**
不对之处,欢迎批评指正!!!
**
1.创建bob、alice、john三个用户,需求如下:
bob的UID为1008、描述信息为mysql user (命令:useradd -u 1008 -c “mysql user” bob)
alice的家目录为/alice (命令:useradd -d /alice/ -m alice)
john的shell为/sbin/nologin (命令:useradd -s /sbin/nologin john)
2.创建itgroup、sagroup 两个组;需求如下:
Itgroup组的密码为redhat,任何人可以临时登录到这个组
Sagroup组的gid为9999,且该组内有两个用户alice和john
3.设置alice用户的密码最长有效期为90天,到期前3天告警,且该用户密码于2023年10月1日失效。
4.使用stdin从键盘读取字符将bob的密码改为redhat
5.将/tmp/demo目录的拥有人设置为bob、拥有组设置为sagroup并同时应用于该目录下所有的文件及子目录,其中bob对文件有完全权限,sagroup这个组有读的权限,其他人无任何权限,赋权后请验证结果
6.使用bob登录,用find / -name selinux查看系统中selinux的文件名的文件,将正确查找到的结果输出到当前用户的家目录下面的1.txt,将错误输出到2.txt。
7.通过echo将字符串hello redhat输出到/root下面的hello.txt文件内。
8.使用head和tail提取/opt/passwd2文件的12-15行打印到标准输出。
9. 使用grep查看/opt/passwd2中包含dns的行,不限制dns的大小写。
10.使用grep查找/etc这个目录下所有包含selinux字段的文件。
[root@localhost ~]# grep -r ‘selinux’ /etc/
/etc/dbus-1/system.d/org.selinux.conf:
/etc/dbus-1/system.d/org.selinux.conf:
/etc/abrt/abrt.conf:# Changing dump location could cause problems with SELinux. See man ab rt_selinux(8).
/etc/abrt/abrt.conf:# selinux policy:
/etc/prelink.conf.d/grub2.conf:# these have execstack, and break under selinux
/etc/pam.d/login:# pam_selinux.so close should be the first session rule
/etc/pam.d/login:session required pam_selinux.so close
/etc/pam.d/login:# pam_selinux.so open should only be followed by sessions to be executed in the user context
/etc/pam.d/login:session required pam_selinux.so open
/etc/pam.d/remote:# pam_selinux.so close should be the first session rule
/etc/pam.d/remote:session required pam_selinux.so close
/etc/pam.d/remote:# pam_selinux.so open should only be followed by sessions to be executed in the user context
/etc/pam.d/remote:session required pam_selinux.so open
/etc/pam.d/systemd-user:session required pam_selinux.so close
/etc/pam.d/systemd-user:session required pam_selinux.so nottys open
/etc/pam.d/cockpit:# pam_selinux.so close should be the first session rule
/etc/pam.d/cockpit:session required pam_selinux.so close
/etc/pam.d/cockpit:# pam_selinux.so open should only be followed by sessions to be execute d in the user context
/etc/pam.d/cockpit:session required pam_selinux.so open env_params
/etc/pam.d/gdm-autologin:session required pam_selinux.so close
/etc/pam.d/gdm-autologin:session required pam_selinux.so open
/etc/pam.d/gdm-fingerprint:session required pam_selinux.so close
/etc/pam.d/gdm-fingerprint:session required pam_selinux.so open
/etc/pam.d/gdm-password:auth [success=done ignore=ignore default=bad] pam_selinux_perm it.so
/etc/pam.d/gdm-password:session required pam_selinux.so close
/etc/pam.d/gdm-password:session required pam_selinux.so open
/etc/pam.d/gdm-pin:auth [success=done ignore=ignore default=bad] pam_selinux_permit.so
/etc/pam.d/gdm-pin:session required pam_selinux.so close
/etc/pam.d/gdm-pin:session required pam_selinux.so open
/etc/pam.d/gdm-smartcard:session required pam_selinux.so close
/etc/pam.d/gdm-smartcard:session required pam_selinux.so open
/etc/pam.d/sshd:# pam_selinux.so close should be the first session rule
/etc/pam.d/sshd:session required pam_selinux.so close
/etc/pam.d/sshd:# pam_selinux.so open should only be followed by sessions to be executed i n the user context
/etc/pam.d/sshd:session required pam_selinux.so open env_params
Binary file /etc/ld.so.cache matches
/etc/selinux/targeted/booleans.subs_dist:allow_execheap selinuxuser_execheap
/etc/selinux/targeted/booleans.subs_dist:allow_execmod selinuxuser_execmod
/etc/selinux/targeted/booleans.subs_dist:allow_execstack selinuxuser_execstack
/etc/selinux/targeted/booleans.subs_dist:allow_user_mysql_connect selinuxuser_mysql_connec t_enabled
