1. Arrange the User Group
2. sort sudo command
3. Finishing the user can not log passwd file
4. permissions rwx ------ chmod chown cases
5. Other commands - su find du etc.
Users and user groups
Relevant documents for users in: / usr / sbin / * the User
[root@aliyun ~]# ll /usr/sbin/user* -rwxr-x---. 1 root root 118192 Nov 6 2016 /usr/sbin/useradd -rwxr-x---. 1 root root 80360 Nov 6 2016 /usr/sbin/userdel -rwxr-x---. 1 root root 113840 Nov 6 2016 /usr/sbin/usermod -rwsr-xr-x 1 root root 11296 Apr 13 2017 /usr/sbin/usernetctl
For user group related files in: / usr / sbin / Group *
[root@aliyun ~]# ll /usr/sbin/group* -rwxr-x---. 1 root root 65480 Nov 6 2016 /usr/sbin/groupadd -rwxr-x---. 1 root root 57016 Nov 6 2016 /usr/sbin/groupdel -rwxr-x---. 1 root root 57064 Nov 6 2016 /usr/sbin/groupmems -rwxr-x---. 1 root root 76424 Nov 6 2016 /usr/sbin/groupmod
Can print out the PATH, will find / user / sbin have been added in the PATH environment, and can use these commands from any location of the host
[aliyun in to the root @ ~ ] # echo out the $ the PATH / Opt Out / module The / jdk1. 8 0144 /-bin: / to slash usr / local / the sbin: / to slash usr / local /-bin: / to slash usr / the sbin: / to slash usr /-bin: / in to the root /-bin
demand:
1. Add user hadoop
2. Delete the user hadoop
3. Re-create hadoop user to simulate a user loses style, and style correction
4. Create bigdata user group, and add hadoop user into this group of users
5. Modify bigdata of main group hadoop
1. Add user hadoop
[root@aliyun ~]# useradd hadoop [root@aliyun ~]# id hadoop uid=1000(hadoop) gid=1000(hadoop) groups=1000(hadoop)
2. Delete the user hadoop
Use the help command to view the userdel command
[root@aliyun ~]# userdel --help Usage: userdel [options] LOGIN Options: -f, --force force some actions that would fail otherwise e.g. removal of user still logged in or files, even if not owned by the user -h, --help display this help message and exit -r, --remove remove home directory and mail spool -R, --root CHROOT_DIR directory to chroot into -Z, --selinux-user remove any SELinux user mapping for the user
Will find the -r option is to delete the home directory
Here we choose to delete the user's home directory is not deleted when
[root@aliyun ~]# userdel hadoop [root@aliyun ~]# id hadoop id: hadoop: no such user
[root@aliyun home]# cat /etc/passwd | grep ruoze
[root@aliyun home]# cat /etc/group | grep ruoze
The group only because hadoop hadoop user, when the user deletes the group will check on his own, will be automatically deleted
3. Re-create hadoop user to simulate a user loses style, and style correction
3.1 Creating user hadoop
[root@aliyun ~]# useradd hadoop useradd: warning: the home directory already exists. Not copying any file from skel directory into it. Creating mailbox file: File exists [root@aliyun ~]# id hadoop uid=1000(hadoop) gid=1000(hadoop) groups=1000(hadoop)
3.2 simulate a user loses style
[hadoop@aliyun ~]$ ll -a .bash* -rw-r--r-- 1 hadoop hadoop 18 Dec 7 2016 .bash_logout -rw-r--r-- 1 hadoop hadoop 193 Dec 7 2016 .bash_profile -rw-r--r-- 1 hadoop hadoop 231 Dec 7 2016 .bashrc [hadoop@aliyun ~]$ rm -rf .bash*
[aliyun the root @ ~] # SU - Hadoop switch user # Last Login: the Sun-Nov . 17 09 : 29 : 10 CST 2019 ON PTS / 0 -bash- 4.2 $ # style user lost
3.3 correction pattern ( there are only root privileges to copy )
[root@aliyun ~]# ll -a /etc/skel/ total 20 drwxr-xr-x. 2 root root 4096 Aug 18 2017 . drwxr-xr-x. 81 root root 4096 Nov 17 09:27 .. -rw-r--r-- 1 root root 18 Dec 7 2016 .bash_logout -rw-r--r-- 1 root root 193 Dec 7 2016 .bash_profile -rw-r--r-- 1 root root 231 Dec 7 2016 .bashrc
[root@aliyun ~]# cp /etc/skel/ .bash* /home/hadoop/
cp: omitting directory ‘/etc/skel/’
[aliyun the root @ ~] # SU - Hadoop back Style # Last Login: the Sun-Nov . 17 09 : 33 is : 39 CST 2019 ON PTS / 2 [Hadoop aliyun @ ~] $
4. Create bigdata user group, and add hadoop user into this group of users
[root@aliyun ~]# groupadd bigdata [root@aliyun ~]# usermod -a -G bigdata hadoop [root@aliyun ~]# id hadoop uid=1000(hadoop) gid=1000(hadoop) groups=1000(hadoop),1001(bigdata)
5. Modify bigdata is a group of the hadoop
View command to help find a command to change the user belongs to the group of
-g, --gid GROUP force use GROUP as new primary group
[aliyun the root @ ~] # the usermod - G # is forcibly changed with BigData Hadoop is a group [the root aliyun @ ~ ] ID # Hadoop UID = 1000 (Hadoop) GID = 1001 (with BigData) Groups = 1001 (with BigData)
sudo command
sudo command is to allow ordinary users with root user privileges
