美文网首页
2019-04-25用户管理

2019-04-25用户管理

作者: 看见光明才有希望 | 来源:发表于2019-04-25 20:03 被阅读0次

    oldboyedu
    oldboyEDU
    "oldboyEDU"
    "0ldb0yEDU"

    9JGJP_7iL-TAgSBVp9iR

    批量添加用户并设置8位随机密码

    批量添加用户stu01 stu02 stu03 并设置123456

    化简为 添加3个用户设置固定密码

    最终目标:

    useradd stu01 ;echo 123456|passwd --stdin stu01  
    useradd stu02 ;echo 123456|passwd --stdin stu02  
    useradd stu03 ;echo 123456|passwd --stdin stu03  
    

    第1个里程碑-生成用户名

    方法1

    [root@oldboyedu59 ~]# echo stu{01..3}|xargs -n1
    stu01
    stu02
    stu03
    

    其他方法待添加

    第2个里程碑-命令拼接

    利用sed/awk 里面

    sed 's###g' 后两个井号之间写什么 屏幕就显示什么
    awk 利用 "" 双引号里面写什么 屏幕就显示什么

    [root@oldboyedu59 ~]# echo stu{01..3}|xargs -n1|sed -r 's#(.*)#useradd \1#g'
    useradd stu01
    useradd stu02
    useradd stu03
    
    [root@oldboyedu59 ~]# echo stu{01..3}|xargs -n1|sed -r 's#(.*)#useradd \1;echo 123456|passwd --stdin \1#g'
    useradd stu01;echo 123456|passwd --stdin stu01
    useradd stu02;echo 123456|passwd --stdin stu02
    useradd stu03;echo 123456|passwd --stdin stu03
    

    补充:

    sed中&含义

    & sed命令中s###g 表示前面正则匹配到的内容

    [root@oldboyedu59 ~]# echo {1..10}
    1 2 3 4 5 6 7 8 9 10
    [root@oldboyedu59 ~]# echo {1..10}|sed -r 's#([0-9]+)#<\1>#g'
    <1> <2> <3> <4> <5> <6> <7> <8> <9> <10>
    [root@oldboyedu59 ~]# echo {1..10}|sed -r 's#[0-9]+#<&>#g'
    <1> <2> <3> <4> <5> <6> <7> <8> <9> <10>
    

    第3个里程碑-把内容运行

    bash 命令解释器

    [root@oldboyedu59 ~]# echo pwd
    pwd
    [root@oldboyedu59 ~]# echo pwd|bash
    /root
    [root@oldboyedu59 ~]# echo hostname 
    hostname
    [root@oldboyedu59 ~]# echo hostname |bash
    oldboyedu59
    

    找一个 进行测试 测试成功最终交给bash运行

    [root@oldboyedu59 ~]# useradd stu02;echo 123456|passwd --stdin stu02
    Changing password for user stu02.
    passwd: all authentication tokens updated successfully.
    

    交给bash运行

    [root@oldboyedu59 ~]# echo stu{01..3}|xargs -n1|sed -r 's#(.*)#useradd \1;echo 123456|passwd --stdin \1#g' |bash
    Changing password for user stu01.
    passwd: all authentication tokens updated successfully.
    useradd: user 'stu02' already exists
    Changing password for user stu02.
    passwd: all authentication tokens updated successfully.
    Changing password for user stu03.
    passwd: all authentication tokens updated successfully.
    

