Monday, April 9, 2012
SA class 3
user management:
uid / gid # user id / group id
uid == 0 # I am a root!
deamon # unprivileged software
bin # system comnands
sys # kernel and memory images
nobody # a Korean song (?
Add a user:
edit password and group files:
vipw # use vi to edit it
pw
set initial password:
passwd usermane # set password for an user
passwd # for root
set quota
edquota usermane
create user's home
mkdir /home/username
set some startup files
cp some file like '.tcshrc' for the user
set file/dir owner to the user
chown -R username:group /home/user
the command 'useradd' is your friend!
/etc/passwd # data separated by ':'
login name
passwd (Encrypted)
uid
default gid
GECOS info
Home directory
Login shell
Encrypted password:
/etc/master.passwd # for BSD
/etc/shadow # for Linux
Encrypted method:
DES
8 char => 13 char
md5
arbitary length => 34 char starts with $1$
blf
arbitary length => 60 chr starts with $2$
GECOS: # data separated by ','
General Electric Comprehensive Operation System
finger username
chfn to change it
it is useless
Login shell
/bin/{sh, csh, tcsh, bash, zsh}
chsh to change it
/etc/group
group name
encrypted password
GID
list of members, separated by “,”
only members in wheel group can do 'su' command
/etc/master.passwd # for freeBSD
vipw to edit
additional fields
login class
/etc/login.conf
passwd change time
account expiration time
/etc/login.conf
cap_mkdb /etc/login.conf => login.cong.db
add user in Linux:
/etc/passwd
pwconf transfer to /etc/shadow
Login name
Encrypted Passwd
Date of last password change
...
init password
passwd username
set quota
edquota username
make home
mkdir /home/username
start files
system wide:
/etc/{csh.cshrc, csh.login, csh.logout, profile}
private (home)
.cshtc .tcshrc .login .logout
.profile (sh)
.vimrc (vim)
.xinitrc (startx)
change owner
chown -R username:group /home/username
Remove accounts
delete user
vipw, pw userdel # BSD
edit /etc/passwd and pwconv # Linux
backup home and mail
tar /home/username and /var/mail/username
chmod 600 the tar-ed files
Delete home and mailbox
rm -rf /home/username /var/mailusername
disable login
change user's login shell as /sbin/nologin
put a '#' or '-' in front of the account
put a '*' in the encrypted password field
the root (God)
root is God, i.e. you can do anything!
uid == 0
becoming root
change your uid to 0
sshd:
edit /etc/ssh/ssh_config
PermitRootLogin yes # don't do it!
su
su username
change to target user
sudo
a limited su
visudo to edit sudoers
edit /usr/local/etc/sudoers
===============================
chinese word
ascii
8 bits for 256 char
0x00 ~ 0x1F : control characters
0x20 ~ 0x7F : printable characters
Big5
unicode
utf8, utf16
chinese environment:
訊息
顯示
輸入
列印
處理
locale
LC_ALL
LC_CTYPE
LC_MESSAGES
LC_TIME
LC_NUMERIC
LC_MONETARY
LC_COLLATE
LANG
power: LC_ALL > LC_* > LANG
tcsh shell
setenv LC_TYPE zh_TW.UTF-8
bash
export LC_CTYPE=zh_TW.UTF-8
font type
bitmapped font
truetype font (ttf)
===============================
Controlling Processes:
'program' to 'process'
program is dead and lie on disk # EX. /usr/bin/grep
when you execute it, it becomes a process
process is alive, it resides in memory
process lives in
an address space in memory
kernel data structures
attribute of the process
PID PPID # Process ID and its father's PID
UID EUID # User ID and Effective user ID
GID EGUD # Group ID amd Effective group ID
Niceness # priority of the process
fork()
== 0 child
> 0 parent
a life of process
fork
child has the same program context
exec
child use exec to change the program context
exit
child use _exit to tell kernel that it is ready to die and this
death
should be acknowledged by the child’s parent
wait
parent use wait to wait for child’s death
If parent died before child, this orphan process will have init as
it’s new parent
UID, GID, EUID, EGID
the effective uid and gid can be used to enable ir restric the
additional permissions
Signal -- what happen to the process
signal can be sent
as a means of communication
to kill, intertupt, or suspend process
Ex. Ctrl-c, Ctrl-z, bg, fg (background / frontground)
you can catch, ignore block the SIG
Kill a pid
kill [-signal] pid
kill -9
kill -15
killall name
Niceness
high nice value => low priority (好人卡)
inherent property: 當你爸是好人,你也是好人
only root can set nice value
Process States
I Idle
R Runnable
S Slepping
T Stopped
Z Zombie
D in Disk
ps command
ps aux
ps auxww
ps -j
ps -o
ps -L
top / htop
Runaway process
kill it!
kill -15
kill -9
renice a higher nice value # 發好人卡給他
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment