Chinaunix首页 | 论坛 | 博客
  • 博客访问: 345616
  • 博文数量: 115
  • 博客积分: 1019
  • 博客等级: 准尉
  • 技术积分: 1104
  • 用 户 组: 普通用户
  • 注册时间: 2011-02-22 15:02
个人简介

别想万里,要把一只脚放到另一脚的前边

文章分类

全部博文(115)

文章存档

2018年(1)

2015年(2)

2014年(31)

2013年(38)

2012年(43)

我的朋友

分类: LINUX

2014-01-14 21:36:04

Users and Groups

点击(此处)折叠或打开

  1. users

  2.     Show all logged on users. This is the approximate equivalent of who -q.  man who
  3. groups

  4.     Lists the current user and the groups she belongs to. This corresponds to the $GROUPS internal variable, but gives the group names, rather than the numbers.  列出当前用户所属于的组

  5.     bash$ groups
  6.     bozita cdrom cdwriter audio xgrp        -- groups 显示所有该用户所在的组名

  7.     bash$ echo $GROUPS                      -- 只显示该用户的私有组
  8.     501

  9. chown, chgrp

  10.     The chown command changes the ownership of a file or files. This command is a useful method that root can use to shift file ownership from one user to another. An ordinary user may not change the ownership of files, not even her own files. [1] -- chown 可以改变文件属于那个那个用户;只有root 可以有这个权利

  11.     root# chown bozo *.txt

  12.         

  13.     The chgrp command changes the group ownership of a file or files. You must be owner of the file(s) as well as a member of the destination group (or root) to use this operation.  --可以改变一个文件的属组,1 你必须是一个文件的owner 2 你必须是要修改目标组的成员

  14.     chgrp --recursive dunderheads *.data
  15.     # The "dunderheads" group will now own all the "*.data" files
  16.     #+ all the way down the $PWD directory tree (that's what "recursive" means).

  17. useradd, userdel

  18.     The useradd administrative command adds a user account to the system and creates a home directory for that particular user, if so specified. The corresponding userdel command removes a user account from the system [2] and deletes associated files.

  19.     Note    

  20.     The adduser command is a synonym for useradd and is usually a symbolic link to it.
  21. -- useradd 增加用户,userdel 删除用户  adduser 是useradd 的一个链接,调用的还是useradd 命令
  22. usermod

  23.     Modify a user account. Changes may be made to the password, group membership, expiration date, and other attributes of a given user's account. With this command, a user's password may be locked, which has the effect of disabling the account.     --可以对账号进行进一步操作
  24. groupmod

  25.     Modify a given group. The group name and/or ID number may be changed using this command.

  26. id

  27.     The id command lists the real and effective user IDs and the group IDs of the user associated with the current process. This is the counterpart to the $UID, $EUID, and $GROUPS internal Bash variables.

  28.     bash$ id
  29.     uid=501(bozo) gid=501(bozo) groups=501(bozo),22(cdrom),80(cdwriter),81(audio)

  30.     bash$ echo $UID
  31.     501

  32.     Note    

  33.     The id command shows the effective IDs only when they differ from the real ones.

  34.     Also see Example 9-5.
  35. lid

  36.     The lid (list ID) command shows the group(s) that a given user belongs to, or alternately, the users belonging to a given group. May be invoked only by root.

  37.     root# lid bozo
  38.      bozo(gid=500)


  39.     root# lid daemon
  40.      bin(gid=1)
  41.       daemon(gid=2)
  42.       adm(gid=4)
  43.       lp(gid=7)
  44.         

  45. who

  46.     Show all users logged on to the system.

  47.     bash$ who
  48.     bozo tty1 Apr 27 17:45
  49.      bozo pts/0 Apr 27 17:46
  50.      bozo pts/1 Apr 27 17:47
  51.      bozo pts/2 Apr 27 17:49
  52.         

  53.     The -m gives detailed information about only the current user. Passing any two arguments to who is the equivalent of who -m, as in who am i or who The Man.

  54.     bash$ who -m
  55.     localhost.localdomain!bozo pts/2 Apr 27 17:49
  56.         

  57.     whoami is similar to who -m, but only lists the user name.

  58.     bash$ whoami
  59.     bozo
  60.         

  61. w

  62.     Show all logged on users and the processes belonging to them. This is an extended version of who. The output of w may be piped to grep to find a specific user and/or process.

  63.     bash$ w | grep startx
  64.     bozo tty1 - 4:22pm 6:41 4.47s 0.45s startx

  65. logname

  66.     Show current user's login name (as found in /var/run/utmp). This is a near-equivalent to whoami, above.

  67.     bash$ logname
  68.     bozo

  69.     bash$ whoami
  70.     bozo

  71.     However . . .

  72.     bash$ su
  73.     Password: ......

