1、新建系统组mariadb, 新建系统用户mariadb, 属于mariadb组,要求其没有家目录,且shell为/sbin/nologin;尝试root切换至用户,查看其命令提示符;
[root@CentOS7-171 ~]# groupadd mariadb [root@CentOS7-171 ~]# useradd mariadb -g mariadb -s /sbin/nologin -M [root@CentOS7-171 ~]# id mariadb uid=4004(mariadb) gid=5002(mariadb) groups=5002(mariadb) [root@CentOS7-171 ~]# su - mariadb Last login: Thu Mar 2 20:51:19 CST 2017 on pts/0 su: warning: cannot change directory to /home/mariadb: No such file or directory This account is currently not available. [root@CentOS7-171 ~]# tail -1 /etc/passwd mariadb:x:4004:5002::/home/mariadb:/sbin/nologin
2、新建GID为5000的组mageedu,新建用户gentoo,要求其家目录为/users/gentoo,密码同用户名;
[root@CentOS7-171 ~]# mkdir /users/ [root@CentOS7-171 ~]# useradd -d /users/gentoo gentoo [root@CentOS7-171 ~]# echo "gentoo" | passwd --stdin gentoo Changing password for user gentoo. passwd: all authentication tokens updated successfully. [root@CentOS7-171 ~]# grep gentoo /etc/passwd gentoo:x:4009:4009::/users/gentoo:/bin/bash
3、新建用户fedora,其家目录为/users/fedora,密码同用户名;
[root@CentOS7-171 ~]# useradd -d /users/fedora fedora [root@CentOS7-171 ~]# echo "fedora"|passwd --stdin fedora Changing password for user fedora. passwd: all authentication tokens updated successfully. [root@CentOS7-171 ~]# grep fedora /etc/passwd fedora:x:4010:4010::/users/fedora:/bin/bash
4、新建用户www, 其家目录为/users/www;删除www用户,但保留其家目录;
[root@CentOS7-171 ~]# useradd -d /users/www www [root@CentOS7-171 ~]# grep www /etc/passwd moosefs:x:4008:4008::/users/www:/bin/bash www:x:4011:4011::/users/www:/bin/bash [root@CentOS7-171 ~]# userdel www [root@CentOS7-171 ~]# id www id: www: no such user [root@CentOS7-171 ~]# ll -d /users/www drwx------ 3 4011 4011 74 Mar 2 21:30 /users/www
5、为用户gentoo和fedora新增附加组mageedu;
[root@CentOS7-171 ~]# usermod -G mageedu gentoo [root@CentOS7-171 ~]# usermod -G mageedu fedora [root@CentOS7-171 ~]# id gentoo uid=4009(gentoo) gid=4009(gentoo) groups=4009(gentoo),5000(mageedu) [root@CentOS7-171 ~]# id fedora uid=4010(fedora) gid=4010(fedora) groups=4010(fedora),5000(mageedu)
6、复制目录/var/log至/tmp/目录,修改/tmp/log及其内部的所有文件的属组为mageedu,并让属组对目录本身拥有写权限;
[root@CentOS7-171 ~]# cp -r /var/log/ /tmp/ [root@CentOS7-171 ~]# ll -d /tmp/log drwxr-xr-x 21 root root 4096 Mar 2 21:34 /tmp/log [root@CentOS7-171 ~]# chown -R :mageedu /tmp/log/ [root@CentOS7-171 ~]# ll -d /tmp/log/ drwxr-xr-x 21 root mageedu 4096 Mar 2 21:34 /tmp/log/ [root@CentOS7-171 ~]# ll /tmp/log/ total 1756 drwxr-xr-x 2 root mageedu 4096 Mar 2 21:34 anaconda drwxr-x--- 2 root mageedu 22 Mar 2 21:34 audit -rw-r--r-- 1 root mageedu 13245 Mar 2 21:34 boot.log [root@CentOS7-171 ~]# chmod g+w /tmp/log/ [root@CentOS7-171 ~]# ll -d /tmp/log/ drwxrwxr-x 21 root mageedu 4096 Mar 2 21:34 /tmp/log/
7、创建用户gentoo,UID为4001,基本组为gentoo,附加组为distro(GID为5000)和peguin(GID为5001);
[root@CentOS7-171 ~]# groupadd -g 5000 distro [root@CentOS7-171 ~]# groupadd -g 5001 peguin [root@CentOS7-171 ~]# useradd -u 4001 gentoo -G distro,peguin [root@CentOS7-171 ~]# id gentoo uid=4001(gentoo) gid=4001(gentoo) groups=4001(gentoo),5000(distro),5001(peguin)
8、创建用户fedora,其注释信息为"Fedora Core",默认shell为/bin/tcsh;
[root@CentOS7-171 ~]# useradd fedora -c "Fedora Core" -s /bin/tcsh [root@CentOS7-171 ~]# id fedora uid=4009(fedora) gid=4009(fedora) groups=4009(fedora) [root@CentOS7-171 ~]# grep fedora /etc/passwd fedora:x:4009:4009:Fedora Core:/home/fedora:/bin/tcsh
9、修改gentoo用户的家目录为/var/tmp/gentoo;要求其原有文件仍能被用户访问;
[root@CentOS7-171 ~]# usermod -d /var/tmp/gentoo gentoo [root@CentOS7-171 ~]# grep gentoo /etc/passwd gentoo:x:4001:4001::/var/tmp/gentoo:/bin/bash
10、为gentoo新增附加组netadmin;
[root@CentOS7-171 ~]# groupadd netadmin [root@CentOS7-171 ~]# usermod -aG netadmin gentoo [root@CentOS7-171 ~]# id gentoo uid=4001(gentoo) gid=4001(gentoo) groups=4001(gentoo),5000(distro),5001(peguin),5003(netadmin)
本文出自 “xiaozhu” 博客,请务必保留此出处http://zhucke.blog.51cto.com/180229/1902788
原文:http://zhucke.blog.51cto.com/180229/1902788