1、复制/etc/skel目录为/home/tuser1,要求/home/tuser1及其内部文件的属组和其它用户均没有任何访问权限。
root@xuc-virtual-machine:/home/xuc# cp -r /etc/skel/ /home/tuser1 root@xuc-virtual-machine:/home# chmod 700 /home/tuser1/examples.desktop root@xuc-virtual-machine:/home# ll total 16 drwxr-xr-x 4 root root 4096 9月 2 15:58 ./ drwxr-xr-x 23 root root 4096 9月 2 11:44 ../ drwx------ 3 root root 4096 9月 2 15:58 tuser1/ drwxr-xr-x 14 xuc xuc 4096 9月 2 15:28 xuc/ root@xuc-virtual-machine:/home/tuser1# ll total 36 drwx------ 3 root root 4096 9月 2 15:58 ./ drwxr-xr-x 4 root root 4096 9月 2 15:58 ../ -rw-r--r-- 1 root root 220 9月 2 15:58 .bash_logout -rw-r--r-- 1 root root 3771 9月 2 15:58 .bashrc -rwx------ 1 root root 8980 9月 2 15:58 examples.desktop* -rw-r--r-- 1 root root 675 9月 2 15:58 .profile drwxr-xr-x 2 root root 4096 9月 2 15:58 skel/
2、编辑/etc/group文件,添加组hadoop。
root@xuc-virtual-machine:/etc# vim + /etc/group 键盘i进入输入模式,hadoop组名,x密码填充位,id号 hadoop:x:1002:
3、手动编辑/etc/passwd文件新增一行,添加用户hadoop,其基本组ID为hadoop组的id号;其家目录为/home/hadoop。
vim + /etc/passwd //光标停留在最后一行 tuser1:x:1001:1001::/home/tuser1: hadoop:x:1002:1002::/home/hadoop: :wq
4、复制/etc/skel目录为/home/hadoop,要求修改hadoop目录的属组和其它用户没有任何访问权限。
root@xuc-virtual-machine:~# cp -r /etc/skel/ /home/hadoop root@xuc-virtual-machine:~# cd /home/ root@xuc-virtual-machine:/home# ls hadoop tuser1 xuc root@xuc-virtual-machine:/home# cd /hadoop root@xuc-virtual-machine:/home/hadoop# chmod g-r examples.desktop root@xuc-virtual-machine:/home/hadoop# chmod o-r examples.desktop root@xuc-virtual-machine:/home/hadoop# ll total 32 drwxr-xr-x 2 root root 4096 9月 2 16:33 ./ drwxr-xr-x 5 root root 4096 9月 2 16:33 ../ -rw-r--r-- 1 root root 220 9月 2 16:33 .bash_logout -rw-r--r-- 1 root root 3771 9月 2 16:33 .bashrc -rw------- 1 root root 8980 9月 2 16:33 examples.desktop -rw-r--r-- 1 root root 675 9月 2 16:33 .profile
5、修改/home/hadoop目录及其内部所有文件的属主为hadoop,属组为hadoop。
root@xuc-virtual-machine:/home/hadoop# chown -R hadoop:hadoop /home/hadoop root@xuc-virtual-machine:/home/hadoop# ll total 32 drwxr-xr-x 2 hadoop hadoop 4096 9月 2 16:33 ./ drwxr-xr-x 5 root root 4096 9月 2 16:33 ../ -rw-r--r-- 1 hadoop hadoop 220 9月 2 16:33 .bash_logout -rw-r--r-- 1 hadoop hadoop 3771 9月 2 16:33 .bashrc -rw------- 1 hadoop hadoop 8980 9月 2 16:33 examples.desktop -rw-r--r-- 1 hadoop hadoop 675 9月 2 16:33 .profile root@xuc-virtual-machine:/home/hadoop# cd .. root@xuc-virtual-machine:/home# ll total 20 drwxr-xr-x 5 root root 4096 9月 2 16:33 ./ drwxr-xr-x 23 root root 4096 9月 2 11:44 ../ drwxr-xr-x 2 hadoop hadoop 4096 9月 2 16:33 hadoop/ drwx------ 3 root root 4096 9月 2 15:58 tuser1/ drwxr-xr-x 14 xuc xuc 4096 9月 2 15:28 xuc/
6、显示/proc/meminfo文件中以大写或小写S开头的行;用两种方式;
root@xuc-virtual-machine:/home# grep -i '^s' /proc/meminfo root@xuc-virtual-machine:/home# grep "^[S,s]" /proc/meminfo SwapCached: 0 kB SwapTotal: 1952764 kB SwapFree: 1952764 kB Shmem: 9088 kB Slab: 131924 kB SReclaimable: 94576 kB SUnreclaim: 37348 kB
7、显示/etc/passwd文件中其默认shell为非/sbin/nologin的用户;
root@xuc-virtual-machine:~# grep -v '/sbin/nologin$' /etc/passwd |cut -d: -f1 root sync systemd-timesync systemd-network systemd-resolve systemd-bus-proxy syslog messagebus uuidd avahi whoopsie avahi-autoipd dnsmasq colord speech-dispatcher hplip kernoops pulse rtkit saned usbmux lightdm xuc tuser1 hadoop
8、显示/etc/passwd文件中其默认shell为/bin/bash的用户;
