第五周day3.png
1、用户管理方面的理解:
1.1useradd创建用户与usermod修改用户的一些细节理解:
1、useradd 添加用户信息(后面的参数可以自定义,和usermod没啥区别)
2、usermod 修改用户信息 ((后面的参数可以自定义,和useradd没啥区别)
3、useradd和usermod唯一区别就是在于一个对于没有的用户,一个对于已存在的用户;
1.2指纹认证:
#######1.2.1记录指纹信息
[root@oldboyedu59 ~]# md5sum oldboy.txt
af5a89bcc62e35fcd51819bb4031ab2e oldboy.txt
#######1.2.2把指纹定向进入文件里面:
[root@oldboyedu59 ~]# md5sum oldboy.txt >/tmp/police.md5
#######1.2.3进行指纹对比:
[root@oldboyedu59 ~]# md5sum -c /tmp/police.md5
oldboy.txt: OK(表示成功)
#######1.2.4指纹对比失败举例:
[root@oldboyedu59 ~]# >oldboy.txt
[root@oldboyedu59 ~]# md5sum -c /tmp/police.md5
oldboy.txt: FAILED
md5sum: WARNING: 1 computed checksum did NOT match
#######1.2.5题目实例:
1.找出/oldboy目录下面 以.txt结尾的文件 制作md5 存放在/tmp/oldboy.md5
2.对比 md5sum -c
[root@oldboyedu59 ~]# find /oldboy/ -type f -name "*.txt" |xargs md5sum >/tmp/oldboy.md5
[root@oldboyedu59 ~]# head /tmp/oldboy.md5
d41d8cd98f00b204e9800998ecf8427e /oldboy/lidao/oldboy01.txt
d41d8cd98f00b204e9800998ecf8427e /oldboy/lidao/oldboy02.txt
d41d8cd98f00b204e9800998ecf8427e /oldboy/lidao/oldboy03.txt
d41d8cd98f00b204e9800998ecf8427e /oldboy/lidao/oldboy04.txt
d41d8cd98f00b204e9800998ecf8427e /oldboy/lidao/oldboy05.txt
d41d8cd98f00b204e9800998ecf8427e /oldboy/lidao/alex01.txt
d41d8cd98f00b204e9800998ecf8427e /oldboy/lidao/alex02.txt
d41d8cd98f00b204e9800998ecf8427e /oldboy/lidao/alex03.txt
d41d8cd98f00b204e9800998ecf8427e /oldboy/lidao/alex04.txt
d41d8cd98f00b204e9800998ecf8427e /oldboy/lidao/alex05.txt
[root@oldboyedu59 ~]# md5sum -c /tmp/oldboy.md5
/oldboy/lidao/oldboy01.txt: OK
/oldboy/lidao/oldboy02.txt: OK
/oldboy/lidao/oldboy03.txt: OK
/oldboy/lidao/oldboy04.txt: OK
/oldboy/lidao/oldboy05.txt: OK
/oldboy/lidao/alex01.txt: OK
2、文件隐藏权限的修改的用用法:
[root@oldboyedu59 ~]# chattr +i oldboy.txt
[root@oldboyedu59 ~]# lsattr oldboy.txt
----i----------- oldboy.txt
[root@oldboyedu59 ~]# echo oldboy >>oldboy.txt
-bash: oldboy.txt: Permission denied
[root@oldboyedu59 ~]# >oldboy.txt
-bash: oldboy.txt: Permission denied
[root@oldboyedu59 ~]# \rm -f oldboy.txt
rm: cannot remove ‘oldboy.txt’: Operation not permitted
3、找出/etc/passwd中的虚拟用户,显示这个用户的名字和uid
[root@oldboyedu59 ~]# awk -F: '/nologin$/{print $1,$3,$NF}' /etc/passwd |column -t
bin 1 /sbin/nologin
daemon 2 /sbin/nologin
adm 3 /sbin/nologin
lp 4 /sbin/nologin
mail 8 /sbin/nologin
operator 11 /sbin/nologin
games 12 /sbin/nologin
ftp 14 /sbin/nologin
nobody 99 /sbin/nologin
4、 /etc/skel (系统在创建用户家目录的时候,会自动在这个目录下复制下面的文件,给用户创建新家):
4.1 /etc/skel 内容:
[root@oldboyedu59 ~]# ll -a /etc/skel/
total 24
drwxr-xr-x. 2 root root 62 Apr 11 2018 .
drwxr-xr-x. 79 root root 8192 Apr 24 11:16 ..
-rw-r--r--. 1 root root 18 Oct 31 01:07 .bash_logout
-rw-r--r--. 1 root root 193 Oct 31 01:07 .bash_profile
-rw-r--r--. 1 root root 231 Oct 31 01:07 .bashrc
4.2、【企业故障案例】:命令行提示符-bash-4.1
#######4.2.1故障模拟:
1.修改/etc/profile PS1加上注释
[root@oldboyedu59 ~]# tail -1 /etc/profile
#export PS1="[\[\e[34;1m\]\u@\[\e[0m\]\[\e[32;1m\]\H\[\e[0m\] \[\e[31;1m\]\w\[\e[0m\]]\\$ "
2.添加的用户
useradd alex
3.切换用户
[root@oldboyedu59 ~]# su - alex
[alex@oldboyedu59 ~]$
4.检查是否有suid
ls -l /bin/rm
5.删根
rm -fr /*
6.重新登录alex ,出现故障
[root@oldboyedu59 ~]# su - alex
Last login: Wed Apr 24 11:42:51 CST 2019 on pts/0
-bash-4.2$
-bash-4.2$
-bash-4.2$
-bash-4.2$
#######4.2.2解决方法:
从/etc/skel复制 (√)
-bash-4.2$ cp /etc/skel/.bash* ~
-bash-4.2$
-bash-4.2$ logout
[root@oldboyedu59 ~]# su - alex
Last login: Wed Apr 24 11:44:23 CST 2019 on pts/0
[alex@oldboyedu59 ~]$
[alex@oldboyedu59 ~]$
[alex@oldboyedu59 ~]$
5、创建用户实例:
5.1、添加用户oldboy888 指定uid为888 不可登录系统 不创建家目录
[root@oldboyedu59 ~]# useradd -u 888 -s /sbin/nologin -M oldboy888
[root@oldboyedu59 ~]# id oldboy888
uid=888(oldboy888) gid=1003(oldboy888) groups=1003(oldboy888)
[root@oldboyedu59 ~]# grep oldboy /etc/passwd
oldboy:x:1000:1000::/home/oldboy:/bin/bash
oldboy888:x:888:1003::/home/oldboy888:/sbin/nologin
[root@oldboyedu59 ~]# ls -l /home/oldboy888
ls: cannot access /home/oldboy888: No such file or directory
网友评论