733 cat /etc/passwd
737 cat /etc/group
738 cat /etc/shadow
739 groupadd admin
740 tail /etc/group
741 head /etc/group
742 groupadd -g 1313 sales 743 tail /etc/group
744 groupdel admin
745 tail /etc/group 746 groupmod -n cloud sales
747 tail /etc/group
748 groupmod -g 1212 cloud
749 tail /etc/group
752 useradd testuser1
753 tail /etc/passwd
754 grep 1002 /etc/group
755 tail /etc/group
756 cat /etc/shells
760 useradd -u 2424 -g cloud -G wheel,gdm,ntp -c "010-111-1111" -s /bin/csh testuser2 761 tail /etc/passwd
762 tail /etc/group
763 mkdir /oracledb
765 useradd -r -s /sbin/nologin -d /oracledb ora
766 tail /etc/passwd
769 ll /home/ 770 userdel -r testuser1
771 userdel testuser2
772 ll /home/ 773 cd testuser2
774 cd /home
> userdel -r 옵션을 사용하지 않으면 user는 삭제되지만, directory는 남아있다.
[root@station14 home]# ll /home/
total 0
drwx------. 6 guru guru 199 Apr 10 15:52 guru
drwx------. 3 2424 cloud 78 Apr 12 10:11 testuser2
drwx------. 5 visitor visitor 128 Apr 10 10:59 visitor
> -nouser는 계정정보가 없는 것들을 출력해줌
[root@station14 home]# find /home/ -nouser /home/testuser2
/home/testuser2/.mozilla
/home/testuser2/.mozilla/extensions
/home/testuser2/.mozilla/plugins
/home/testuser2/.bash_logout
/home/testuser2/.bash_profile
/home/testuser2/.bashrc
> -nouser를 활용해서 rm -rf 명령어를 실행
[root@station14 /]# find /home -nouser -exec rm -rf {} \;
find: ‘/home/testuser2’: No such file or directory
[root@station14 home]# ll
total 0
drwx------. 6 guru guru 199 Apr 10 15:52 guru
drwx------. 5 visitor visitor 128 Apr 10 10:59 visitor
[root@station14 home]# useradd testuser3
[root@station14 home]# tail /etc/passwd
avahi:x:70:70:Avahi mDNS/DNS-SD Stack:/var/run/avahi-daemon:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
chrony:x:990:984::/var/lib/chrony:/sbin/nologin
tcpdump:x:72:72::/:/sbin/nologin
oprofile:x:16:16:Special user account to be used by OProfile:/var/lib/oprofile:/sbin/nologin
guru:x:1000:1000:guru:/home/guru:/bin/bash
visitor:x:1001:1001::/home/visitor:/bin/bash
ora:x:989:983::/oracledb:/sbin/nologin
testuser3:x:1002:1002::/home/testuser3:/bin/bash
[root@station14 home]# usermod -u 3333 -g cloud -G wheel,gdm -s /bin/csh testuser3
[root@station14 home]# tail /etc/passwd
avahi:x:70:70:Avahi mDNS/DNS-SD Stack:/var/run/avahi-daemon:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
chrony:x:990:984::/var/lib/chrony:/sbin/nologin
tcpdump:x:72:72::/:/sbin/nologin
oprofile:x:16:16:Special user account to be used by OProfile:/var/lib/oprofile:/sbin/nologin
guru:x:1000:1000:guru:/home/guru:/bin/bash
visitor:x:1001:1001::/home/visitor:/bin/bash
ora:x:989:983::/oracledb:/sbin/nologin
testuser3:x:3333:1212::/home/testuser3:/bin/csh
[root@station14 home]# id testuser3
uid=3333(testuser3) gid=1212(cloud) groups=1212(cloud),10(wheel),42(gdm)
[root@station14 home]# chage -l testuser3
Last password change : Apr 12, 2023
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7
> -M: 패스워드 최대사용기간, -m : 패스워드 최소사용기간, -I : 유예기간
> -E : expire(유효기간 : 저날까지만 근무하는 알바생이라 가정)
