1.修改时间为2016-11-01 12:06:26;
[root@localhost ~]# date 110112062016.26
Tue Nov 1 12:06:26 CST 2016
2.修改成功后按照%Y-%m-%d的格式输出,并将输出结果保存到/mnt/date.txt;
[root@localhost ~]# date +%Y-%m-%d |tee /mnt/date.txt
2016-11-01
3.查看80天以前的日期,重定向文件到/mnt/datafile,然后查看80天以后的日期,追加到/mnt/datafile;
[root@localhost ~]# date -d -80days
Sat Aug 13 12:11:24 CST 2016
[root@localhost ~]# date -d -80days >/mnt/datafile
[root@localhost ~]# date -d +80days
Fri Jan 20 12:14:04 CST 2017
[root@localhost ~]# date -d +80days >>/mnt/datafile
4.用一条命令查看/mnt/datafile文件的字节数,字符数,行数,单词数;
[root@localhost ~]# wc -clmw /mnt/datafile
2 12 58 58 /mnt/datafile
5.通过快捷方式执行最近一条含有”date“关键字的命令
[root@localhost ~]# !date
date -d +80days >>/mnt/datafile
6.用一条命令在/mnt/目录下创建文件westosX_fileY,x的取值范围为{a,b,c},Y的取值范围为8-13;
[root@localhost ~]# touch /mnt/westos{a,b,c}_file{8..13}
[root@localhost ~]# ls /mnt
datafile westosa_file13 westosb_file11 westosb_file9 westosc_file13
westosa_file10 westosa_file8 westosb_file12 westosc_file10 westosc_file8
westosa_file11 westosa_file9 westosb_file13 westosc_file11 westosc_file9
westosa_file12 westosb_file10 westosb_file8 westosc_file12
7.将westosX_fileY的文件均移动到/tmp目录下;
[root@localhost ~]# mv /mnt/westos{a,b,c}_file{8..13} /tmp
[root@localhost ~]# ls /tmp
8.复制/etc/group文件到/mnt;
-vim编辑该文件,复制前三行,粘贴到第五行;
-剪贴第五行粘贴到最后一行;
-删除倒数第三行;
-在3-10行的最开始批量添加root单词
-在左右分屏的情况下,将5-10行中的root替换为kiosk
-退出左右分屏,在上下分屏的情况下替换全文的kiosk为student;
[root@localhost mnt]# cat group
root:x:0:
bin:x:1:
studentdaemonx2:
studentsys:x:3:
student
studentstudent:x:0:
studentbin:x:1:
studentdaemon:x:2:
studenttty:x:5:
studentdisk:x:6:
lp:x:7:
mem:x:8:
kmem:x:9:
wheel:x:10:student
cdrom:x:11:
mail:x:12:postfix
man:x:15:
dialout:x:18:
floppy:x:19:
games:x:20:
tape:x:30:
video:x:39:
ftp:x:50:
lock:x:54:
audio:x:63:
nobody:x:99:
users:x:100:
utmp:x:22:
utempter:x:35:
ssh_keys:x:999:
systemd-journal:x:190:
dbus:x:81:
polkitd:x:998:
avahi:x:70:
avahi-autoipd:x:170:
rpc:x:32:
dip:x:40:
cgred:x:997:
rpcuser:x:29:
nfsnobody:x:65534:
ovirtagent:x:175:
postdrop:x:90:
postfix:x:89:
sshd:x:74:
chrony:x:996:
student:x:1000:
usbmuxd:x:113:
colord:x:995:
abrt:x:173:
libstoragemgmt:x:994:
unbound:x:993:
kvm:x:36:qemu
qemu:x:107:
saslauth:x:76:
ntp:x:38:
rtkit:x:172:
radvd:x:75:
pulse-access:x:992:
pulse:x:171:
gdm:x:42:
gnome-initial-setup:x:991:
stapusr:x:156:
stapsys:x:157:
stapdev:x:158:
slocate:x:21:
adm:x:4:
9.配置vim,使其在编辑文件时拥有以下功能1:显示行号,鼠标可以操纵光标位置
[root@localhost mnt]# vim /etc/vimrc
配置以上文件在文件末尾添加上:set nu 和 setmouse=a
[root@localhost mnt]# cat /etc/vimrc
if v:lang =~ "utf8$" || v:lang =~ "UTF-8$"
setfileencodings=ucs-bom,utf-8,latin1
endif
set nocompatible " Use Vimdefaults (much better!)
set bs=indent,eol,start " allowbackspacing over everything in insert mode
"set ai " always setautoindenting on
"set backup " keep a backupfile
set viminfo='20,\"50 "read/write a .viminfo file, don't store more
" than 50 lines ofregisters
set history=50 " keep 50 linesof command line history
set ruler " show the cursorposition all the time
" Only do this part when compiled with support for autocommands
if has("autocmd")
augroup redhat
autocmd!
" In text files, always limit thewidth of text to 78 characters
" autocmd BufRead *.txt settw=78
" When editing a file, always jumpto the last cursor position
autocmd BufReadPost *
\ if line("'\"") > 0&& line ("'\"") <= line("$") |
\ exe "normal! g'\"" |
\ endif
" don't write swapfile on mostcommonly used directories for NFS mounts or USB sticks
autocmd BufNewFile,BufReadPre/media/*,/run/media/*,/mnt/* set directory=~/tmp,/var/tmp,/tmp
" start with spec filetemplate
autocmd BufNewFile *.spec 0r/usr/share/vim/vimfiles/template.spec
augroup END
endif
if has("cscope") &&filereadable("/usr/bin/cscope")
set csprg=/usr/bin/cscope
set csto=0
set nu
set mouse=a
set cst
set nocsverb
" add any database in currentdirectory
iffilereadable("cscope.out")
cs add $PWD/cscope.out
" else add database pointed to byenvironment
elseif $CSCOPE_DB !=""
cs add $CSCOPE_DB
endif
set csverb
endif
" Switch syntax highlighting on, when the terminal has colors
" Also switch on highlighting the last used search pattern.
if &t_Co > 2 || has("gui_running")
syntax on
set hlsearch
endif
filetype plugin on
if &term=="xterm"
set t_Co=8
set t_Sb=[4%dm
set t_Sf=[3%dm
endif
" Don't wake up system with blinking cursor:
" http://www.linuxpowertop.org/known.php
let &guicursor = &guicursor . ",a:blinkon0"
set nu
set mouse=a
10.用户与用户组操作
- 创建用户组phone,指定gid为888,下面新建用户均属于phone用户组;
- 创建用户mi,设置uid=1800,shell类型为/bin/sh;
- 创建用户iphone,设置uid=1801,用户描述为“User iphone“;
- 创建用户huawei,设置用户描述为“华为”,用户家目录为/huawei;
**因业务需要,执行以下操作:
- 修改用户mi的uid为1700,shell另外类型为/sbin/nologin;
- 修改用户iphone的用户描述为“苹果手机”;
- 修改用户huawei的用户家目录为/home/huawei;
[root@localhost ~]# groupadd -g 888 phone
[root@localhost ~]# useradd -u 1800 mi
[root@localhost ~]# usermod -s /bin/sh mi
[root@localhost ~]# usermod -aG phone mi
[root@localhost ~]# useradd -u 1801 iphone
[root@localhost ~]# usermod -c User iphone iphone
[root@localhost ~]# usermod -aG phone iphone
[root@localhost ~]# useradd -c 华为 huawei
[root@localhost ~]# usermod -d /huawei huawei
[root@localhost ~]# usermod -aG phone huawei
[root@localhost ~]# usermod -s /sbin/nologin mi
[root@localhost ~]# usermod -u 1700 mi
[root@localhost ~]# usermod -c 苹果手机 iphone
[root@localhost ~]# usermod -d /home/huawei huawei
11.(密码管理)某管理员建立一用来管理帐号的用户admin,满足以下条件
-uid=7777,gid=7777,用户描述为“系统管理员";
-新建用户组bank1,bank2,使新建的用户为admin用户的附加组;
-设置admin用户的密码为”adminpasswd“;
-修改密码使用天数为0,使该用户首次登陆必须改密码;
-修改密码最短有效期为7,使该用户设置密码等待7天后才可以再次更改;
-给admin用户下方权限,使得该用户可以新建用户(无密码方式)。
[root@localhost ~]# useradd -u 7777 admin
[root@localhost ~]# usermod -c 系统管理员 admin
[root@localhost ~]# groupadd bank1
[root@localhost ~]# groupadd bank2
[root@localhost ~]# usermod -aG bank1 admin
[root@localhost ~]# usermod -aG bank2 admin
[root@localhost ~]# echo adminpasswd | passwd --stdin admin
Changing password for user admin.
passwd: all authentication tokens updated successfully.
