1、复制/etc/skel目录为/home/tuser1,要求/home/tuser1及其内部文件的属组和其它用户均没有任何访问权限。
[root@localhost ~]# cp -rv /etc/skel /home/tuser1‘/etc/skel’ -> ‘/home/tuser1’‘/etc/skel/.bash_logout’ -> ‘/home/tuser1/.bash_logout’
‘/etc/skel/.bash_profile’ -> ‘/home/tuser1/.bash_profile’
‘/etc/skel/.bashrc’ -> ‘/home/tuser1/.bashrc’
更改权限:
[root@localhost ~]# chmod -R go= /home/tuser1
验证内部文件:
[root@localhost tuser1]# ls -la /home/tuser1
total 12
d-wx------. 2 root root 62 Aug 21 01:19 .
drwxr-xr-x. 3 root root 20 Aug 21 01:19 ..
-rw-------. 1 root root 18 Aug 21 01:19 .bash_logout
-rw-------. 1 root root 193 Aug 21 01:19 .bash_profile
-rw-------. 1 root root 231 Aug 21 01:19 .bashrc
验证目录:
[root@localhost tuser1]# ls -ld /home/tuser1
d-wx------. 2 root root 62 Aug 21 01:19 /home/tuser1
2、编辑/etc/group文件,添加组hadoop。
使用nano或vim或vi编辑,以下是使用的nano:
[root@localhost ~]# nano /etc/group
添加hadoop:x:2018
ctrl+o保存,ctrl+x退出
[root@localhost ~]# grep "hadoop" /etc/group
hadoop:x:2018
此处hadoop的引号不加也可以
3、手动编辑/etc/passwd文件新增一行,添加用户hadoop,其基本组ID为hadoop组的id号;其家目录为/home/hadoop。
[root@localhost ~]# mkdir /home/hadoop
使用nano或vim或vi编辑,以下是使用的nano:
[root@localhost ~]# nano /etc/passwd
添加hadoop:x:2000:2000::/home/hadoop:/sbin/nologin
ctrl+o保存,ctrl+x退出
验证:
[root@localhost ~]# grep "hadoop" /etc/passwdhadoop:x:hadoop:hadoop::/home/hadoop:/sbin/nologin
4、复制/etc/skel目录为/home/hadoop,要求修改hadoop目录的属组和其它用户没有任何访问权限。
[root@localhost ~]# cp -rv /etc/skel /home/hadoop
‘/etc/skel’ -> ‘/home/hadoop/skel’‘/etc/skel/.bash_logout’ -> ‘/home/hadoop/skel/.bash_logout’‘/etc/skel/.bash_profile’ -> ‘/home/hadoop/skel/.bash_profile’‘/etc/skel/.bashrc’ -> ‘/home/hadoop/skel/.bashrc’
更改权限:
[root@localhost ~]# chmod -R go= /home/hadoop
验证目录下的文件:
[root@localhost ~]# ls -la /home/hadoop
total 0
drwx------. 3 root root 18 Aug 21 01:48 .
drwxr-xr-x. 4 root root 34 Aug 21 01:44 ..
drwx------. 2 root root 62 Aug 21 01:48 skel
验证目录:
drwx------. 3 root root 18 Aug 21 01:48 /home/hadoop
5、修改/home/hadoop目录及其内部所有文件的属主为hadoop,属组为hadoop。
[root@localhost ~]# chown -R hadoop:hadoop /home/hadoop
验证目录下的文件:
[root@localhost ~]# ls -la /home/hadoop
total 0
drwx------. 3 hadoop hadoop 18 Aug 21 01:48 .
drwxr-xr-x. 4 root root 34 Aug 21 01:44 ..
drwx------. 2 hadoop hadoop 62 Aug 21 01:48 skel
验证目录:
[root@localhost ~]# ls -ld /home/hadoop
drwx------. 3 hadoop hadoop 18 Aug 21 01:48 /home/hadoop
6、显示/proc/meminfo文件中以大写或小写S开头的行;用两种方式;
第一种方式:
[root@localhost ~]# grep "^[sS]" /proc/meminfo
SwapCached: 0 kB
SwapTotal: 2097148 kB
SwapFree: 2097148 kB
Shmem: 7900 kB
Slab: 63796 kB
SReclaimable: 26668 kB
SUnreclaim: 37128 kB
第二种方式:
[root@localhost ~]# grep -i "^s" /proc/meminfo
SwapCached: 0 kB
SwapTotal: 2097148 kB
SwapFree: 2097148 kB
Shmem: 7900 kB
Slab: 63796 kB
SReclaimable: 26668 kB
SUnreclaim: 37128 kB
第三种方式:
[root@localhost ~]# grep "^[s|S]" /proc/meminfo
取得的结果是一样的
7、显示/etc/passwd文件中其默认shell为非/sbin/nologin的用户;
[root@localhost ~]# grep -v "/sbin/nologin" /etc/passwd
root:x:0:0:root:/root:/bin/bash
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
8、显示/etc/passwd文件中其默认shell为/bin/bash的用户;
[root@localhost ~]# grep "/bin/bash" /etc/passwd
root:x:0:0:root:/root:/bin/bash
9、找出/etc/passwd文件中的一位数或两位数;
方法一:
[root@localhost ~]# egrep "\<[0-9]{1,2}\>" /etc/passwdroot:x:0:0:root:/root:/bin/bashbin:x:1:1:bin:/bin:/sbin/nologindaemon:x:2:2:daemon:/sbin:/sbin/nologinadm:x:3:4:adm:/var/adm:/sbin/nologinlp:x:4:7:lp:/var/spool/lpd:/sbin/nologinsync:x:5:0:sync:/sbin:/bin/syncshutdown:x:6:0:shutdown:/sbin:/sbin/shutdownhalt:x:7:0:halt:/sbin:/sbin/haltmail:x:8:12:mail:/var/spool/mail:/sbin/nologinoperator:x:11:0:operator:/root:/sbin/nologingames:x:12:100:games:/usr/games:/sbin/nologinftp:x:14:50:FTP User:/var/ftp:/sbin/nologinnobody:x:99:99:Nobody:/:/sbin/nologindbus:x:81:81:System message bus:/:/sbin/nologinsshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologinpostfix:x:89:89::/var/spool/postfix:/sbin/nologin