Files add ordinary user with root privileges is: / etc / sudoers
90 ## Allow root to run any commands anywhere 91 root ALL=(ALL) ALL 92 hadoop ALL=(root) NOPASSWD:ALL #新添加的内容
Users can not log on to modify the passwd file
Prior to simulate the user can not log in, the first documentation management of user information is: / etc / passwd
[root@aliyun ~]# tail -3 /etc/passwd redis:x:996:994:Redis Database Server:/var/lib/redis:/sbin/nologin mysqladmin:x:514:101::/usr/local/mysql:/bin/bash hadoop:x:1000:1001::/home/hadoop:/bin/bash
Note that after the last colon is the user's login rights
demand:
1. Analog user's login privilege is / bin / false, modify, and log
2. Analog user's login privilege is / sbin / nologin, modify, and log
1. Analog user's login privilege is / bin / false, modify, and log
1.1 analog user's login privilege is / bin / false
[root@aliyun ~]# cat /etc/passwd | grep hadoop hadoop:x:1000:1001::/home/hadoop:/bin/false
1.2 tries to log on
[aliyun the root @ ~] # SU - Hadoop Last Login: the Sun-Nov . 17 09 : 37 [ : 25 CST 2019 ON PTS / 2 [aliyun the root @ ~] # # failed login
1.3 user to view file permissions and modify
[root@aliyun ~]# cat /etc/passwd | grep 'hadoop' hadoop:x:1000:1001::/home/hadoop:/bin/bash
1.4 log in again
[root @ aliyun ~] # su - hadoop Last the Login: Sun Nov 17 09 : 56 : 43 CST 2019 ON PTS / 1 [hadoop @ aliyun ~] $ # successful login
2. Analog user's login privilege is / sbin / nologin, modify, and log
1.1 analog user's login privilege is / sbin / nologin
[root@aliyun ~]# cat /etc/passwd | grep hadoop
hadoop:x:1000:1001::/home/hadoop:/sbin/nologin
1.2 tries to log on
[root@aliyun ~]# su - hadoop
Last login: Sun Nov 17 09:59:35 CST 2019 on pts/1
This account is currently not available.
[root@aliyun ~]# #登录失败
1.3 user to view file permissions and modify
[root@aliyun ~]# cat /etc/passwd | grep 'hadoop'
hadoop:x:1000:1001::/home/hadoop:/bin/bash
1.4 log in again
[root @ aliyun ~] # su - hadoop
Last the Login: Sun Nov 17 09:56:43 CST 2019 ON PTS / 1
[hadoop @ aliyun ~] $ # successful login
rwx ------ chmod chown Case
Read and write execute permissions to view the files or directories
[root@aliyun ~]# ll test.txt -rw-r--r-- 1 root root 12 Nov 12 23:36 test.txt
R & lt: Read. 4
W: Write 2
X: execution. 1
: - no authority 0
a first group of users rw- root 6 represents a file or folder, write
r-- second group of users 4 represents a group of the root of the file or folder, reading
r-- 4 represents a third group belong to the other groups of users permissions of the file or folder: read
chmod command to execute a read-write permission to the file or directory, recursive addition modified represents -R
chown command to change the owner and file or directory is a group, -R represents a recursive modification plus
demand:
1. Modify the test.txt file is a group bigdata
2. Modify the test.txt file permissions for the owner to perform read and write, is a set of read execution
1. Modify the test.txt file is a group bigdata
[root@aliyun ~]# chown -R :bigdata test.txt [root@aliyun ~]# ll test.txt -rw-r--r-- 1 root bigdata 12 Nov 12 23:36 test.txt
2. Modify test.txt file owner permissions may read and write performed, is a group can be read perform other readable
[root@aliyun ~]# chmod -R 754 test.txt [root@aliyun ~]# ll test.txt -rwxr-xr-- 1 root bigdata 12 Nov 12 23:36 test.txt
Note: -R parameter, the current can be considered only chown and chmod command there, the other for the -r
Other commands - su find du
su command to switch users using su - username way, when switching to the environment is also switched
[root@aliyun ~]# su - hadoop #su - 用户名 Last login: Sun Nov 17 10:16:08 CST 2019 on pts/2 [hadoop@aliyun ~]$ pwd /home/hadoop
[aliyun in to the root @ ~ ] # yong_hu the su su ming Hadoop
[Hadoop @ aliyun in to the root] $ pwd '
/ in to the root
Note the difference between two files .bash_profile and .bashrc environment in force
.bash_profile file does not execute su ruoze, su - ruoze perform
.bashrc file su ruoze execution, su - ruoze perform
find command to find the file , use fuzzy matching in cases of uncertainty file name
[hadoop@aliyun root]$ find /home -name '*hadoop*' /home/hadoop
du command to view the file or directory size
Although the ls -l can also view the file or directory size, but the size of directory ls -l display is not accurate
[root@aliyun ~]# ll -h size.log/ total 12K -rw-r--r-- 1 root root 286K Nov 17 10:24 lastlog
Check once again using du -sh
[root@aliyun ~]# du -sh size.log/
12K size.log/
And finally into size.log folder to view files of size
[root@aliyun log]# du -sh lastlog
12K lastlog