接上一篇博文:http://blog.51cto.com/9657273/2299225
说明:本次博文是一套练习,用于强化前边的知识点。
- 1、复制/etc/skel 目录为 /home/tuser1,要求/home/tuser1及其内部文件的属组和其他用户均没有任何访问权限;
注意点:
1. 复制的骨架文件/etc/skel是一个目录,所以cp要加递归复制选项-r;
2. 要求复制的权限文件属组和其他用户均没有任何访问权限,这个时候可能用临时会话改变umask值或者
在当前bash的子shell中改变umask值并操作复制,并且复制的时候cp不能保留原有属性;
实际执行命令为:
(umask 0077;cp -r /etc/skel /home/tuser1)
操作过程:
[[email protected] tmp]# (umask 0077;cp -r /etc/skel /home/tuser1)
[[email protected] tmp]# ls -la /home/tuser1/
total 12
drwx------ 2 root root 59 Oct 18 16:50 .
drwxr-xr-x. 3 root root 19 Oct 18 16:50 ..
-rw------- 1 root root 18 Oct 18 16:50 .bash_logout
-rw------- 1 root root 193 Oct 18 16:50 .bash_profile
-rw------- 1 root root 231 Oct 18 16:50 .bashrc
[[email protected] tmp]# ls -ld /home/tuser1/
drwx------ 2 root root 59 Oct 18 16:50 /home/tuser1/- 2、编辑/etc/group文件,添加组hadoop;
这题没有什么好说的,注意/etc/group配置文件语法格式和规范;同时添加的组id要符合普通非系统用户范围
可以使用vi编辑器或者sed直接修改文件或者echo,cat等命令加重定向来完成都行;
加入的一条记录内容为:
hadoop:x:1001:
操作命令:
echo ‘hadoop:x:1001:‘ >>/etc/group
操作过程:
[[email protected] tmp]# echo ‘hadoop:x:1001:‘ >>/etc/group
[[email protected] tmp]# tail -1 /etc/group
hadoop:x:1001:
- 3、手动编辑/etc/passwd文件新增一行,添加用户hadoop,其基本组ID为hadoop组的id号,其家目录为/home/hadoop;
注意/etc/passwd配置文件语法格式,以冒号分隔的第一个字段表示用户名,第四个字段表示用户属组基本
组id号,倒数第二个字段表示用户的家目录
新增内容为:
hadoop:x:1002:1001::/home/hadoop:/bin/bash
我是直接vim编辑操作新增的,这里就不给出命令了;配置文件/etc/passwd的最后一行为(不一定要写入
到最后一行):
[[email protected] tmp]# tail -1 /etc/passwd
hadoop:x:1002:1001::/home/hadoop:/bin/bash
- 4、复制/etc/skel 目录为 /home/hadoop,要求修改hadoop目录的属组和其他用户没有任何访问权限;
这一题和第一题很像,这题就是应用了。我们不做说明,给出命令和过程即可。
命令为:
(umask 0077;cp -r /etc/skel /home/hadoop)
执行过程和结果:
[[email protected] tmp]# (umask 0077;cp -r /etc/skel /home/hadoop)
[[email protected] tmp]# ls -la /home/hadoop/
total 12
drwx------ 2 root root 59 Oct 18 17:05 .
drwxr-xr-x. 5 root root 45 Oct 18 17:05 ..
-rw------- 1 root root 18 Oct 18 17:05 .bash_logout
-rw------- 1 root root 193 Oct 18 17:05 .bash_profile
-rw------- 1 root root 231 Oct 18 17:05 .bashrc
[[email protected] tmp]# ls -ld /home/hadoop/
drwx------ 2 root root 59 Oct 18 17:05 /home/hadoop/- 5、修改/home/hadoop 目录及其内部所有文件的属主为hadoop,属组为hadoop;
执行命令:
chown -R hadoop:hadoop /home/hadoop
执行过程和结果:
[[email protected] tmp]# chown -R hadoop:hadoop /home/hadoop
[[email protected] tmp]# ls -la /home/hadoop/
total 12
drwx------ 2 hadoop hadoop 59 Oct 18 17:05 .
drwxr-xr-x. 5 root root 45 Oct 18 17:05 ..
