权限相关命令

getent

查看系统的数据库中的相关记录

getent - get entries from Name Service Switch libraries

getent [option]... database key...

[root@localhost Templates]# getent passwd lee
lee:x:1000:1000:lee:/home/lee:/bin/bash
[root@localhost Templates]# getent group lee
lee:x:1000:lee
[root@localhost Templates]# getent shadow root
root:$6$QlLiSrfJQply5385$n/p1/uMyPDNeuZ/UU7nsDGg3cexrGqs/joS4oLSkQTkFG3GkJ26YqGUSsZnwNJT2kArhQkTbsQHE5wjMCSVwg0::0:99999:7:::
passwd
  • Usage: passwd [OPTION...] \ 修改指定用户的密码

  • 常用选项:

    • -d, --delete delete the password for the named account (root only) 删除指定用户密码

    • -l, --lock lock the password for the named account (root only) 锁定指定用户

    • -u, --unlock unlock the password for the named account (root only) 解锁指定用户

    • -e, --expire expire the password for the named account (root only) 强制用户下次登陆修改密码

    • -f, --force force operation 强制操作

    • --stdin read new tokens from stdin (root only)

      从标准输入接收用户密码

      示例: echo "PASSWORD" | passwd --stdin USERNAME

ACL

setfacl

setfacl 2.2.51 -- set file access control lists
Usage: setfacl [-bkndRLP] { -m|-M|-x|-X ... } file ...
-m, --modify=acl modify the current ACL(s) of file(s)
-M, --modify-file=file read ACL entries to modify from file
-x, --remove=acl remove entries from the ACL(s) of file(s)
-X, --remove-file=file read ACL entries to remove from file
-b, --remove-all remove all extended ACL entries
-k, --remove-default remove the default ACL
--set=acl set the ACL of file(s), replacing the current ACL
--set-file=file read ACL entries to set from file
--mask do recalculate the effective rights mask
-n, --no-mask don't recalculate the effective rights mask
-d, --default operations apply to the default ACL
-R, --recursive recurse into subdirectories
-L, --logical logical walk, follow symbolic links
-P, --physical physical walk, do not follow symbolic links
--restore=file restore ACLs (inverse of `getfacl -R')
--test test mode (ACLs are not modified)

getfacl

getfacl 2.2.51 -- get file access control lists
Usage: getfacl [-aceEsRLPtpndvh] file ...
-a, --access display the file access control list only
-d, --default display the default access control list only
-c, --omit-header do not display the comment header
-e, --all-effective print all effective rights
-E, --no-effective print no effective rights
-s, --skip-base skip files that only have the base entries
-R, --recursive recurse into subdirectories
-L, --logical logical walk, follow symbolic links
-P, --physical physical walk, do not follow symbolic links
-t, --tabular use tabular output format
-n, --numeric print numeric user/group identifiers
-p, --absolute-names don't strip leading '/' in pathnames

文本处理工具和正则表达式

cat

cat [OPTION]... [FILE]...

选项:

-E, --show-ends 显示行结束符$

-n, --number 对显示出的每一行进行编号

-A, --show-all 显示所有控制符

-b, --number-nonblank 非空行编号

-s, --squeeze-blank 压缩连续的空行成一行

more

分页查看文件内容

less

分页查看文件内容,与more的区别在于查看到文件最后不会自动退出

head

head [OPTION]... [FILE]...

选项:

-c n 指定获取前n字节

-n n 指定获取前n行

-n 指定行数

tail

tail [OPTION]... [FILE]...

选项:

-c n 指定获取后n字节

-n n 指定获取后n行

-n 指定获取后n行

-f, --follow[={name|descriptor}] 跟踪显示文件新追加的内容,常用于日志监控

​ 相当于 --follow=descriptor

-F same as --follow=name --retry 跟踪文件名,相当于 --follow=name --retry

tailf

类似于tail -f,当文件不增长时并不访问文件