[root@station14 home]# chage -M 60 -m 10 -W 5 -I 30 -E 2023-12-31 testuser3;
[root@station14 home]# chage -l testuser3;
Last password change : Apr 12, 2023
Password expires : Jun 11, 2023
Password inactive : Jul 11, 2023
Account expires : Dec 31, 2023
Minimum number of days between password change : 10
Maximum number of days between password change : 60
Number of days of warning before password expires : 5
> 패스워드 관련 설정파일
/etc/login.defs
/etc/default/useradd
/etc/skel
[root@station14 home]# vi /etc/login.defs
25 PASS_MAX_DAYS 60
26 PASS_MIN_DAYS 10
27 PASS_MIN_LEN 5 -- 패스워드 최소 길이
28 PASS_WARN_AGE 7
31 # Min/max values for automatic uid selection in useradd
32 #
33 UID_MIN 10000
34 UID_MAX 60000
35 # System accounts
36 SYS_UID_MIN 201
37 SYS_UID_MAX 999
38
39 #
40 # Min/max values for automatic gid selection in groupadd
41 #
42 GID_MIN 20000
43 GID_MAX 60000
44 # System accounts
45 SYS_GID_MIN 201
46 SYS_GID_MAX 999
60 CREATE_HOME yes --해당 user의 홈디렉토리 만들 것인가?
[root@station14 home]# vi /etc/default/useradd
1 # useradd defaults file
2 GROUP=100
3 HOME=/home -- home 디렉토리는 SKEL 디렉토리 내용을 그대로 복사해서 user의 홈디렉토리에 만들어짐
4 INACTIVE=-1 -- 30으로 수정 (값 -1 : 유예기간이 무한대, 30: 유예기간 30일)
5 EXPIRE=
6 SHELL=/bin/bash
7 SKEL=/etc/skel
8 CREATE_MAIL_SPOOL=yes
> skel디렉토리와 testuser3의 홈디렉토리 비교 -> 똑같다.
[root@station14 home]# ll -a /home/testuser3 /etc/skel
/etc/skel:
total 24
drwxr-xr-x. 3 root root 78 Apr 8 05:24 .
drwxr-xr-x. 138 root root 8192 Apr 12 11:08 ..
-rw-r--r--. 1 root root 18 Dec 7 2016 .bash_logout
-rw-r--r--. 1 root root 193 Dec 7 2016 .bash_profile
-rw-r--r--. 1 root root 231 Dec 7 2016 .bashrc
drwxr-xr-x. 4 root root 39 Apr 8 05:24 .mozilla
/home/testuser3:
total 12
drwx------. 3 testuser3 cloud 78 Apr 12 10:56 .
drwxr-xr-x. 5 root root 50 Apr 12 10:56 ..
-rw-r--r--. 1 testuser3 cloud 18 Dec 7 2016 .bash_logout
-rw-r--r--. 1 testuser3 cloud 193 Dec 7 2016 .bash_profile
-rw-r--r--. 1 testuser3 cloud 231 Dec 7 2016 .bashrc
drwxr-xr-x. 4 testuser3 cloud 39 Apr 8 05:24 .mozilla
> skel에 수정하면 반영이 될까?
[root@station14 home]# mkdir /etc/skel/Homepage
[root@station14 home]# touch /etc/skel/Manual.txt
[root@station14 home]# cp ~/.vimrc /etc/skel
> group, user 추가
[root@station14 home]# groupadd hdmi
[root@station14 home]# useradd -g hdmi matrix
> matrix 유저의 패스워드 설정
[root@station14 home]# passwd matrix
Changing password for user matrix.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
> matrix 유저 확인
[root@station14 home]# id matrix
uid=10000(matrix) gid=20000(hdmi) groups=20000(hdmi)
> passward 설정한 거 확인
[root@station14 home]# chage -l matrix
Last password change : Apr 12, 2023
Password expires : Jun 11, 2023
Password inactive : Jul 11, 2023
Account expires : never
Minimum number of days between password change : 10
Maximum number of days between password change : 60
Number of days of warning before password expires : 7
> matrix 유저 홈디렉토리 확인
[root@station14 home]# ll -a /home/matrix
total 16
drwx------. 4 matrix hdmi 126 Apr 12 11:18 .
drwxr-xr-x. 6 root root 64 Apr 12 11:18 ..
