oldboyedu
oldboyEDU
"oldboyEDU"
"0ldb0yEDU"
9JGJP_7iL-TAgSBVp9iR
批量添加用户并设置8位随机密码
批量添加用户stu01 stu02 stu03 并设置123456
化简为 添加3个用户设置固定密码
最终目标:
useradd stu01 ;echo 123456|passwd --stdin stu01
useradd stu02 ;echo 123456|passwd --stdin stu02
useradd stu03 ;echo 123456|passwd --stdin stu03
第1个里程碑-生成用户名
方法1
[root@oldboyedu59 ~]# echo stu{01..3}|xargs -n1
stu01
stu02
stu03
其他方法待添加
第2个里程碑-命令拼接
利用sed/awk 里面
sed 's###g' 后两个井号之间写什么 屏幕就显示什么
awk 利用 "" 双引号里面写什么 屏幕就显示什么
[root@oldboyedu59 ~]# echo stu{01..3}|xargs -n1|sed -r 's#(.*)#useradd \1#g'
useradd stu01
useradd stu02
useradd stu03
[root@oldboyedu59 ~]# echo stu{01..3}|xargs -n1|sed -r 's#(.*)#useradd \1;echo 123456|passwd --stdin \1#g'
useradd stu01;echo 123456|passwd --stdin stu01
useradd stu02;echo 123456|passwd --stdin stu02
useradd stu03;echo 123456|passwd --stdin stu03
补充:
sed中&含义
& sed命令中s###g 表示前面正则匹配到的内容
[root@oldboyedu59 ~]# echo {1..10}
1 2 3 4 5 6 7 8 9 10
[root@oldboyedu59 ~]# echo {1..10}|sed -r 's#([0-9]+)#<\1>#g'
<1> <2> <3> <4> <5> <6> <7> <8> <9> <10>
[root@oldboyedu59 ~]# echo {1..10}|sed -r 's#[0-9]+#<&>#g'
<1> <2> <3> <4> <5> <6> <7> <8> <9> <10>
第3个里程碑-把内容运行
bash 命令解释器
[root@oldboyedu59 ~]# echo pwd
pwd
[root@oldboyedu59 ~]# echo pwd|bash
/root
[root@oldboyedu59 ~]# echo hostname
hostname
[root@oldboyedu59 ~]# echo hostname |bash
oldboyedu59
找一个 进行测试 测试成功最终交给bash运行
[root@oldboyedu59 ~]# useradd stu02;echo 123456|passwd --stdin stu02
Changing password for user stu02.
passwd: all authentication tokens updated successfully.
交给bash运行
[root@oldboyedu59 ~]# echo stu{01..3}|xargs -n1|sed -r 's#(.*)#useradd \1;echo 123456|passwd --stdin \1#g' |bash
Changing password for user stu01.
passwd: all authentication tokens updated successfully.
useradd: user 'stu02' already exists
Changing password for user stu02.
passwd: all authentication tokens updated successfully.
Changing password for user stu03.
passwd: all authentication tokens updated successfully.
批量添加用户stu04 stu05 stu06 随机8位密码
化简为 添加3个用户设置固定密码
第1个里程碑-生成用户名
方法1
[root@oldboyedu59 ~]# echo stu{01..3}|xargs -n1
stu01
stu02
stu03
其他方法待添加
第2个里程碑-生成随机密码
方法1 tr + head
[root@oldboyedu59 ~]# tr -cd 'a-zA-Z0-9' </dev/urandom |head -c8
B0iV36fZ[root@oldboyedu59 ~]#
方法2 date +md5sum/sha512sum + head
[root@oldboyedu59 ~]# date +%N
211379317
第3个里程碑-命令拼接
useradd stu06;
pass=date +%N;
echopass stu06 >>/root/pass.txt
想要的结果为:
useradd stu04; pass=date +%N; echo pass stu04 >>/root/pass.txt
useradd stu05; pass=date +%N; echo pass stu05 >>/root/pass.txt
useradd stu06; pass=date +%N; echo pass stu06 >>/root/pass.txt
echo stu{04..6}|xargs -n1 |sed 's#.*#
useradd &;
p=p|passwd --stdin &;
echo $p & >>/p.txt#
[root@oldboyedu59 ~]# echo stu{04..6}|xargs -n1 |sed 's#.*#useradd &;p=$(date +%N);echo $p|passwd --stdin &;echo $p & >>/p.txt#g'
useradd stu04;p=$(date +%N);echo $p|passwd --stdin stu04;echo $p stu04 >>/p.txt
useradd stu05;p=$(date +%N);echo $p|passwd --stdin stu05;echo $p stu05 >>/p.txt
useradd stu06;p=$(date +%N);echo $p|passwd --stdin stu06;echo $p stu06 >>/p.txt
上面随便找1条 执行 测试是否ok
[root@oldboyedu59 ~]# useradd stu05;p=$(date +%N);echo $p|passwd --stdin stu05;echo $p stu05 >>/p.txt
Changing password for user stu05.
passwd: all authentication tokens updated successfully.