/etc/selinux/targeted/booleans.subs_dist:allow_user_postgresql_connect selinuxuser_postgre sql_connect_enabled
/etc/selinux/targeted/booleans.subs_dist:user_direct_dri selinuxuser_direct_dri_enabled
/etc/selinux/targeted/booleans.subs_dist:user_ping selinuxuser_ping
/etc/selinux/targeted/booleans.subs_dist:user_share_music selinuxuser_share_music
/etc/selinux/targeted/booleans.subs_dist:user_tcp_server selinuxuser_tcp_server
/etc/selinux/targeted/booleans.subs_dist:sepgsql_enable_users_ddl postgresql_selinux_user s_ddl
/etc/selinux/targeted/booleans.subs_dist:sepgsql_transmit_client_label postgresql_selinux_ transmit_client_label
/etc/selinux/targeted/booleans.subs_dist:sepgsql_unconfined_dbadm postgresql_selinux_uncon fined_dbadm
/etc/selinux/targeted/contexts/dbus_contexts:
/etc/selinux/targeted/contexts/dbus_contexts:
/etc/selinux/targeted/contexts/files/file_contexts:/selinux/.* <>
/etc/selinux/targeted/contexts/files/file_contexts:/etc/selinux(/.)? system_u:object_r selinux_config_t:s0
/etc/selinux/targeted/contexts/files/file_contexts:/etc/selinux/([^/]/)?seusers – system_u:object_r:selinux_config_t:s0
/etc/selinux/targeted/contexts/files/file_contexts:/etc/selinux/([^/]/)?users(/.)? – system_u:object_r:selinux_config_t:s0
/etc/selinux/targeted/contexts/files/file_contexts:/etc/selinux/([^/]/)?setrans.conf – system_u:object_r:selinux_config_t:s0
/etc/selinux/targeted/contexts/files/file_contexts:/etc/selinux/([^/]/)?logins(/.)? sy stem_u:object_r:selinux_login_config_t:s0
/etc/selinux/targeted/contexts/files/file_contexts:/etc/selinux/([^/]/)?policy(/.)? sy stem_u:object_r:semanage_store_t:s0
/etc/selinux/targeted/contexts/files/file_contexts:/etc/selinux/([^/]/)?contexts(/.)? sy stem_u:object_r:default_context_t:s0
/etc/selinux/targeted/contexts/files/file_contexts:/etc/selinux/([^/]/)?contexts/files(/. )? system_u:object_r:file_context_t:s0
/etc/selinux/targeted/contexts/files/file_contexts:/etc/selinux/([^/]/)?modules/semanage\ .read.LOCK – system_u:object_r:semanage_read_lock_t:s0
/etc/selinux/targeted/contexts/files/file_contexts:/etc/selinux/(minimum|mls|targeted)/act ive(/.)? system_u:object_r:semanage_store_t:s0
/etc/selinux/targeted/contexts/files/file_contexts:/etc/selinux/([^/]/)?modules/semanage\ .trans.LOCK – system_u:object_r:semanage_trans_lock_t:s0
/etc/selinux/targeted/contexts/files/file_contexts:/etc/selinux/([^/]/)?modules/(active|t mp|previous)(/.)? system_u:object_r:semanage_store_t:s0
/etc/selinux/targeted/contexts/files/file_contexts:/usr/lib/selinux(/.)? system_u:o bject_r:policy_src_t:s0
/etc/selinux/targeted/contexts/files/file_contexts:/var/lib/selinux(/.)? system_u:o bject_r:semanage_store_t:s0
/etc/selinux/targeted/contexts/files/file_contexts:/var/lib/sepolgen(/.)? system_u:o bject_r:selinux_config_t:s0
/etc/selinux/targeted/contexts/files/file_contexts:/var/lib/selinux/[^/]+/semanage.read. LOCK – system_u:object_r:semanage_read_lock_t:s0
/etc/selinux/targeted/contexts/files/file_contexts:/var/lib/selinux/[^/]+/semanage.trans\ .LOCK – system_u:object_r:semanage_trans_lock_t:s0
/etc/selinux/targeted/contexts/files/file_contexts:/etc/share/selinux/mls(/.)? system_u:o bject_r:semanage_store_t:s0
/etc/selinux/targeted/contexts/files/file_contexts:/usr/share/selinux-policy[^/]/html(/. )? system_u:object_r:httpd_sys_content_t:s0
/etc/selinux/targeted/contexts/files/file_contexts:/etc/share/selinux/targeted(/.*)? sy stem_u:object_r:semanage_store_t:s0
/etc/selinux/targeted/contexts/files/file_contexts:/usr/share/system-config-selinux/polgen gui.py – system_u:object_r:bin_t:s0
/etc/selinux/targeted/contexts/files/file_contexts:/selinux -d <>
/etc/selinux/targeted/contexts/files/file_contexts:/selinux -l system_u:object_r: security_t:s0
