第二周作业
1、显示/etc目录下,以非字母开头,后面跟了一个字母以及其它任意长度任意字符的文件或目录
[00:15:56 root@centos8-fosun etc]#touch 2test.txt
[00:16:04 root@centos8-fosun etc]#ls [^[:alpha:]]*
2test.txt
2、复制/etc目录下所有以p开头,以非数字结尾的文件或目录到/tmp/mytest1目录中。
[00:22:37 root@centos8-fosun ~]#mkdir -p /tmp/mytest1
[00:23:10 root@centos8-fosun ~]#cp -rv /etc/p*[^[:digit:]] /tmp/mytest1/
'/etc/pam.d' -> '/tmp/mytest1/pam.d'
'/etc/pam.d/vlock' -> '/tmp/mytest1/pam.d/vlock'
'/etc/pam.d/config-util' -> '/tmp/mytest1/pam.d/config-util'
'/etc/pam.d/fingerprint-auth' -> '/tmp/mytest1/pam.d/fingerprint-auth'
'/etc/pam.d/other' -> '/tmp/mytest1/pam.d/other'
'/etc/pam.d/password-auth' -> '/tmp/mytest1/pam.d/password-auth'
'/etc/pam.d/postlogin' -> '/tmp/mytest1/pam.d/postlogin'
'/etc/pam.d/smartcard-auth' -> '/tmp/mytest1/pam.d/smartcard-auth'
'/etc/pam.d/system-auth' -> '/tmp/mytest1/pam.d/system-auth'
'/etc/pam.d/login' -> '/tmp/mytest1/pam.d/login'
'/etc/pam.d/remote' -> '/tmp/mytest1/pam.d/remote'
'/etc/pam.d/runuser' -> '/tmp/mytest1/pam.d/runuser'
'/etc/pam.d/runuser-l' -> '/tmp/mytest1/pam.d/runuser-l'
'/etc/pam.d/su' -> '/tmp/mytest1/pam.d/su'
'/etc/pam.d/su-l' -> '/tmp/mytest1/pam.d/su-l'
'/etc/pam.d/chfn' -> '/tmp/mytest1/pam.d/chfn'
'/etc/pam.d/systemd-user' -> '/tmp/mytest1/pam.d/systemd-user'
'/etc/pam.d/screen' -> '/tmp/mytest1/pam.d/screen'
'/etc/pam.d/crond' -> '/tmp/mytest1/pam.d/crond'
'/etc/pam.d/polkit-1' -> '/tmp/mytest1/pam.d/polkit-1'
'/etc/pam.d/sssd-shadowutils' -> '/tmp/mytest1/pam.d/sssd-shadowutils'
'/etc/pam.d/vmtoolsd' -> '/tmp/mytest1/pam.d/vmtoolsd'
'/etc/pam.d/passwd' -> '/tmp/mytest1/pam.d/passwd'
'/etc/pam.d/sshd' -> '/tmp/mytest1/pam.d/sshd'
'/etc/pam.d/sudo' -> '/tmp/mytest1/pam.d/sudo'
'/etc/pam.d/sudo-i' -> '/tmp/mytest1/pam.d/sudo-i'
'/etc/pam.d/chsh' -> '/tmp/mytest1/pam.d/chsh'
'/etc/pam.d/smtp.postfix' -> '/tmp/mytest1/pam.d/smtp.postfix'
'/etc/pam.d/smtp' -> '/tmp/mytest1/pam.d/smtp'
'/etc/pam.d/atd' -> '/tmp/mytest1/pam.d/atd'
'/etc/passwd' -> '/tmp/mytest1/passwd'
'/etc/passwd-' -> '/tmp/mytest1/passwd-'
'/etc/pki' -> '/tmp/mytest1/pki'
'/etc/pki/rsyslog' -> '/tmp/mytest1/pki/rsyslog'
'/etc/pki/ca-trust' -> '/tmp/mytest1/pki/ca-trust'
'/etc/pki/ca-trust/README' -> '/tmp/mytest1/pki/ca-trust/README'
'/etc/pki/ca-trust/ca-legacy.conf' -> '/tmp/mytest1/pki/ca-trust/ca-legacy.conf'
'/etc/pki/ca-trust/extracted' -> '/tmp/mytest1/pki/ca-trust/extracted'
'/etc/pki/ca-trust/extracted/java' -> '/tmp/mytest1/pki/ca-trust/extracted/java'
'/etc/pki/ca-trust/extracted/java/README' -> '/tmp/mytest1/pki/ca-trust/extracted/java/README'
'/etc/pki/ca-trust/extracted/java/cacerts' -> '/tmp/mytest1/pki/ca-trust/extracted/java/cacerts'
'/etc/pki/ca-trust/extracted/openssl' -> '/tmp/mytest1/pki/ca-trust/extracted/openssl'
'/etc/pki/ca-trust/extracted/openssl/README' -> '/tmp/mytest1/pki/ca-trust/extracted/openssl/README'