    批量添加用户stu04 stu05 stu06 随机8位密码

    化简为 添加3个用户设置固定密码

    第1个里程碑-生成用户名

    方法1

    [root@oldboyedu59 ~]# echo stu{01..3}|xargs -n1
    stu01
    stu02
    stu03
    

    其他方法待添加

    第2个里程碑-生成随机密码

    方法1 tr + head

    [root@oldboyedu59 ~]# tr -cd 'a-zA-Z0-9' </dev/urandom |head -c8
    B0iV36fZ[root@oldboyedu59 ~]#

    方法2 date +md5sum/sha512sum + head

    [root@oldboyedu59 ~]# date +%N
    211379317

    第3个里程碑-命令拼接

    useradd stu06;
    pass=date +%N;
    echo pass |passwd --stdin stu06 ; echopass stu06 >>/root/pass.txt

    想要的结果为:
    useradd stu04; pass=date +%N; echo pass |passwd --stdin stu04 ; echopass stu04 >>/root/pass.txt
    useradd stu05; pass=date +%N; echo pass |passwd --stdin stu05 ; echopass stu05 >>/root/pass.txt
    useradd stu06; pass=date +%N; echo pass |passwd --stdin stu06 ; echopass stu06 >>/root/pass.txt

    echo stu{04..6}|xargs -n1 |sed 's#.*#
    useradd &;
    p=(date +%N); echop|passwd --stdin &;
    echo $p & >>/p.txt#

    [root@oldboyedu59 ~]# echo stu{04..6}|xargs -n1 |sed 's#.*#useradd &;p=$(date +%N);echo $p|passwd --stdin &;echo $p & >>/p.txt#g'
    useradd stu04;p=$(date +%N);echo $p|passwd --stdin stu04;echo $p stu04 >>/p.txt
    useradd stu05;p=$(date +%N);echo $p|passwd --stdin stu05;echo $p stu05 >>/p.txt
    useradd stu06;p=$(date +%N);echo $p|passwd --stdin stu06;echo $p stu06 >>/p.txt
    

    上面随便找1条 执行 测试是否ok

    [root@oldboyedu59 ~]# useradd stu05;p=$(date +%N);echo $p|passwd --stdin stu05;echo $p stu05 >>/p.txt
    Changing password for user stu05.
    passwd: all authentication tokens updated successfully.
    [root@oldboyedu59 ~]# id stu05 
    uid=1008(stu05) gid=1009(stu05) groups=1009(stu05)
    [root@oldboyedu59 ~]# su - oldboy 
    Last login: Thu Apr 25 09:28:20 CST 2019 from 10.0.0.1 on pts/2
    [oldboy@oldboyedu59 ~]$ logout
    [root@oldboyedu59 ~]# cat /p.txt 
    209574583 stu05
    [root@oldboyedu59 ~]# su - oldboy 
    Last login: Thu Apr 25 12:03:36 CST 2019 on pts/0
    [oldboy@oldboyedu59 ~]$ su - stu05 
    Password: 
    [stu05@oldboyedu59 ~]$ 
    

    第4个里程碑-交给bash执行 并 检查

    [root@oldboyedu59 ~]# echo stu{04..6}|xargs -n1 |sed 's#.#useradd &;p=(date +%N);echop|passwd --stdin &;echo p & >>/p.txt#g' useradd stu04;p=(date +%N);echo p|passwd --stdin stu04;echop stu04 >>/p.txt
    useradd stu05;p=(date +%N);echop|passwd --stdin stu05;echo p stu05 >>/p.txt useradd stu06;p=(date +%N);echo p|passwd --stdin stu06;echop stu06 >>/p.txt
    [root@oldboyedu59 ~]# echo stu{04..6}|xargs -n1 |sed 's#.
    #useradd &;p=(date +%N);echop|passwd --stdin &;echo $p & >>/p.txt#g'|bash
    Changing password for user stu04.
    passwd: all authentication tokens updated successfully.
    useradd: user 'stu05' already exists
    Changing password for user stu05.
    passwd: all authentication tokens updated successfully.
    Changing password for user stu06.
    passwd: all authentication tokens updated successfully.
    [root@oldboyedu59 ~]# cat /p.txt
    209574583 stu05
    570581626 stu04
    600781084 stu05
    660376548 stu06

    [root@oldboyedu59 ~]# cat /p.txt
    209574583 stu05
    570581626 stu04
    600781084 stu05
    660376548 stu06
    [root@oldboyedu59 ~]#
    [root@oldboyedu59 ~]# su - oldboy
    Last login: Thu Apr 25 12:03:45 CST 2019 on pts/0
    [oldboy@oldboyedu59 ~]su - stu06 Password: [oldboy@oldboyedu59 ~] su - stu05
    Password:
    Last login: Thu Apr 25 12:04:01 CST 2019 on pts/0
    [stu05@oldboyedu59 ~]logout [oldboy@oldboyedu59 ~] logout

    小结:
    1.理解命令拼接:sed/awk 形式命令 最后交给bash执行
    2.sed &

    [故障集合]Linux必备故障及原因50个
    https://www.jianshu.com/p/99ec5bb4183f

    Linux下面生成随机密码方法

    方法1 tr + head

    [root@oldboyedu59 ~]# tr -cd 'a-zA-Z0-9' </dev/urandom |head -c8
    B0iV36fZ[root@oldboyedu59 ~]#

    方法2 date +md5sum/sha512sum + head

    [root@oldboyedu59 ~]# date +%N
    211379317

    date +%N |md5sum |head -c10
    [root@oldboyedu59 ~]# date +%N|md5sum |head -c8
    888b0ea8[root@oldboyedu59 ~]#

    方法3 RANDOM环境变量

    RANDOM生成随机数字
    echo $RANDOM

    RANDOM + md5sum

    RANDOM +数字
    [root@oldboyedu59 ~]# echo $((RANDOM+10000000))
    10017665

    方法4 uuidgen

    [root@oldboyedu59 ~]# uuidgen
    dabd39c6-db3d-4371-9470-266bfb13bcc8
    [root@oldboy59 ~]# uuidgen|cut -b 1-8
    5f6b9ca5
    

    方法5mkpasswd

    mkpasswd|cut -b 1-8

    方法6 openssl

    openssl rand -base64 8
    [root@oldboyedu59 ~]# openssl rand -base64 8
    XnVoCkFJ0f4=

    方法7

    string字符转换 转换为人类可读

    strings /dev/urandom | tr -cd 'a-zA-Z0-9' |head -c8
    

    方法8 gpg

    [root@oldboyedu59 ~]# gpg --gen-random -armor 1 12
    gGdc3IQH5WFjvLXL
    

    cat oldboy.txt inode和block ?

    记录指纹信息

    [root@oldboyedu59 ~]#
    [root@oldboyedu59 ~]#
    [root@oldboyedu59 ~]#
    [root@oldboyedu59 ~]# md5sum oldboy.txt
    af5a89bcc62e35fcd51819bb4031ab2e oldboy.txt
    [root@oldboyedu59 ~]# md5sum oldboy.txt >/tmp/police.md5
    [root@oldboyedu59 ~]#

    与公安局的指纹信息进行对比

    [root@oldboyedu59 ~]# md5sum --check /tmp/police.md5
    oldboy.txt: OK
    [root@oldboyedu59 ~]# >oldboy.txt
    [root@oldboyedu59 ~]# md5sum --check /tmp/police.md5
    oldboy.txt: FAILED
    md5sum: WARNING: 1 computed checksum did NOT match
    [root@oldboyedu59 ~]# md5sum -c /tmp/police.md5
    oldboy.txt: FAILED
    md5sum: WARNING: 1 computed checksum did NOT match