-rw------- 1 hadoop hadoop 18 Oct 18 17:05 .bash_logout
-rw------- 1 hadoop hadoop 193 Oct 18 17:05 .bash_profile
-rw------- 1 hadoop hadoop 231 Oct 18 17:05 .bashrc
[[email protected] tmp]# ls -ld /home/hadoop/
drwx------ 2 hadoop hadoop 59 Oct 18 17:05 /home/hadoop/- 6、显示/proc/meminfo 文件中以大写或小写s开头的行,用两种方式;
执行命令:
方法1:grep ‘^[sS]‘ /proc/meminfo
方法2:grep -i ‘^s‘ /proc/meminfo
方法3:grep -E ‘^(s|S)‘ /proc/meminfo
执行过程和结果:
为了演示效果,我认为的复制了一份/proc/meminfo,并且对立面的内容有意的加入了以小写字母s开头的行
以及小写字母在中间的文本。
[[email protected] tmp]# grep ‘^[sS]‘ /proc/meminfo
SwapCached: 208 kB
SwapTotal: 2097148 kB
SwapFree: 2095648 kB
Shmem: 7264 kB
Slab: 61208 kB
SReclaimable: 35548 kB
SUnreclaim: 25660 kB
[[email protected]node2 tmp]# cp /proc/meminfo /tmp/meminfo.bak
[[email protected] tmp]# echo "swapTotals: 2097148 kB" >> /tmp/meminfo.bak
[[email protected] tmp]# grep ‘^[sS]‘ /tmp/meminfo.bak
SwapCached: 208 kB
SwapTotal: 2097148 kB
SwapFree: 2095648 kB
Shmem: 7264 kB
Slab: 61208 kB
SReclaimable: 35548 kB
SUnreclaim: 25660 kB
swapTotals: 2097148 kB
[[email protected] tmp]# grep -i ‘^s‘ /tmp/meminfo.bak
SwapCached: 208 kB
SwapTotal: 2097148 kB
SwapFree: 2095648 kB
Shmem: 7264 kB
Slab: 61208 kB
SReclaimable: 35548 kB
SUnreclaim: 25660 kB
swapTotals: 2097148 kB
[[email protected] tmp]# grep -E ‘^(s|S)‘ /tmp/meminfo.bak
SwapCached: 208 kB
SwapTotal: 2097148 kB
SwapFree: 2095648 kB
Shmem: 7264 kB
Slab: 61208 kB
SReclaimable: 35548 kB
SUnreclaim: 25660 kB
swapTotals: 2097148 kB- 7、显示/etc/passwd文件中其默认shell为非/sbin/nologin的用户;
/etc/passwd文件以符号:分隔的最后一个字段表示用户的登录shell;
执行命令:
grep -v ‘/sbin/nologin$‘ /etc/passwd | cut -d‘:‘ -f1
执行过程:
[[email protected] tmp]# grep -v ‘/sbin/nologin$‘ /etc/passwd
root:x:0:0:root:/root:/bin/bash
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
yanhui:x:1000:1000::/home/yanhui:/bin/bash
hadoop:x:1002:1001::/home/hadoop:/bin/bash
[[email protected] tmp]# grep -v ‘/sbin/nologin$‘ /etc/passwd | cut -d‘:‘ -f1
root
sync
shutdown
halt
yanhui
hadoop
- 8、显示/etc/passwd文件中其默认shell为/bin/bash的用户;
执行命令:
grep ‘/bin/bash$‘ /etc/passwd|cut -d‘:‘ -f1
执行过程和结果:
[[email protected] tmp]# grep ‘/bin/bash$‘ /etc/passwd
root:x:0:0:root:/root:/bin/bash
yanhui:x:1000:1000::/home/yanhui:/bin/bash
hadoop:x:1002:1001::/home/hadoop:/bin/bash
[[email protected] tmp]# grep ‘/bin/bash$‘ /etc/passwd|cut -d‘:‘ -f1
root
yanhui
hadoop- 9、找出/etc/passwd文件中的一位数或两位数;
注意一点,做正则匹配的时候,默认是贪婪匹配的,如果要限定值匹配固定数量的,要用边界锚定;
还有一点注意扩展正则与标准正则中,特定元字符使用的形式略有不同,标准正则中要做转移的;
执行命令:
grep -E ‘\b[0-9]{1,2}\b‘ /etc/passwd
执行过程和结果:
[[email protected] tmp]# grep -E ‘\b[0-9]{1,2}\b‘ /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
tss:x:59:59:Account used by the trousers package to sandbox the tcsd daemon:/dev/null:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
tcpdump:x:72:72::/:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin- 10、显示/boot/grub/grub.conf中以至少一个空白字符开头的行;
注意:/boot/grub/grub.conf这个配置文件在CentOS 7.x系列上没有,要在CentOS 6.x上测试;
执行命令:grep -E ‘^[[:space:]]{1,}‘ /boot/grub/grub.conf
执行过程和结果:
[[email protected] ~]# ls -l /boot/grub/grub.conf
-rw-------. 1 root root 771 Aug 16 00:26 /boot/grub/grub.conf
[[email protected] ~]# grep -E ‘^[[:space:]]{1,}‘ /boot/grub/grub.conf
root (hd0,0)