'/etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt' -> '/tmp/mytest1/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt'
'/etc/pki/ca-trust/extracted/README' -> '/tmp/mytest1/pki/ca-trust/extracted/README'
'/etc/pki/ca-trust/extracted/pem' -> '/tmp/mytest1/pki/ca-trust/extracted/pem'
'/etc/pki/ca-trust/extracted/pem/README' -> '/tmp/mytest1/pki/ca-trust/extracted/pem/README'
'/etc/pki/ca-trust/extracted/pem/email-ca-bundle.pem' -> '/tmp/mytest1/pki/ca-trust/extracted/pem/email-ca-bundle.pem'
'/etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem' -> '/tmp/mytest1/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem'
'/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem' -> '/tmp/mytest1/pki/ca-trust/extracted/pem/tls-ca-bundle.pem'
'/etc/pki/ca-trust/extracted/edk2' -> '/tmp/mytest1/pki/ca-trust/extracted/edk2'
'/etc/pki/ca-trust/extracted/edk2/README' -> '/tmp/mytest1/pki/ca-trust/extracted/edk2/README'
'/etc/pki/ca-trust/extracted/edk2/cacerts.bin' -> '/tmp/mytest1/pki/ca-trust/extracted/edk2/cacerts.bin'
'/etc/pki/ca-trust/source' -> '/tmp/mytest1/pki/ca-trust/source'
'/etc/pki/ca-trust/source/anchors' -> '/tmp/mytest1/pki/ca-trust/source/anchors'
'/etc/pki/ca-trust/source/blacklist' -> '/tmp/mytest1/pki/ca-trust/source/blacklist'
'/etc/pki/ca-trust/source/README' -> '/tmp/mytest1/pki/ca-trust/source/README'
'/etc/pki/ca-trust/source/ca-bundle.legacy.crt' -> '/tmp/mytest1/pki/ca-trust/source/ca-bundle.legacy.crt'
'/etc/pki/rpm-gpg' -> '/tmp/mytest1/pki/rpm-gpg'
'/etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial' -> '/tmp/mytest1/pki/rpm-gpg/RPM-GPG-KEY-centosofficial'
'/etc/pki/rpm-gpg/RPM-GPG-KEY-centostesting' -> '/tmp/mytest1/pki/rpm-gpg/RPM-GPG-KEY-centostesting'
'/etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-8' -> '/tmp/mytest1/pki/rpm-gpg/RPM-GPG-KEY-EPEL-8'
'/etc/pki/java' -> '/tmp/mytest1/pki/java'
'/etc/pki/java/cacerts' -> '/tmp/mytest1/pki/java/cacerts'
'/etc/pki/tls' -> '/tmp/mytest1/pki/tls'
'/etc/pki/tls/certs' -> '/tmp/mytest1/pki/tls/certs'
'/etc/pki/tls/certs/ca-bundle.crt' -> '/tmp/mytest1/pki/tls/certs/ca-bundle.crt'
'/etc/pki/tls/certs/ca-bundle.trust.crt' -> '/tmp/mytest1/pki/tls/certs/ca-bundle.trust.crt'
'/etc/pki/tls/certs/postfix.pem' -> '/tmp/mytest1/pki/tls/certs/postfix.pem'
'/etc/pki/tls/private' -> '/tmp/mytest1/pki/tls/private'
'/etc/pki/tls/private/postfix.key' -> '/tmp/mytest1/pki/tls/private/postfix.key'
'/etc/pki/tls/cert.pem' -> '/tmp/mytest1/pki/tls/cert.pem'
'/etc/pki/tls/ct_log_list.cnf' -> '/tmp/mytest1/pki/tls/ct_log_list.cnf'
'/etc/pki/tls/misc' -> '/tmp/mytest1/pki/tls/misc'
'/etc/pki/tls/openssl.cnf' -> '/tmp/mytest1/pki/tls/openssl.cnf'
'/etc/pki/nssdb' -> '/tmp/mytest1/pki/nssdb'