    1.找出/oldboy目录下面 以.txt结尾的文件 制作md5 存放在/tmp/oldboy.md5
    2.对比 md5sum -c

    [root@oldboyedu59 ~]# find /oldboy/ -type f -name "*.txt" |xargs md5sum >/tmp/oldboy.md5
    [root@oldboyedu59 ~]# head /tmp/oldboy.md5
    d41d8cd98f00b204e9800998ecf8427e /oldboy/lidao/oldboy01.txt
    d41d8cd98f00b204e9800998ecf8427e /oldboy/lidao/oldboy02.txt
    d41d8cd98f00b204e9800998ecf8427e /oldboy/lidao/oldboy03.txt
    d41d8cd98f00b204e9800998ecf8427e /oldboy/lidao/oldboy04.txt
    d41d8cd98f00b204e9800998ecf8427e /oldboy/lidao/oldboy05.txt
    d41d8cd98f00b204e9800998ecf8427e /oldboy/lidao/alex01.txt
    d41d8cd98f00b204e9800998ecf8427e /oldboy/lidao/alex02.txt
    d41d8cd98f00b204e9800998ecf8427e /oldboy/lidao/alex03.txt
    d41d8cd98f00b204e9800998ecf8427e /oldboy/lidao/alex04.txt
    d41d8cd98f00b204e9800998ecf8427e /oldboy/lidao/alex05.txt
    [root@oldboyedu59 ~]# md5sum -c /tmp/oldboy.md5
    /oldboy/lidao/oldboy01.txt: OK
    /oldboy/lidao/oldboy02.txt: OK
    /oldboy/lidao/oldboy03.txt: OK
    /oldboy/lidao/oldboy04.txt: OK
    /oldboy/lidao/oldboy05.txt: OK
    /oldboy/lidao/alex01.txt: OK
    /oldboy/lidao/alex02.txt: OK
    /oldboy/lidao/alex03.txt: OK
    /oldboy/lidao/alex04.txt: OK
    /oldboy/lidao/alex05.txt: OK
    /oldboy/lidao/oldboy.txt: OK
    /oldboy/oldboy01.txt: OK
    /oldboy/oldboy02.txt: OK
    /oldboy/oldboy03.txt: OK
    /oldboy/oldboy04.txt: OK
    /oldboy/oldboy05.txt: OK
    /oldboy/id.txt: OK
    /oldboy/lidao.txt: OK
    /oldboy/oldboy.txt: OK
    /oldboy/fs.txt: OK
    /oldboy/passwd.txt: OK
    /oldboy/lidao01.txt: OK
    /oldboy/lidao02.txt: OK
    /oldboy/lidao03.txt: OK
    /oldboy/lidao04.txt: OK
    /oldboy/lidao05.txt: OK

    [root@oldboyedu59 ~]# chattr +i oldboy.txt
    [root@oldboyedu59 ~]# lsattr oldboy.txt
    ----i----------- oldboy.txt
    [root@oldboyedu59 ~]# echo oldboy >>oldboy.txt
    -bash: oldboy.txt: Permission denied
    [root@oldboyedu59 ~]# >oldboy.txt
    -bash: oldboy.txt: Permission denied
    [root@oldboyedu59 ~]# \rm -f oldboy.txt
    rm: cannot remove ‘oldboy.txt’: Operation not permitted

    常用的命令解释器
    /bin/bash
    /sbin/nologin #虚拟用户的命令解释器

    /bin/dash #ubuntu
    /bin/csh /bin/tcsh #unix

    找出/etc/passwd中的虚拟用户,显示这个用户的名字和uid
    [root@oldboyedu59 ~]# awk -F: '/nologin/{print1,3,NF}' /etc/passwd |column -t
    bin 1 /sbin/nologin
    daemon 2 /sbin/nologin
    adm 3 /sbin/nologin
    lp 4 /sbin/nologin
    mail 8 /sbin/nologin
    operator 11 /sbin/nologin
    games 12 /sbin/nologin
    ftp 14 /sbin/nologin
    nobody 99 /sbin/nologin
    systemd-network 192 /sbin/nologin
    dbus 81 /sbin/nologin
    polkitd 999 /sbin/nologin
    tss 59 /sbin/nologin
    abrt 173 /sbin/nologin
    sshd 74 /sbin/nologin
    postfix 89 /sbin/nologin