root@xuc-virtual-machine:~# grep '/bin/bash$' /etc/passwd |cut -d: -f1 root xuc
9、找出/etc/passwd文件中的一位数或两位数;
root@xuc-virtual-machine:~# egrep '\<[0-9]{1,2}\>' /etc/passwd
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/usr/sbin/nologin
man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
speech-dispatcher:x:112:29:Speech Dispatcher,,,:/var/run/speech-dispatcher:/bin/false
hplip:x:113:7:HPLIP system user,,,:/var/run/hplip:/bin/false
usbmux:x:118:46:usbmux daemon,,,:/var/lib/usbmux:/bin/false
10、显示/boot/grub/grub.conf中以至少一个空白字符开头的行;
[root@xuc ~]# egrep '^[[:space:]]+' /boot/grub/grub.conf root (hd0,0) kernel /boot/vmlinuz-2.6.32-431.el6.x86_64 ro root=UUID=a274520f-caee-49d5-8701-25f5ef4be485 rd_NO_LUKS rd_NO_LVM.UTF-8 rd_NO_MD SYSFONT=latarcyrheb-sun16 crashkern el=128M KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet initrd /boot/initramfs-2.6.32-431.el6.x86_64.img
11、显示/etc/rc.d/rc.sysinit文件中以#开头,后面跟至少一个空白字符,而后又有至少一个非空白字符的行;
[root@xuc ~]# egrep ^#[[:space:]]\+[^[:space:]]\+ /etc/rc.d/rc.sysinit # /etc/rc.d/rc.sysinit - run once at boot time # Taken in part from Miquel van Smoorenburg's bcheckrc. # Check SELinux status # Print a text banner. # Only read this once. # Initialize hardware # Set default affinity # Load other user-defined modules # Load modules (for backward compatibility with VARs) # Configure kernel parameters # Set the hostname. # Sync waiting for storage. # Device mapper & related initialization # Start any MD RAID arrays that haven't been started yet # Remount the root filesystem read-write. # Clean up SELinux labels # If relabeling, relabel mount points. # Mount all other filesystems (except for NFS and /proc, which is already # mounted). Contrary to standard usage, # filesystems are NOT unmounted in single user mode. # The 'no' applies to all listed filesystem types. See mount(8). # Update quotas if necessary # Check to see if a full relabel is needed # Initialize pseudo-random number generator # Configure machine if necessary. # Clean out /. # Do we need (w|u)tmpx files? We don't set them up, but the sysadmin might... # Clean up /var. # Clean up utmp/wtmp # Clean up various /tmp bits # Make ICE directory # Start up swapping. # Set up binfmt_misc # Boot time profiles. Yes, this should be somewhere else. # Now that we have all of our basic modules loaded and the kernel going, # let's dump the syslog ring somewhere so we can find it later # create the crash indicator flag to warn on crashes, offer fsck with timeout # Let rhgb know that we're leaving rc.sysinit
12、打出netstat -tan命令执行结果中以‘LISTEN’,后或跟空白字符结尾的
[root@xuc ~]# netstat -tan |egrep '*LISTEN\>' tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:52795 0.0.0.0:* LISTEN tcp 0 0 :::111 :::* LISTEN tcp 0 0 :::22 :::* LISTEN tcp 0 0 ::1:631 :::* LISTEN tcp 0 0 ::1:25 :::* LISTEN tcp 0 0 :::36483 :::* LISTEN
13、添加用户bash, testbash, basher, nologin (此一个用户的shell为/sbin/nologin),而后找出当前系统上其用户名和默认shell相同的用户的信息;"
[root@xuc ~]# egrep '(^[[:alpha:]]+\>).*\1$' /etc/passwd sync:x:5:0:sync:/sbin:/bin/sync shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown halt:x:7:0:halt:/sbin:/sbin/halt bash:x:501:501::/home/bash:/bin/bash nologin:x:504:504::/home/nologin:/sbin/nologin
原创文章,作者:N22_熊宝,如若转载,请注明出处:http://www.178linux.com/43521
评论列表(1条)
排版独有风格~内容也比较贴近真实环境,赞。