'/etc/pki/nssdb/cert8.db' -> '/tmp/mytest1/pki/nssdb/cert8.db'
'/etc/pki/nssdb/cert9.db' -> '/tmp/mytest1/pki/nssdb/cert9.db'
'/etc/pki/nssdb/key3.db' -> '/tmp/mytest1/pki/nssdb/key3.db'
'/etc/pki/nssdb/key4.db' -> '/tmp/mytest1/pki/nssdb/key4.db'
'/etc/pki/nssdb/pkcs11.txt' -> '/tmp/mytest1/pki/nssdb/pkcs11.txt'
'/etc/pki/nssdb/secmod.db' -> '/tmp/mytest1/pki/nssdb/secmod.db'
'/etc/plymouth' -> '/tmp/mytest1/plymouth'
'/etc/plymouth/plymouthd.conf' -> '/tmp/mytest1/plymouth/plymouthd.conf'
'/etc/pm' -> '/tmp/mytest1/pm'
'/etc/pm/config.d' -> '/tmp/mytest1/pm/config.d'
'/etc/pm/power.d' -> '/tmp/mytest1/pm/power.d'
'/etc/pm/sleep.d' -> '/tmp/mytest1/pm/sleep.d'
'/etc/popt.d' -> '/tmp/mytest1/popt.d'
'/etc/postfix' -> '/tmp/mytest1/postfix'
'/etc/postfix/dynamicmaps.cf.d' -> '/tmp/mytest1/postfix/dynamicmaps.cf.d'
'/etc/postfix/postfix-files.d' -> '/tmp/mytest1/postfix/postfix-files.d'
'/etc/postfix/access' -> '/tmp/mytest1/postfix/access'
'/etc/postfix/canonical' -> '/tmp/mytest1/postfix/canonical'
'/etc/postfix/dynamicmaps.cf' -> '/tmp/mytest1/postfix/dynamicmaps.cf'
'/etc/postfix/generic' -> '/tmp/mytest1/postfix/generic'
'/etc/postfix/main.cf' -> '/tmp/mytest1/postfix/main.cf'
'/etc/postfix/main.cf.proto' -> '/tmp/mytest1/postfix/main.cf.proto'
'/etc/postfix/master.cf' -> '/tmp/mytest1/postfix/master.cf'
'/etc/postfix/master.cf.proto' -> '/tmp/mytest1/postfix/master.cf.proto'
'/etc/postfix/postfix-files' -> '/tmp/mytest1/postfix/postfix-files'
'/etc/postfix/relocated' -> '/tmp/mytest1/postfix/relocated'
'/etc/postfix/transport' -> '/tmp/mytest1/postfix/transport'
'/etc/postfix/virtual' -> '/tmp/mytest1/postfix/virtual'
'/etc/postfix/header_checks' -> '/tmp/mytest1/postfix/header_checks'
'/etc/prelink.conf.d' -> '/tmp/mytest1/prelink.conf.d'
'/etc/prelink.conf.d/grub2.conf' -> '/tmp/mytest1/prelink.conf.d/grub2.conf'
'/etc/printcap' -> '/tmp/mytest1/printcap'
'/etc/profile' -> '/tmp/mytest1/profile'
'/etc/profile.d' -> '/tmp/mytest1/profile.d'
'/etc/profile.d/csh.local' -> '/tmp/mytest1/profile.d/csh.local'
'/etc/profile.d/lang.csh' -> '/tmp/mytest1/profile.d/lang.csh'
'/etc/profile.d/lang.sh' -> '/tmp/mytest1/profile.d/lang.sh'
'/etc/profile.d/sh.local' -> '/tmp/mytest1/profile.d/sh.local'
'/etc/profile.d/vim.csh' -> '/tmp/mytest1/profile.d/vim.csh'
'/etc/profile.d/vim.sh' -> '/tmp/mytest1/profile.d/vim.sh'
'/etc/profile.d/env.sh' -> '/tmp/mytest1/profile.d/env.sh'
'/etc/profile.d/which2.csh' -> '/tmp/mytest1/profile.d/which2.csh'
'/etc/profile.d/which2.sh' -> '/tmp/mytest1/profile.d/which2.sh'
'/etc/profile.d/colorgrep.csh' -> '/tmp/mytest1/profile.d/colorgrep.csh'
'/etc/profile.d/colorgrep.sh' -> '/tmp/mytest1/profile.d/colorgrep.sh'
'/etc/profile.d/colorxzgrep.csh' -> '/tmp/mytest1/profile.d/colorxzgrep.csh'
'/etc/profile.d/colorxzgrep.sh' -> '/tmp/mytest1/profile.d/colorxzgrep.sh'