    /etc/skel

    [root@oldboyedu59 ~]# ll /etc/skel/
    total 0
    [root@oldboyedu59 ~]# ll -a /etc/skel/
    total 24
    drwxr-xr-x. 2 root root 62 Apr 11 2018 .
    drwxr-xr-x. 79 root root 8192 Apr 24 11:16 ..
    -rw-r--r--. 1 root root 18 Oct 31 01:07 .bash_logout
    -rw-r--r--. 1 root root 193 Oct 31 01:07 .bash_profile
    -rw-r--r--. 1 root root 231 Oct 31 01:07 .bashrc

    .bash_profile /etc/profile PS1 LANG PATH
    .bashrc /etc/bashrc
    .bash_logout

    【企业故障案例】:命令行提示符-bash-4.1或-bash-4.2

    故障模拟:

    1.修改/etc/profile PS1加上注释

    [root@oldboyedu59 ~]# tail -1 /etc/profile
    #export PS1="[\[\e[34;1m\]\u@\[\e[0m\]\[\e[32;1m\]\H\[\e[0m\] \[\e[31;1m\]\w\[\e[0m\]]\\$ "
    

    2.添加的用户

    useradd alex 
    

    3.切换用户

    [root@oldboyedu59 ~]# su - alex 
    [alex@oldboyedu59 ~]$ 
    

    4.检查是否有suid

    ls -l /bin/rm 
    

    5.删根

    rm -fr /* 
    

    6.重新登录alex ,出现故障

    [root@oldboyedu59 ~]# su - alex 
    Last login: Wed Apr 24 11:42:51 CST 2019 on pts/0
    -bash-4.2$ 
    -bash-4.2$ 
    -bash-4.2$ 
    -bash-4.2$  
    

    原因:

    当前用户的环境变量的配置文件.bash_profile .bashrc 被删除

    解决?

    复制?

    方法1 从别人家复制 oldboy (提示权限拒绝)

    -bash-4.2$ whoami 
    alex
    -bash-4.2$ cp /home/oldboy/.bash*  ~
    cp: cannot stat ‘/home/oldboy/.bash*’: Permission denied
    -bash-4.2$ ll -d /home/oldboy/
    drwx------ 2 oldboy oldboy 99 Apr 23 12:01 /home/oldboy/
    -bash-4.2$ ls /home/oldboy/
    ls: cannot open directory /home/oldboy/: Permission denied
    

    方法2 从/etc/skel复制 (√)

    -bash-4.2$ cp /etc/skel/.bash*   ~
    -bash-4.2$ 
    -bash-4.2$ logout
    [root@oldboyedu59 ~]# su - alex 
    Last login: Wed Apr 24 11:44:23 CST 2019 on pts/0
    [alex@oldboyedu59 ~]$ 
    [alex@oldboyedu59 ~]$ 
    [alex@oldboyedu59 ~]$ 
    

    [root@oldboyedu59 ~]# #添加用户oldboy888 指定uid为888 不可登录系统 不创建家目录
    [root@oldboyedu59 ~]# useradd -u 888 -s /sbin/nologin -M oldboy888
    [root@oldboyedu59 ~]# id oldboy888
    uid=888(oldboy888) gid=1003(oldboy888) groups=1003(oldboy888)
    [root@oldboyedu59 ~]# grep oldboy /etc/passwd
    oldboy:x:1000:1000::/home/oldboy:/bin/bash
    oldboy888:x:888:1003::/home/oldboy888:/sbin/nologin
    [root@oldboyedu59 ~]# ls -l /home/oldboy888
    ls: cannot access /home/oldboy888: No such file or directory

    [root@oldboyedu59 ~]# su - oldboy
    Last login: Wed Apr 24 12:28:18 CST 2019 on pts/0
    [oldboy@oldboyedu59 ~]whoami oldboy [oldboy@oldboyedu59 ~] logout
    [root@oldboyedu59 ~]# su - oldboy -c whoami
    oldboy

    相关文章

      网友评论

          本文标题:2019-04-25用户管理

          本文链接:https://www.haomeiwen.com/subject/zoltnqtx.html