[root@localhost ~]# chage -d 0 admin
[root@localhost ~]# passwd -n 7 admin
[root@localhost ~]# vim /etc/sudoers
其中编辑##Allow user admin to create user
admin localhost=(root) NOPASSWD: /usr/sbin/useradd
[root@localhost ~]# su - admin
Last login: Tue Apr 4 05:38:56 EDT 2017on pts/0
[admin@localhost ~]$ sudo /usr/sbin/useradd linux
12.创建一公共目录/pubdir,使得所有用户均可以向该目录写入内容,但是只能删除属于自己的文件或者目录。
[root@localhost ~]# mkdir /pubdir
[root@localhost ~]# chmod 1777 /pubdir/
13.显示cpu使用量前五的pid,并重定向到文件/mnt/pidfile中;
[root@localhost ~]# ps ax -o pid --sort -%cpu | grep PID -v | head -n 5>/mnt/pidfile
14.显示试图登陆你主机但没有成功登录的用户,保存到/mnt/login_fail.text文件中;
[root@localhost ~]# lastb
root ssh:notty 172.25.254.61 Tue Apr 4 04:43 - 04:43 (00:00)
root :0 :0 Mon Apr 3 04:39 - 04:39 (00:00)
btmp begins Mon Apr 3 04:39:092017
[root@localhost ~]# lastb >/mnt/login_fail.text
[root@localhost ~]# cat/mnt/login_fail.text
-bash: cat/mnt/login_fail.text: No such file or directory
[root@localhost ~]# cat /mnt/login_fail.text
root ssh:notty 172.25.254.61 Tue Apr 4 04:43 - 04:43 (00:00)
root :0 :0 Mon Apr 3 04:39 - 04:39 (00:00)
15.设置ssh服务器端,不允许通过密码认证进行远程连接
[root@localhost ~]# vim /etc/ssh/sshd_config
PasswordAuthentication yes改为PasswordAuthenticationno
[root@localhost ~]# systemctl restart sshd.serivice
16.打包压缩/mnt下的文件为tar.gz格式,实现无密码(即通过密钥认证)发送压缩包到真机kiosk用户的桌面;
[root@localhost mnt]# tar zcf mnt.tar.gz/mnt
[root@localhost mnt]# ls
group login_fail.text mnt.tar.gz pidfile
[root@localhost mnt]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
e5:02:87:87:c1:98:ba:39:09:e9:fa:3a:28:cc:c6:c8 root@localhost
The key's randomart image is:
+--[ RSA 2048]----+
| +. |
| o .+ |
| . . + o . |
|o . + o |
|.. + S . |
| .= . |
|O . |
|*E |
|++. |
+-----------------+
[root@localhost /]# ssh-copy-id -i /root/.ssh/id_rsa.pub root@172.25.254.163
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filterout any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you areprompted now it is to install the new keys
root@172.25.254.163's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@172.25.254.163'"
and check to make sure that only the key(s) you wanted were added.
[root@localhost ~]# scp /root/.ssh/id_rsa root@172.25.254.61:/root/.ssh/
root@172.25.254.61's password:
id_rsa 100% 1675 1.6KB/s 00:00
[root@localhost ~]# exit
logout
Connection to 172.25.254.163 closed.
[root@foundation61 Desktop]# ssh root@172.25.254.163
Last login: Tue Apr 4 08:20:07 2017 from172.25.254.61
[root@localhost ~]#
[root@localhost ~]# cd /mnt/
[root@localhost mnt]# scp /mnt/mnt.tar.gzkiosk@172.25.254.61:/home/kiosk/Desktop
kiosk@172.25.254.61's password:
Permission denied, please try again.
kiosk@172.25.254.61's password:
mnt.tar.gz 100% 3671 3.6KB/s 00:00
17.实现你的主机与172.25.254.250主机实现同步
(1)服务端
[root@foundation250 Desktop] # vim /etc/chrony.conf
# Allow NTP client access from local network.
allow 172.25.254.61/24
# Listen for commands only on localhost.
bindcmdaddress 127.0.0.1
bindcmdaddress ::1
# Serve time even if not synchronized to any NTP server.
local stratum 10
(2)客户端
[root@foundation61 Desktop] # vim /etc/chrony.conf
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
server 172.25.254.250 iburst
设置后重启
(3)测试
[root@foundation61 Desktop]# chronyc sources -v
210 Number of sources = 1
.-- Source mode '^' = server, '=' = peer, '#' = localclock.