'/etc/profile.d/colorls.csh' -> '/tmp/mytest1/profile.d/colorls.csh'
'/etc/profile.d/colorls.sh' -> '/tmp/mytest1/profile.d/colorls.sh'
'/etc/profile.d/less.csh' -> '/tmp/mytest1/profile.d/less.csh'
'/etc/profile.d/less.sh' -> '/tmp/mytest1/profile.d/less.sh'
'/etc/profile.d/gawk.csh' -> '/tmp/mytest1/profile.d/gawk.csh'
'/etc/profile.d/gawk.sh' -> '/tmp/mytest1/profile.d/gawk.sh'
'/etc/profile.d/colorzgrep.csh' -> '/tmp/mytest1/profile.d/colorzgrep.csh'
'/etc/profile.d/colorzgrep.sh' -> '/tmp/mytest1/profile.d/colorzgrep.sh'
'/etc/profile.d/bash_completion.sh' -> '/tmp/mytest1/profile.d/bash_completion.sh'
'/etc/protocols' -> '/tmp/mytest1/protocols'
3、将/etc/issue文件中的内容转换为大写后保存至/tmp/issue.out文件中
[00:25:54 root@centos8-fosun ~]#cat /etc/issue | tr -s 'a-z' 'A-Z' > /tmp/issue.out
[00:26:39 root@centos8-fosun ~]#cat /tmp/issue.out
\S
KERNEL \R ON AN \M
4、请总结描述用户和组管理类命令的使用方法并完成以下练习:
(1)、创建组distro,其GID为2019;
[00:27:18 root@centos8-fosun ~]#groupadd -g 2019 distro
[00:27:33 root@centos8-fosun ~]#cat /etc/group
root:x:0:
bin:x:1:
...
distro:x:2019:
(2)、创建用户mandriva, 其ID号为1005;基本组为distro;
[00:28:22 root@centos8-fosun ~]#useradd -r -u 1005 -g distro distro
[00:30:01 root@centos8-fosun ~]#cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:65534:65534:Kernel Overflow User:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
systemd-coredump:x:999:997:systemd Core Dumper:/:/sbin/nologin
systemd-resolve:x:193:193:systemd Resolver:/:/sbin/nologin
tss:x:59:59:Account used by the trousers package to sandbox the tcsd daemon:/dev/null:/sbin/nologin
polkitd:x:998:996:User for polkitd:/:/sbin/nologin
unbound:x:997:994:Unbound DNS resolver:/etc/unbound:/sbin/nologin
sssd:x:996:993:User for sssd:/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
rngd:x:995:992:Random Number Generator Daemon:/var/lib/rngd:/sbin/nologin
felix:x:1000:1000:felix:/home/felix:/bin/bash
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
chrony:x:994:991::/var/lib/chrony:/sbin/nologin
wangqiuhua:x:1001:1001::/home/wangqiuhua:/bin/bash
www:x:80:80::/home/www:/bin/false
distro:x:1005:2019::/home/distro:/bin/bash
[00:30:06 root@centos8-fosun ~]#get
getcap getconf getenforce getent getfacl getkeycodes getopt getopts getpcaps getsebool gettext gettext.sh
[00:30:06 root@centos8-fosun ~]#getent passwd distro
distro:x:1005:2019::/home/distro:/bin/bash
(3)、创建用户mageia,其ID号为1100,家目录为/home/linux;
[00:30:26 root@centos8-fosun ~]#useradd -r -u 1100 -d /home/linux mageia
[00:31:42 root@centos8-fosun ~]#getent passwd mageia
mageia:x:1100:990::/home/linux:/bin/bash
(4)、给用户mageia添加密码,密码为mageedu,并设置用户密码7天后过期
[00:33:29 root@centos8-fosun ~]#echo "magedu" | passwd --stdin mageia
Changing password for user mageia.
passwd: all authentication tokens updated successfully.
