:00 pts/1-bash

Root 23885 23718 0 00:00:00 pts/0 grep -- color = auto 23864

Step 2 force the process kill-9

[Root @ znix ~] # Kill-9 23864

Step 3 check whether this process exists

[Root @ znix ~] # Ps-ef | grep 23864

Root 23923 23904 0 00:00:00 pts/1 grep -- color = auto 23864

#Another prompt in the login window

[Alex888 @ znix ~] $ Killed

[Root @ znix ~] #

Step 4: delete a user. If there are no processes in use, no error will be reported if the user is deleted.

[Root @ znix ~] # Userdel alex888

5.2.3 common parameters

Userdel does not delete home directories and mailboxes by default.

-R: delete all user-Related Files

#########Try not to use userdelTo delete a user.

5.3 modify user information usermod5.3.1 view user information

[Root @ znix ~] # Grep znix/etc/passwd

Znix: x: 666: 666: znix super:/home/znix:/sbin/nologin

5.3.2 Add instructions to users

[Root @ znix ~] # Usermod-c "Super User" znix

[Root @ znix ~] # Grep znix/etc/passwd

Znix: x: 666: 666: Super User:/home/znix:/sbin/nologin

5.3.3 let users belong to new families

[Root @ znix ~] # Id znix

Uid = 666 (znix) gid = 666 (znix) groups = 666 (znix)

[Root @ znix ~] # Usermod-g root znix

[Root @ znix ~] # Id znix

Uid = 666 (znix) gid = 0 (root) groups = 0 (root)

5.3.4 the user belongs to multiple families (additional groups)

[Root @ znix ~] # Id znix

Uid = 666 (znix) gid = 666 (znix) groups = 666 (znix)

[Root @ znix ~] # Usermod-G root, oldboy znix

[Root @ znix ~] # Id znix

Uid = 666 (znix) gid = 666 (znix) groups = 666 (znix), 0 (root), 500 (oldboy)

5.3.5 common usermod Parameters

-C modify description information

-S: Modify the user's command interpreter

-G: let users belong to new families.

-G users belong to multiple families (additional groups)

5.4 passwd Change User Password 5.4.1 Interactive Modification

[Root @ znix ~] # Passwd znix

Changing password for user znix.

New password:

Bad password: it is too simplistic/systematic

Bad password: is too simple

#It indicates that the password is too weak.

Retype new password:

Passwd: all authentication tokens updated successfully.

Enter the password twice in interactive mode.

Only one user's password can be modified at a time

5.4.2 set a non-interactive password -- stdin

[Root @ znix ~] # Echo 123456 | passwd -- stdin oldboy

Changing password for user oldboy.

Passwd: all authentication tokens updated successfully.

5.5 password management software

Keeppass

Record password to hard disk (Local Management)

Lastpass

Other users who store passwords in online software (cloud Management)

Unified AD management

Dynamic Password

5.6 make the system more secure 5.6.1 Method

View logs/var/log/secure and find failed for analysis

Chattr + I + a adds file system permissions to main files

Fingerprint Encryption

5.6.2 fingerprint encryption md5sum command

The encrypted information changes as long as the file content is variable.

Step 1: Create a fingerprint for a file

[Root @ znix ~] # Md5sum oldboy.txt

058c5119928950d06f48d901a101511a oldboy.txt

Step 2: add the fingerprint to a file.

[Root @ znix ~] # Md5sum oldboy.txt> list.txt

Step 3: Check the file correctly. OK is displayed. Inconsistent display: Failed

[Root @ znix ~] # Md5sum-c list.txt

Oldboy.txt: OK

[Root @ znix ~] #> Oldboy.txt

[Root @ znix ~] # Md5sum-c list.txt

Oldboy.txt: FAILED

Md5sum: WARNING: 1 of 1 computed checksum did NOT match

BecauseFile relative pathThe fingerprint file must be in the same file as the target file.

5.7 [enterprise interview questions] 5.7.1 add three stu01, stu02, and stu03 users in batches, and set 123456 (for, while, and other cycles are prohibited)

[Root @ znix ~] # Echo stu {01 .. 3} | xargs-n1-exec useradd

Add Password

[Root @ znix ~] # Echo 123456 | passwd -- stdin stu01 stu02 stu03

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.