/ .- Source state '*' = current synced,'+' = combined , '-' = not combined,
| / '?' = unreachable, 'x' = time maybe in error, '~' = time too variable.
|| .- xxxx [ yyyy ] +/- zzzz
|| / xxxx = adjusted offset,
|| Log2(Polling interval) -. | yyyy = measured offset,
|| \ | zzzz = estimated error.
|| | |
MS Name/IP address Stratum PollReach LastRx Last sample
===============================================================================
^* 172.25.254.61 10 6 377 41 +170us[ +201us] +/- 191us
18.设置你主机的时区为africa/conakry
[root@localhost mnt]# timedatectl set-timezone Africa/Conakry
[root@localhost mnt]# timedatectl status
Local time: Tue 2017-04-04 12:52:16GMT
Universal time: Tue 2017-04-04 12:52:16UTC
RTC time: Tue 2017-04-0412:52:16
Timezone: Africa/Conakry (GMT,+0000)
NTP enabled: yes
NTP synchronized: no
RTC in local TZ: no
DST active: n/a
19.将你主机上的所有日至信息同步到真机上;
[root@localhost ~]# vim /etc/rsyslog.conf
修改*.* @172.25.254.61
[root@localhost ~]# systemctl stop firewalld.serivice
[root@localhost ~]# systemctl restart rsyslog.serivice
[root@localhost ~]# >/var/log/messages
[root@foundation61 Desktop]# vim/etc/rsyslog.conf
取消“#”
$ModLoad imudp
$UDPServerRun 514
[root@foundation61 Desktop]# systemctl stop firewalld.serivice
[root@foundation61 Desktop]# systemctl restart rsyslog.serivice
[root@foundation61 Desktop]# >/var/log/messages
[root@localhost ~]# logger test message
[root@foundation61 Desktop]# tail -f /var/log/messages
20.通过nmcli命令设置你真机ip为172.25.254.161,网关为172.25.254.250
[root@localhost ~]# nmcli connection add type ethernet con-namewestos ifname eth0 ip4 172.25.254.161/24 gw4 172.25.254.250
[root@localhost ~]# ifconfig
[root@localhost ~]# systemctl stopNetwrokManager
[root@localhost ~]# systemctl restartnetwork
[root@localhost ~]# route -n
21.通过管理配置文件设置你主机dhcp获取ip
[root@localhost ~]# mkdir /iso
[root@localhost ~]# mkdir /rhel7.2
[root@localhost ~]# scp root@172.25.254.61:/home/kiosk/Desktop/脚本和镜像/rhel-server-7.2-x86_64-dvd.iso /iso
root@172.25.254.61's password:
rhel-server-7.2-x86_64-dvd.iso 100% 3856MB 26.6MB/s 02:25
[root@localhost ~]# mount /dev/cdrom /rhel7.2/
mount: /dev/sr0 is write-protected, mounting read-only
[root@localhost ~]# vim /etc/yum.repos.d/yum.repo
[root@localhost dhcp]# cat /etc/yum.repos.d/yum.repo
[WESTOS]
name=rhel7.2
baseurl=file:///rhel7.2
gpgcheck=0
[root@localhost ~]# yum clean all
Loaded plugins: product-id, search-disabled-repos, subscription-manager
This system is not registered to Red Hat Subscription Management. You can usesubscription-manager to register.
Cleaning repos: WESTOS
Cleaning up everything
[root@localhost ~]# systemctl install httpd
[root@localhost ~]# systemctl start httpd
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# systemctl enable httpd
[root@localhost ~]# systemctl disable firewalld
[root@localhost ~]# mkdir /var/www/html/rhel7.2
[root@localhost ~]# umount /rhel7.2
[root@localhost ~]# mount /iso/rhel-server-7.2-x86_64-dvd.iso/var/www/html/rhel7.2/