方法二:
[root@localhost ~]# grep "\<[0-9]\{1,2\}\>" /etc/passwdroot:x:0:0:root:/root:/bin/bashbin:x:1:1:bin:/bin:/sbin/nologindaemon:x:2:2:daemon:/sbin:/sbin/nologinadm:x:3:4:adm:/var/adm:/sbin/nologinlp:x:4:7:lp:/var/spool/lpd:/sbin/nologinsync:x:5:0:sync:/sbin:/bin/syncshutdown:x:6:0:shutdown:/sbin:/sbin/shutdownhalt:x:7:0:halt:/sbin:/sbin/haltmail:x:8:12:mail:/var/spool/mail:/sbin/nologinoperator:x:11:0:operator:/root:/sbin/nologingames:x:12:100:games:/usr/games:/sbin/nologinftp:x:14:50:FTP User:/var/ftp:/sbin/nologinnobody:x:99:99:Nobody:/:/sbin/nologindbus:x:81:81:System message bus:/:/sbin/nologinsshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologinpostfix:x:89:89::/var/spool/postfix:/sbin/nologin
10、显示/boot/grub/grub.conf中以至少一个空白字符开头的行;
centos没有/boot/grub/grub.conf文件,我添加了一个文件及一些内容在其中
第一种方法:
[root@localhost ~]# grep "^[[:space:]]\+" /boot/grub/grub.conf
2312313
safdfadf
第二种方法:
[root@localhost ~]# grep "^[[:space:]]\{1,\}"/boot/grub/grub.conf
2312313
safdfadf
第三种方法:
[root@localhost ~]# egrep "[[:space:]]+" /boot/grub/grub.conf
2312313
safdfadf
第四种方法:
[root@localhost ~]# egrep "[[:space:]]{1,}" /boot/grub/grub.conf
2312313
safdfadf
11、显示/etc/rc.d/rc.sysinit文件中以#开头,后面跟至少一个空白字符,而后又有至少一个非空白字符的行;
centos7没有/etc/rc.d/sysinit文件,替换成 /etc/rc.d/rc.local
第一种方法:
[root@localhost ~]# grep "^#[[:space:]]\{1,\}[^[:space:]]\{1,\}" /etc/rc.d/rc.local
# THIS FILE IS ADDED FOR COMPATIBILITY PURPOSES
# It is highly advisable to create own systemd services or udev rules
# to run scripts during boot instead of using this file.
# In contrast to previous versions due to parallel execution during boot
# this script will NOT be run after all other services.
# Please note that you must run 'chmod +x /etc/rc.d/rc.local' to ensure
# that this script will be executed during boot.
第二种方法:
[root@localhost ~]# grep "^#[[:space:]]\+[^[:space:]]\+" /etc/rc.d/rc.local
# THIS FILE IS ADDED FOR COMPATIBILITY PURPOSES
# It is highly advisable to create own systemd services or udev rules
# to run scripts during boot instead of using this file.
# In contrast to previous versions due to parallel execution during boot
#this script will NOT be run after all other services.
# Please note that you must run 'chmod +x /etc/rc.d/rc.local' to ensure
# that this script will be executed during boot.
12、打出netstat -tan命令执行结果中以‘LISTEN’,后或跟空白字符结尾的行;
[root@localhost ~]# netstat -tan | grep "LISTEN[[:space:]]*$"
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp6 0 0 :::22 :::* LISTEN
tcp6 0 0 ::1:25 :::* LISTEN
13、添加用户bash, testbash, basher, nologin (此一个用户的shell为/sbin/nologin),而后找出当前系统上其用户名和默认shell相同的用户的信息;
[root@localhost ~]# useradd bash
[root@localhost ~]# useradd testbash
[root@localhost ~]# useradd basher
[root@localhost ~]# useradd -s /sbin/nologin nologin
验证:
[root@localhost ~]# id bash
uid=2001(bash) gid=2001(bash) groups=2001(bash)
[root@localhost ~]# id testbash
uid=2002(testbash) gid=2002(testbash) groups=2002(testbash)
[root@localhost ~]# id basher
uid=2003(basher) gid=2003(basher) groups=2003(basher)
[root@localhost ~]# tail -1 /etc/passwdnologin:x:2004:2004::/home/nologin:/sbin/nologin
找出用户名与默认shell相同的用户:
[root@localhost ~]# grep -E "^([^:]+\>).*\1$" /etc/passwdsync:x:5:0:sync:/sbin:/bin/syncshutdown:x:6:0:shutdown:/sbin:/sbin/shutdownhalt:x:7:0:halt:/sbin:/sbin/haltbash:x:2001:2001::/home/bash:/bin/bashnologin:x:2004:2004::/home/nologin:/sbin/nologin