1、复制/etc/skel目录为/home/tuser1,要求/home/tuser1及其内部文件的属组和其它用户均没有任何访问权限。
# cp -r /etc/skel /home/tuser1 # chmod -R g=,o= /home/tuser1/ # ll -A /home/tuser1/ total 16 -rw------- 1 root root 18 Jun 17 17:16 .bash_logout -rw------- 1 root root 193 Jun 17 17:16 .bash_profile -rw------- 1 root root 323 Jun 17 17:16 .bashrc -rw------- 1 root root 172 Jun 17 17:16 .kshrc # ll -d /home/tuser1/ drwx------ 2 root root 72 Jun 17 17:16 /home/tuser1/
2、编辑/etc/group文件,添加组hadoop。
vim /etc/group 跳到最后,新起一行 输入 hadoop:x:5924: 保存并退出 # tail -1 /etc/group hadoop:x:5924:
3、手动编辑/etc/passwd文件新增一行,添加用户hadoop,其基本组ID为hadoop组的id号;其家目录为/home/hadoop。
vim /etc/passwd 跳到最后,新起一行 输入 hadoop:x:3004:5924::/home/hadoop:/bin/bash 保存并退出 # tail -1 /etc/passwd hadoop:x:3004:5924::/home/hadoop:/bin/bash # id hadoop uid=3004(hadoop) gid=5924(hadoop) 组=5924(hadoop)
4、复制/etc/skel目录为/home/hadoop,要求修改hadoop目录的属组和其它用户没有任何访问权限。
# cp -r /etc/skel/ /home/hadoop # chmod -R g=,o= /home/hadoop # ll /home/hadoop -A 总用量 12 -rw------- 1 hadoop hadoop 18 11月 20 2015 .bash_logout -rw------- 1 hadoop hadoop 193 11月 20 2015 .bash_profile -rw------- 1 hadoop hadoop 231 11月 20 2015 .bashrc # ll /home/hadoop -d drwx------ 2 hadoop hadoop 59 5月 31 01:57 /home/hadoop
5、修改/home/hadoop目录及其内部所有文件的属主为hadoop,属组为hadoop。
# chown hadoop.hadoop -R /home/hadoop/ # ll /home/hadoop/ -a 总用量 16 drwx------ 2 hadoop hadoop 59 5月 31 01:57 . drwxr-xr-x. 17 root root 4096 6月 17 17:36 .. -rw------- 1 hadoop hadoop 18 11月 20 2015 .bash_logout -rw------- 1 hadoop hadoop 193 11月 20 2015 .bash_profile -rw------- 1 hadoop hadoop 231 11月 20 2015 .bashrc # ll /home/hadoop/ -ad drwx------ 2 hadoop hadoop 59 5月 31 01:57 /home/hadoop/
6、显示/proc/meminfo文件中以大写或小写S开头的行;用两种方式;
grep '^[sS]' /proc/meminfo grep -E '^s|^S' /proc/meminfo while read line; do firstChar=`echo $line | cut -c1`; if [ "$firstChar" == "S" ] || [ "$firstChar" == "s" ] then echo $line; fi; done < /proc/meminfo
7、显示/etc/passwd文件中其默认shell为非/sbin/nologin的用户;
# grep -v "/sbin/nologin$" /etc/passwd | cut -d":" -f1 root sync shutdown halt redhat huazi hadoop archlinux test1 huazi2 mageia slackware dada
8、显示/etc/passwd文件中其默认shell为/bin/bash的用户;
# grep "/bin/bash$" /etc/passwd | cut -d":" -f1 root redhat huazi hadoop archlinux test1 huazi1 huazi2 mageia dada
9、找出/etc/passwd文件中的一位数或两位数;
# egrep -o "\b[0-9]{1,2}\b" /etc/passwd
0
0
1
1
2
2
3
4
4
7
5
0
6
0
7
0
8
12
11
0
12
14
50
99
99
81
81
59
59
89
89
74
74
38
38
48
48
10、显示/boot/grub/grub.conf中以至少一个空白字符开头的行;
# grep "^[[:space:]]" /boot/grub/grub.conf root (hd0,0) kernel /vmlinuz-2.6.32-431.el6.x86_64 ro root=/dev/mapper/VolGroup-lv_root rd_NO_LUKS rd_NO_MD rd_LVM_LV=VolGroup/lv_swap crashkernel=auto.UTF-8 rd_LVM_LV=VolGroup/lv_root KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet initrd /initramfs-2.6.32-431.el6.x86_64.img
11、显示/etc/rc.d/rc.sysinit文件中以#开头,后面跟至少一个空白字符,而后又有至少一个非空白字符的行;
# grep --color=auto "^#[[:space:]]\+.*[[:space:]]\+.*" /etc/rc.d/rc.sysinit # /etc/rc.d/rc.sysinit - run once at boot time # Taken in part from Miquel van Smoorenburg's bcheckrc. # Check SELinux status # Print a text banner. # Only read this once. # Initialize hardware # Set default affinity # Load other user-defined modules # Load modules (for backward compatibility with VARs) # Configure kernel parameters # Set the hostname. # Sync waiting for storage. # Device mapper & related initialization # Start any MD RAID arrays that haven't been started yet # Remount the root filesystem read-write. # Clean up SELinux labels # If relabeling, relabel mount points. # Mount all other filesystems (except for NFS and /proc, which is already # mounted). Contrary to standard usage, # filesystems are NOT unmounted in single user mode. # The 'no' applies to all listed filesystem types. See mount(8). # Update quotas if necessary # Check to see if a full relabel is needed # Initialize pseudo-random number generator # Configure machine if necessary. # Clean out /. # Do we need (w|u)tmpx files? We don't set them up, but the sysadmin might... # Clean up /var. # Clean up utmp/wtmp # Clean up various /tmp bits # Make ICE directory # Start up swapping. # Set up binfmt_misc # Boot time profiles. Yes, this should be somewhere else. # Now that we have all of our basic modules loaded and the kernel going, # let's dump the syslog ring somewhere so we can find it later # create the crash indicator flag to warn on crashes, offer fsck with timeout # Let rhgb know that we're leaving rc.sysinit
12、打出netstat -tan命令执行结果中以‘LISTEN’,后或跟空白字符结尾的行;
# netstat -tan | grep "LISTEN[[:space:]]*$" tcp 0 0 0.0.0.0:6379 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:39025 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN tcp 0 0 :::6379 :::* LISTEN tcp 0 0 :::56301 :::* LISTEN tcp 0 0 :::111 :::* LISTEN tcp 0 0 :::22 :::* LISTEN tcp 0 0 ::1:25 :::* LISTEN tcp 0 0 :::873 :::* LISTEN
13、添加用户bash, testbash, basher, nologin (此一个用户的shell为/sbin/nologin),而后找出当前系统上其用户名和默认shell相同的用户的信息;
# useradd bash # useradd testbash # useradd basher # useradd nologin -s /sbin/nologin # egrep -i --color=auto "^([a-z0-9]+)\b.*\1$" /etc/passwd sync:x:5:0:sync:/sbin:/bin/sync shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown halt:x:7:0:halt:/sbin:/sbin/halt bash:x:815:816::/home/bash:/bin/bash nologin:x:818:819::/home/nologin:/sbin/nologin
原创文章,作者:banbula,如若转载,请注明出处:http://www.178linux.com/20859
评论列表(1条)
写的很好,排版也很漂亮,加油