/etc/selinux/targeted/contexts/files/file_contexts:/usr/libexec/sssd/selinux_child – system_u:object_r:sssd_selinux_manager_exec_t:s0
/etc/selinux/targeted/contexts/files/file_contexts:/usr/share/selinux/devel/policygentool- - system_u:object_r:bin_t:s0
/etc/selinux/targeted/contexts/files/file_contexts:/usr/share/munin/plugins/selinux_avcsta t – system_u:object_r:selinux_munin_plugin_exec_t:s0
/etc/selinux/targeted/contexts/files/file_contexts:/usr/share/system-config-selinux/polgen .py – system_u:object_r:bin_t:s0
/etc/selinux/targeted/contexts/files/file_contexts:/usr/libexec/selinux/semanage_migrate_s tore – system_u:object_r:semanage_exec_t:s0
/etc/selinux/targeted/contexts/files/file_contexts:/usr/share/system-config-selinux/selinu x_server.py – system_u:object_r:semanage_exec_t:s0
/etc/selinux/targeted/contexts/files/file_contexts:/usr/share/system-config-selinux/system -config-selinux.py – system_u:object_r:bin_t:s0
/etc/selinux/targeted/contexts/files/file_contexts:/usr/share/system-config-selinux/system -config-selinux-dbus.py – system_u:object_r:semanage_exec_t:s0
Binary file /etc/selinux/targeted/contexts/files/file_contexts.bin matches
Binary file /etc/selinux/targeted/policy/policy.31 matches
/etc/iproute2/nl_protos:7 selinux
/etc/anaconda/anaconda.conf:selinux = -1
/etc/anaconda/anaconda.conf: pci nodmraid nompath nomodeset noiswmd fips selinux
/etc/firewalld/lockdown-whitelist.xml:
/etc/firewalld/lockdown-whitelist.xml:
/etc/libvirt/qemu.conf:# security_driver = [ “selinux”, “apparmor” ]
/etc/libvirt/qemu.conf:#security_driver = “selinux”
/etc/oddjobd.conf: (“selinux_enforcing”), or what the caller’s SELinux context
/etc/oddjobd.conf: (“selinux_context”), user (“selinux_user”), role (“selinux_role”),
/etc/oddjobd.conf: or type (“selinux_type”) must be for that rule to apply.
/etc/oddjobd.conf:
/etc/insights-client/.fallback.json: “file”: “/sys/fs/selinux/avc/hash_stats”,
/etc/insights-client/.fallback.json: “file”: “/sys/fs/selinux/avc/cache_thresho ld”,
/etc/insights-client/.fallback.json: “unsupported configuration: Unable to find security driver for model selinux”
/etc/insights-client/.fallback.json: “unsupported configuration: Unable to find security driver for model selinux”
/etc/insights-client/.fallback.json: “file”: “/etc/selinux/config”,
/etc/insights-client/.fallback.json: “symbolic_name”: “selinux_config”
Binary file /etc/insights-client/rpm.egg matches
/etc/sos/sos.conf:#skip-plugins = rpm, selinux, dovecot
/etc/updatedb.conf:PRUNEFS = “9p afs anon_inodefs auto autofs bdev binfmt_misc cgroup cifs coda configfs cpuset debugfs devpts ecryptfs exofs fuse fuse.sshfs fusectl gfs gfs2 gpfs hugetlbfs inotifyfs iso9660 jffs2 lustre mqueue ncpfs nfs nfs4 nfsd pipefs proc ramfs root fs rpc_pipefs securityfs selinuxfs sfs sockfs sysfs tmpfs ubifs udf usbfs ceph fuse.ceph”
10.使用grep去掉/etc/profile中所有的注释行以及空行,然后将该文件重定向到/tmp/profile.txt。
原始文件:
去掉注释后的文件
11. 使用grep在/opt/passw2文件中查找包含ftp关键字的行,并显示包含该关键字的前两行。
12. 使用cut将/opt/passwd2这个文件中的所有用户名提取出来并导出到文件/tmp/user.txt。
13. 使用cut提取系统ens160这张网卡的ip地址的第三位。
第一步:提取IP地址
第二步:提取192.168.100.131,使用grep -v 匹配不需要的信息,得到192.168.100.131
第三步:使用cut提取IP地址的第三位
14.使用cut来提取/root/hello.txt文件的每行的前五个字符。
15. 使用sort将/opt/passwd2 中用户的UID按照从大到小的顺序排列并导出到文件 /tmp/uid.txt。
16. 使用wc统计/opt/passwd2文件的行数。
17. 使用sort为/opt/passwd2文件中用户的gid根据数字的顺序进行排序。
18.使用uniq去掉/root/hello.txt中重复的行。
19.使用sed将/opt/passwd2中第一行的第2个root替换成redhat并保存到文件,保存时请备份源文件。
20.删除/tmp/passwd2这个文件中所有的s。
21.将/opt/passwd2该文件中的a-c的字符替换为1-3,并另存为/opt/passwd3。
22.比较/opt/passwd2和/opt/passwd3文本的差异。
23.使用more查看/opt/passwd3。
482
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