mount: /dev/loop0 is write-protected, mounting read-only
[root@localhost ~]# vim /etc/rc.d/rc.local
[root@localhost dhcp]# cat /etc/rc.d/rc.local
#!/bin/bash
# THIS FILE IS ADDED FOR COMPATIBILITY PURPOSES
#
# It is highly advisable to create own systemd services or udev rules
# to run scripts during boot instead of using this file.
#
# In contrast to previous versions due to parallel execution during boot
# this script will NOT be run after all other services.
#
# Please note that you must run 'chmod +x /etc/rc.d/rc.local' to ensure
# that this script will be executed during boot.
touch /var/lock/subsys/local
mount /iso/rhel-server-7.2-x86_64-dvd.iso /var/www/html/rhel7.2
[root@localhost ~]# setenforce 0
[root@localhost ~]# vim /etc/yum.repos.d/yum.repo
[root@localhost dhcp]# cat/etc/yum.repos.d/yum.repo
[WESTOS]
name=rhel7.2
baseurl=file:///var/www/html/rhel7.2
gpgcheck=0
[root@localhost ~]# yum search dhcp
Loaded plugins: product-id, search-disabled-repos, subscription-manager
This system is not registered to Red Hat Subscription Management. You can usesubscription-manager to register.
============================== N/S matched: dhcp===============================
dhcp-common.x86_64 : Common files used by ISC dhcp client and server
dhcp-libs.i686 : Shared libraries used by ISC dhcp client and server
dhcp-libs.x86_64 : Shared libraries used by ISC dhcp client and server
dhclient.x86_64 : Provides the ISC DHCP client daemon and dhclient-script
dhcp.x86_64 : Dynamic host configuration protocol software
dnsmasq.x86_64 : A lightweight DHCP/caching DNS server
Name and summary matches only, use"search all" for everything.
[root@localhost dhcp]# yum install dhcp
[root@localhost dhcp]# vim dhcpd.conf
[root@localhost dhcp]# cp /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example/etc/dhcp/dhcpd.conf
cp: overwrite ‘/etc/dhcp/dhcpd.conf’? y
[root@localhost dhcp]# vim dhcpd.conf
[root@localhost dhcp]# cat dhcpd.conf
# dhcpd.conf
#
# Sample configuration file for ISC dhcpd
#
# option definitions common to all supported networks...
option domain-name "example.com";
option domain-name-servers 172.25.254.254
default-lease-time 600;
max-lease-time 7200;
# Use this to enble / disable dynamic dns updates globally.
#ddns-update-style none;
# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
#authoritative;
# Use this to send dhcp log messages to a different log file (you also
# have to hack syslog.conf to complete the redirection).
log-facility local7;
# No service will be given on this subnet, but declaring it helps the
# DHCP server to understand the network topology.
}
# This is a very basic subnet declaration.
subnet 172.25.254.0 netmask 255.255.255.0 {
range 172.25.254.120172.25.254.150;
option routers 172.25.254.111
}
[root@localhost dhcp]# systemctl start dhcpd
在测试端设置获取ip获取方式为自动获取。
[root@localhost ~]# systemctl restart network
[root@localhost ~]# ifconfig
22.搭建本地yum仓库,可用yum安装lftp与vsftpd软件,安装后卸载vstftpd软件
[root@localhost ~]# mkdir /iso
[root@localhost ~]# mkdir /rhel7.2
[root@localhost ~]# scp root@172.25.254.61:/home/kiosk/Desktop/脚本和镜像/rhel-server-7.2-x86_64-dvd.iso /iso
root@172.25.254.61's password:
rhel-server-7.2-x86_64-dvd.iso 100% 3856MB 26.6MB/s 02:25
[root@localhost ~]# mount /dev/cdrom /rhel7.2/
mount: /dev/sr0 is write-protected, mounting read-only
[root@localhost ~]# vim /etc/yum.repos.d/yum.repo
[root@localhost dhcp]# cat /etc/yum.repos.d/yum.repo
[WESTOS]
name=rhel7.2
baseurl=file:///rhel7.2
gpgcheck=0
[root@localhost ~]# yum clean all
Loaded plugins: product-id, search-disabled-repos, subscription-manager
This system is not registered to Red Hat Subscription Management. You can usesubscription-manager to register.
Cleaning repos: WESTOS
Cleaning up everything
[root@localhost ~]# yum install lftp -y
[root@localhost ~]# yum install vsftpd -y
[root@localhost ~]# yum -y remove vsftpd
Linux权限与用户
最新推荐文章于 2021-05-16 14:00:00 发布
7999
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