[00:34:58 root@centos8-fosun ~]#chage -E 7 mageia
(5)、删除mandriva,但保留其家目录;
[00:35:41 root@centos8-fosun ~]#useradd mandriva
[00:36:11 root@centos8-fosun ~]#getent passwd mandriva
mandriva:x:1101:1101::/home/mandriva:/bin/bash
[00:36:22 root@centos8-fosun ~]#userdel mandriva
[00:36:36 root@centos8-fosun ~]#ls /home/
felix mandriva wangqiuhua
[00:36:40 root@centos8-fosun ~]#
(6)、创建用户slackware,其ID号为2002,基本组为distro,附加组peguin;
[00:37:32 root@centos8-fosun ~]#useradd -r -u 2002 -g distro slackware
[00:39:31 root@centos8-fosun ~]#id slackware
uid=2002(slackware) gid=2019(distro) groups=2019(distro)
[00:42:32 root@centos8-fosun ~]#groupadd peguin
[00:42:41 root@centos8-fosun ~]#gpasswd -a slackware peguin
Adding user slackware to group peguin
[00:43:27 root@centos8-fosun ~]#id slackware
uid=2002(slackware) gid=2019(distro) groups=2019(distro),2020(peguin)
(7)、修改slackware的默认shell为/bin/tcsh;
[00:46:15 root@centos8-fosun ~]#usermod -s /bin/tcsh slackware
[00:46:47 root@centos8-fosun ~]#getent passwd slackware
slackware:x:2002:2019::/home/slackware:/bin/tcsh
(8)、为用户slackware新增附加组admins,并设置不可登陆。
[00:47:01 root@centos8-fosun ~]#groupadd admins
[00:47:48 root@centos8-fosun ~]#gpasswd -a slackware admins
Adding user slackware to group admins
[00:48:03 root@centos8-fosun ~]#id slackware
uid=2002(slackware) gid=2019(distro) groups=2019(distro),2020(peguin),2021(admins)
[00:48:12 root@centos8-fosun ~]#usermod -s /bin/nologin slackware
[00:48:49 root@centos8-fosun ~]#getent passwd slackware
slackware:x:2002:2019::/home/slackware:/bin/nologin
5、创建用户user1、user2、user3。在/data/下创建目录test
(1)、目录/data/test属主、属组为user1
[00:50:51 root@centos8-fosun ~]# useradd -r -U user1
[00:51:15 root@centos8-fosun ~]# useradd -r -U user2
[00:51:17 root@centos8-fosun ~]# useradd -r -U user3
[00:51:25 root@centos8-fosun ~]#mkdir -p /data/test
[00:51:58 root@centos8-fosun ~]#cd /data/
[00:52:23 root@centos8-fosun data]#ll
total 0
drwxr-xr-x. 2 root root 6 Nov 28 17:36 dir
drwxr-xr-x. 2 root root 6 Nov 29 00:51 test
[00:52:43 root@centos8-fosun data]#chown user1:user1 ./test/
[00:53:52 root@centos8-fosun data]#ll
total 0
drwxr-xr-x. 2 root root 6 Nov 28 17:36 dir
drwxr-xr-x. 2 user1 user1 6 Nov 29 00:51 test
(2)、在目录属主、属组不变的情况下,user2对文件有读写权限
[00:58:11 root@centos8-fosun data]#setfacl -m u:user2:rw /data/test/
[01:00:13 root@centos8-fosun data]#getfacl /data/test/
getfacl: Removing leading '/' from absolute path names
# file: data/test/
# owner: user1
# group: user1
user::rwx
user:user2:rw-
group::r-x
mask::rwx
other::r-x
(3)、user1在/data/test目录下创建文件a1.sh, a2.sh, a3.sh, a4.sh,设置所有用户都不可删除1.sh,2.sh文件、除了user1及root之外,所有用户都不可删除a3.sh, a4.sh
[01:09:39 root@centos8-fosun test]#chattr +i a1.sh
[01:09:48 root@centos8-fosun test]#chattr +i a2.sh
[00:58:29 root@centos8-fosun data]#chmod o+t /data/test/a3.sh
[01:12:01 root@centos8-fosun data]#chmod o+t /data/test/a4.sh
(4)、user3增加附加组user1,同时要求user1不能访问/data/test目录及其下所有文件
[01:15:26 root@centos8-fosun data]#chmod -x /data/test/
[01:15:54 user3@centos8-fosun data]$su - user1
Password:
Last login: Mon Nov 29 01:01:39 CST 2021 from 10.10.10.97 on pts/2
su: warning: cannot change directory to /home/user1: No such file or directory
[01:16:08 user1@centos8-fosun data]$cd test/
-bash: cd: test/: Permission denied
[01:16:10 user1@centos8-fosun data]$ls /data/test/
ls: cannot access '/data/test/a2.sh': Permission denied
ls: cannot access '/data/test/a3.sh': Permission denied
ls: cannot access '/data/test/a4.sh': Permission denied
ls: cannot access '/data/test/a1.sh': Permission denied
a1.sh a2.sh a3.sh a4.sh
(5)、清理/data/test目录及其下所有文件的acl权限
[01:17:40 user1@centos8-fosun data]$setfacl -b test/
[01:18:19 user1@centos8-fosun data]$getfacl ./test/
# file: test/
# owner: user1
# group: user1
user::rw-
group::r--
other::r--