  74.     bash# whoami
  75.     root
  76.     bash# logname
  77.     bozo

  78.     Note    

  79.     While logname prints the name of the logged in user, whoami gives the name of the user attached to the current process. As we have just seen, sometimes these are not the same.
  80. su

  81.     Runs a program or script as a substitute user. su rjones starts a shell as user rjones. A naked su defaults to root. See Example A-14.
  82. sudo

  83.     Runs a command as root (or another user). This may be used in a script, thus permitting a regular user to run the script.

  84.     #!/bin/bash

  85.     # Some commands.
  86.     sudo cp /root/secretfile /home/bozo/secret
  87.     # Some more commands.

  88.     The file /etc/sudoers holds the names of users permitted to invoke sudo.
  89. passwd

  90.     Sets, changes, or manages a user's password.

  91.     The passwd command can be used in a script, but probably should not be.

  92.     Example 17-1. Setting a new password

  93.     #!/bin/bash
  94.     # setnew-password.sh: For demonstration purposes only.
  95.     # Not a good idea to actually run this script.
  96.     # This script must be run as root.

  97.     ROOT_UID=0 # Root has $UID 0.
  98.     E_WRONG_USER=65 # Not root?

  99.     E_NOSUCHUSER=70
  100.     SUCCESS=0


  101.     if [ "$UID" -ne "$ROOT_UID" ]
  102.     then
  103.       echo; echo "Only root can run this script."; echo
  104.       exit $E_WRONG_USER
  105.     else
  106.       echo
  107.       echo "You should know better than to run this script, root."
  108.       echo "Even root users get the blues... "
  109.       echo
  110.     fi


  111.     username=bozo
  112.     NEWPASSWORD=security_violation

  113.     # Check if bozo lives here.
  114.     grep -q "$username" /etc/passwd
  115.     if [ $? -ne $SUCCESS ]
  116.     then
  117.       echo "User $username does not exist."
  118.       echo "No password changed."
  119.       exit $E_NOSUCHUSER
  120.     fi

  121.     echo "$NEWPASSWORD" | passwd --stdin "$username"
  122.     # The '--stdin' option to 'passwd' permits
  123.     #+ getting a new password from stdin (or a pipe).

  124.     echo; echo "User $username's password
    1. echo; echo "User $username's password changed!"

    2. # Using the 'passwd' command in a script is dangerous.

    3. exit 0
    4. The passwd command's -l, -u, and -d options permit locking, unlocking, and deleting a user's password. Only root may use these options.

    点击(此处)折叠或打开

    1. ac命令根据当前的/var/log/wtmp文件中的登录进入和退出来报告用户连接的时间(小时),如果不使用标志,则报告总的时间.例如,键入ac命令,然后按回车键,将显示如下内容:
    2. [root@server /]# ac
    3.         total 1103.66
    4. ac -d命令,然后按回车键,将显示每天的总的连接时间:
    5. ac -d
    6. Dec 10 total 14.83
    7. Dec 11 total 9.58
    8. Dec 12 total 35.34
    9. Dec 13 total 63.00
    10. Dec 14 total 59.12
    11. Dec 15 total 92.32
    12. Dec 16 total 65.10
    13. Dec 17 total 46.83
    14. Dec 18 total 12.27
    15. Dec 19 total 62.26
    16. ac -p命令,然后按回车键,将显示每个用户的总的连接时间:
    17.  
    18. ac -dp 可以查看每个人每天连上来的时候 , 在服务器上可以查看某天连个人有没有登陆上来。
    19. Dec 27 total 7.13
    20.         root 0.32
    21.         s-p 8.38
    22. Dec 28 total 8.70
    23.         s-p 16.11
    24. Dec 29 total 16.11
    25.         s-p 8.54
    26.         x-y 1.02
    27. Today total 9.56
    28. last

    29. List last logged in users, as read from /var/log/wtmp. This command can also show remote logins.

    30. For example, to show the last few times the system rebooted:

    31. bash$ last reboot reboot system boot 2.6.9-1.667 Fri Feb 4 18:18 (00:02)
    32.  reboot system boot 2.6.9-1.667 Fri Feb 4 15:20 (01:27)
    33.  reboot system boot 2.6.9-1.667 Fri Feb 4 12:56 (00:49)
    34.  reboot system boot 2.6.9-1.667 Thu Feb 3 21:08 (02:17)
    35.  . . .

    36.  wtmp begins Tue Feb 1 12:50:09 2005
    37. last root  # root 用户登陆的情况


    点击(此处)折叠或打开

    1. Information and Statistics

    2. uname

    3.     Output system specifications (OS, kernel version, etc.) to stdout. Invoked with the -a option, gives verbose system info (see Example 16-5). The -s option shows only the OS type.