-rw-r--r--. 1 matrix hdmi 18 Dec 7 2016 .bash_logout
-rw-r--r--. 1 matrix hdmi 193 Dec 7 2016 .bash_profile
-rw-r--r--. 1 matrix hdmi 231 Dec 7 2016 .bashrc
drwxr-xr-x. 2 matrix hdmi 6 Apr 12 11:17 Homepage
-rw-r--r--. 1 matrix hdmi 0 Apr 12 11:17 Manual.txt
drwxr-xr-x. 4 matrix hdmi 39 Apr 8 05:24 .mozilla
-rw-r--r--. 1 matrix hdmi 14 Apr 12 11:17 .vimrc
> 소유 owner, group 변경
[root@station14 home]# touch /tmp/a.txt
[root@station14 home]# ll /tmp/a.txt
-rw-r--r--. 1 root root 0 Apr 12 11:45 /tmp/a.txt
[root@station14 home]# chown ora /tmp/a.txt
[root@station14 home]# ll /tmp/a.txt
-rw-r--r--. 1 ora root 0 Apr 12 11:45 /tmp/a.txt
[root@station14 home]# chgrp hdmi /tmp/a.txt
[root@station14 home]# ll /tmp/a.txt
-rw-r--r--. 1 ora hdmi 0 Apr 12 11:45 /tmp/a.txt
> 한번에 변경도 가능
[root@station14 home]# chown root:wheel /tmp/a.txt
[root@station14 home]# ll /tmp/a.txt
-rw-r--r--. 1 root wheel 0 Apr 12 11:45 /tmp/a.txt
> ls -l => -rw-r--r--. 1 root wheel 0 Apr 12 11:45 /tmp/a.txt
-rw-r--r--
첫번째자리 -)
-: 일반파일
d: directory
l: 링크파일
b,c,s,p: /dev에서 보이는 특수 디렉토리파일
b: block device (dvd..)
c : character device(terminal, modem, printer능
두번째 rw-)
root유저는 rw가능
w 퍼미션: 파일 편집이 가능하다는 말. 삭제가 된다는 것을 의미하는 건 아님
x 퍼미션: 실행할 명령어를 쭉 적어둔 파일을 실행시켜서 파일 내 명령어 실행되도록 하는 파일을 쉘 스크립트함, 즉 파일을 명령어 처럼 사용하겠다. 이럴 때 x 퍼미션을 붙임.
세번째 r--)
wheel의 유저들은 r가능
네번째 r--)
나머지유저들은 r가능
> 공유목적으로 chmod 777로 설정하면, 문제가 될 수 있다. (아무나 다 삭제할 수 있는 권한이 생기게 되므로) -> 원소유자만 삭제할 수 있는 권한을 걸겠다.
u+s => 4ooo
g+s => 2ooo
o+t => 1ooo
[root@station14 home]# ll -d /oracledb
drwxr-xr-x. 2 root root 6 Apr 12 10:13 /oracledb
[root@station14 home]# chmod 1777 /oracledb
[root@station14 home]# ll -d /oracledb
drwxrwxrwt. 2 root root 6 Apr 12 10:13 /oracledb
[root@station14 home]# touch myapp
[root@station14 home]# ll myapp
-rw-r--r--. 1 root root 0 Apr 12 14:18 myapp
[root@station14 home]# chmod 4755 myapp (--> u+s)
[root@station14 home]# ll myapp
-rwsr-xr-x. 1 root root 0 Apr 12 14:18 myapp
[root@station14 home]# chmod g+s myapp
[root@station14 home]# ll myapp
-rwsr-sr-x. 1 root root 0 Apr 12 14:18 myapp
> umask
[root@station14 home]# umask
0022 -> 0:특수 퍼미션에 마스크 없음 0:소유자에 마스크 없음 2:소유그룹에 w마스크 씌움 2:이외사용자들에게 w마스크 씌움
> umask 수정
[root@station14 home]# umask 027
[root@station14 home]# umask
0027
> lab 해보기 6-15
study log