kernel /vmlinuz-2.6.32-696.el6.x86_64 ro root=UUID=610d4939-d78f-462b-92d6-8ad25ac6ad8e rd_NO_LUKS rd_NO_LVM LANG=en_US.UTF-8 rd_NO_MD SYSFONT=latarcyrheb-sun16 crashkernel=auto KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet
initrd /initramfs-2.6.32-696.el6.x86_64.img
[[email protected] ~]# grep -E ‘^[[:space:]]{1,}‘ /boot/grub/grub.conf|cat -A
^Iroot (hd0,0)$
^Ikernel /vmlinuz-2.6.32-696.el6.x86_64 ro root=UUID=610d4939-d78f-462b-92d6-8ad25ac6ad8e rd_NO_LUKS rd_NO_LVM LANG=en_US.UTF-8 rd_NO_MD SYSFONT=latarcyrheb-sun16 crashkernel=auto KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet$
^Iinitrd /initramfs-2.6.32-696.el6.x86_64.img$- 11、显示/etc/rc.d/rc.sysinit文件中以#开头,后面跟至少一个空白字符,而后又至少一个非空白字符的行;
注意:/etc/rc.d/rc.sysinit这个配置文件CentOS 7.x上没有,要在CentOS 6.x上测试;
执行命令:
grep -E ‘^#[[:space:]]+[^[:space:]]+‘ /etc/rc.d/rc.sysinit
或者
grep -E ‘^#[[:space:]]{1,}[^[:space:]]{1,}‘ /etc/rc.d/rc.sysinit
执行结果和过程:
[[email protected] ~]# grep -E ‘^#[[:space:]]+[^[:space:]]+‘ /etc/rc.d/rc.sysinit
# /etc/rc.d/rc.sysinit - run once at boot time
# Taken in part from Miquel van Smoorenburg‘s bcheckrc.
# Check SELinux status
# Print a text banner.
# Only read this once.
# Initialize hardware
# Set default affinity
# Load other user-defined modules
# Load modules (for backward compatibility with VARs)
# Configure kernel parameters
# Set the hostname.
# Sync waiting for storage.
# Device mapper & related initialization
# Start any MD RAID arrays that haven‘t been started yet
# Remount the root filesystem read-write.
# Clean up SELinux labels
# If relabeling, relabel mount points.
# Mount all other filesystems (except for NFS and /proc, which is already
# mounted). Contrary to standard usage,
# filesystems are NOT unmounted in single user mode.
# The ‘no‘ applies to all listed filesystem types. See mount(8).
# Check to see if a full relabel is needed
# Update quotas if necessary
# Initialize pseudo-random number generator
# Configure machine if necessary.
# Clean out /.
# Do we need (w|u)tmpx files? We don‘t set them up, but the sysadmin might...
# Clean up /var.
# Clean up utmp/wtmp
# Clean up various /tmp bits
# Make ICE directory
# Start up swapping.
# Set up binfmt_misc
# Boot time profiles. Yes, this should be somewhere else.
# Now that we have all of our basic modules loaded and the kernel going,
# let‘s dump the syslog ring somewhere so we can find it later
# create the crash indicator flag to warn on crashes, offer fsck with timeout
# Let rhgb know that we‘re leaving rc.sysinit
[[email protected] ~]# grep -E ‘^#[[:space:]]+[^[:space:]]+‘ /etc/rc.d/rc.sysinit|wc -l
38- 12、打出netstat -tan命令执行结果中以‘LISTEN‘,后或跟空白字符结尾的行;
执行命令:
netstat -tan|grep -E ‘LISTEN[[:space:]]*$‘
执行过程:
[[email protected] tmp]# netstat -tan|grep -E ‘LISTEN[[:spache:]]*$‘
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp6 0 0 :::22 :::* LISTEN
tcp6 0 0 ::1:25 :::* LISTEN
- 13、添加用户bash,testbash,basher,nologin(此一个用户的shell为/sbin/nologin),而后找出当前系统上其用户名和默认shell相同的用户的信息;
执行命令:
grep -E ‘(^[^:]+\b).*\1$‘ /etc/passwd
执行过程和结果:
[[email protected] ~]# grep -E ‘(^[^:]+\b).*\1$‘ /etc/passwd
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
bash:x:1003:1003::/home/bash:/bin/bash
nologin:x:1006:1006::/home/nologin:/sbin/nologin原文地址:http://blog.51cto.com/9657273/2304812
时间: 2024-11-07 08:54:52