    4.     bash$ uname
    5.     Linux

    6.     bash$ uname -s
    7.     Linux


    8.     bash$ uname -a
    9.     Linux iron.bozo 2.6.15-1.2054_FC5 #1 Tue Mar 14 15:48:33 EST 2006
    10.      i686 i686 i386 GNU/Linux

    11. arch

    12.     Show system architecture. Equivalent to uname -m. See Example 11-26.

    13.     bash$ arch
    14.     i686

    15.     bash$ uname -m
    16.     i686

    17. lastcomm

    18.     Gives information about previous commands, as stored in the /var/account/pacct file. Command name and user name can be specified by options. This is one of the GNU accounting utilities.
    19. lastlog

    20.     List the last login time of all system users. This references the /var/log/lastlog file.

    21.     bash$ lastlog
    22.     root tty1 Fri Dec 7 18:43:21 -0700 2001
    23.      bin **Never logged in**
    24.      daemon **Never logged in**
    25.      ...
    26.      bozo tty1 Sat Dec 8 21:14:29 -0700 2001

    27.     bash$ lastlog | grep root
    28.     root tty1 Fri Dec 7 18:43:21 -0700 2001
    29.         

    30.     Caution    

    31.     This command will fail if the user invoking it does not have read permission for the /var/log/lastlog file.
    32. lsof

    33.     List open files. This command outputs a detailed table of all currently open files and gives information about their owner, size, the processes associated with them, and more. Of course, lsof may be piped to grep and/or awk to parse and analyze its results.

    34.     bash$ lsof
    35.     COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
    36.      init 1 root mem REG 3,5 30748 30303 /sbin/init
    37.      init 1 root mem REG 3,5 73120 8069 /lib/ld-2.1.3.so
    38.      init 1 root mem REG 3,5 931668 8075 /lib/libc-2.1.3.so
    39.      cardmgr 213 root mem REG 3,5 36956 30357 /sbin/cardmgr
    40.      ...
    41.         

    42.     The lsof command is a useful, if complex administrative tool. If you are unable to dismount a filesystem and get an error message that it is still in use, then running lsof helps determine which files are still open on that filesystem. The -i option lists open network socket files, and this can help trace intrusion or hack attempts.

    43.     bash$ lsof -an -i tcp
    44.     COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
    45.      firefox 2330 bozo 32u IPv4 9956 TCP 66.0.118.137:57596->67.112.7.104:http ...
    46.      firefox 2330 bozo 38u IPv4 10535 TCP 66.0.118.137:57708->216.79.48.24:http ...
    47.         

    48.     See Example 30-2 for an effective use of lsof.
    49. strace

    50.     System trace: diagnostic and debugging tool for tracing system calls and signals. This command and ltrace, following, are useful for diagnosing why a given program or package fails to run . . . perhaps due to missing libraries or related causes.

    51.     bash$ strace df
    52.     execve("/bin/df", ["df"], [/* 45 vars */]) = 0
    53.      uname({sys="Linux", node="bozo.localdomain", ...}) = 0
    54.      brk(0) = 0x804f5e4

    55.      ...
    56.         

    57.     This is the Linux equivalent of the Solaris truss command.
    58. ltrace

    59.     Library trace: diagnostic and debugging tool that traces library calls invoked by a given command.

    60.     bash$ ltrace df
    61.     __libc_start_main(0x804a910, 1, 0xbfb589a4, 0x804fb70, 0x804fb68 <unfinished ...>:
    62.      setlocale(6, "") = "en_US.UTF-8"
    63.     bindtextdomain("coreutils", "/usr/share/locale") = "/usr/share/locale"
    64.     textdomain("coreutils") = "coreutils"
    65.     __cxa_atexit(0x804b650, 0, 0, 0x8052bf0, 0xbfb58908) = 0
    66.     getenv("DF_BLOCK_SIZE") = NULL

    67.      ...
    68.         

    69. nc

    70.     The nc (netcat) utility is a complete toolkit for connecting to and listening to TCP and UDP ports. It is useful as a diagnostic and testing tool and as a component in simple script-based HTTP clients and servers.

    71.     bash$ nc localhost.localdomain 25
    72.     220 localhost.localdomain ESMTP Sendmail 8.13.1/8.13.1;
    73.      Thu, 31 Mar 2005 15:41:35 -0700




    74. free

      Shows memory and cache usage in tabular form. The output of this command lends itself to parsing, using , or Perl. The procinfo command shows all the information that free does, and much more.


    75. bash$ free | grep Mem | awk '{ print $4 }' 1880

    76. dmesg

      Lists all system bootup messages to stdout. Handy for debugging and ascertaining which device drivers were installed and which system interrupts in use. The output of dmesg may, of course, be parsed with , , or from within a script.


    77. stat

      Gives detailed and verbose statistics on a given file (even a directory or device file) or set of files.


    78. vmstat

      Display virtual memory statistics.


    79. uptime

      Shows how long the system has been running, along with associated statistics.


    80.     sar

      Invoking sar (System Activity Reporter) gives a very detailed rundown on system statistics. The Santa Cruz Operation ("Old" SCO) released sar as Open Source in June, 1999.

      This command is not part of the base Linux distribution, but may be obtained as part of the package, written by .








            

阅读(974) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~