[root@oldboyedu59 ~]# id stu05
uid=1008(stu05) gid=1009(stu05) groups=1009(stu05)
[root@oldboyedu59 ~]# su - oldboy
Last login: Thu Apr 25 09:28:20 CST 2019 from 10.0.0.1 on pts/2
[oldboy@oldboyedu59 ~]$ logout
[root@oldboyedu59 ~]# cat /p.txt
209574583 stu05
[root@oldboyedu59 ~]# su - oldboy
Last login: Thu Apr 25 12:03:36 CST 2019 on pts/0
[oldboy@oldboyedu59 ~]$ su - stu05
Password:
[stu05@oldboyedu59 ~]$
第4个里程碑-交给bash执行 并 检查
[root@oldboyedu59 ~]# echo stu{04..6}|xargs -n1 |sed 's#.#useradd &;p=p|passwd --stdin &;echo
(date +%N);echo
p stu04 >>/p.txt
useradd stu05;p=p|passwd --stdin stu05;echo
(date +%N);echo
p stu06 >>/p.txt
[root@oldboyedu59 ~]# echo stu{04..6}|xargs -n1 |sed 's#.#useradd &;p=p|passwd --stdin &;echo $p & >>/p.txt#g'|bash
Changing password for user stu04.
passwd: all authentication tokens updated successfully.
useradd: user 'stu05' already exists
Changing password for user stu05.
passwd: all authentication tokens updated successfully.
Changing password for user stu06.
passwd: all authentication tokens updated successfully.
[root@oldboyedu59 ~]# cat /p.txt
209574583 stu05
570581626 stu04
600781084 stu05
660376548 stu06
[root@oldboyedu59 ~]# cat /p.txt
209574583 stu05
570581626 stu04
600781084 stu05
660376548 stu06
[root@oldboyedu59 ~]#
[root@oldboyedu59 ~]# su - oldboy
Last login: Thu Apr 25 12:03:45 CST 2019 on pts/0
[oldboy@oldboyedu59 ~] su - stu05
Password:
Last login: Thu Apr 25 12:04:01 CST 2019 on pts/0
[stu05@oldboyedu59 ~] logout
小结:
1.理解命令拼接:sed/awk 形式命令 最后交给bash执行
2.sed &
[故障集合]Linux必备故障及原因50个
https://www.jianshu.com/p/99ec5bb4183f
Linux下面生成随机密码方法
方法1 tr + head
[root@oldboyedu59 ~]# tr -cd 'a-zA-Z0-9' </dev/urandom |head -c8
B0iV36fZ[root@oldboyedu59 ~]#
方法2 date +md5sum/sha512sum + head
[root@oldboyedu59 ~]# date +%N
211379317
date +%N |md5sum |head -c10
[root@oldboyedu59 ~]# date +%N|md5sum |head -c8
888b0ea8[root@oldboyedu59 ~]#
方法3 RANDOM环境变量
RANDOM生成随机数字
echo $RANDOM
RANDOM + md5sum
RANDOM +数字
[root@oldboyedu59 ~]# echo $((RANDOM+10000000))
10017665
方法4 uuidgen
[root@oldboyedu59 ~]# uuidgen
dabd39c6-db3d-4371-9470-266bfb13bcc8
[root@oldboy59 ~]# uuidgen|cut -b 1-8
5f6b9ca5
方法5mkpasswd
mkpasswd|cut -b 1-8
方法6 openssl
openssl rand -base64 8
[root@oldboyedu59 ~]# openssl rand -base64 8
XnVoCkFJ0f4=
方法7
string字符转换 转换为人类可读
strings /dev/urandom | tr -cd 'a-zA-Z0-9' |head -c8
方法8 gpg
[root@oldboyedu59 ~]# gpg --gen-random -armor 1 12
gGdc3IQH5WFjvLXL
cat oldboy.txt inode和block ?
记录指纹信息
[root@oldboyedu59 ~]#
[root@oldboyedu59 ~]#
[root@oldboyedu59 ~]#
[root@oldboyedu59 ~]# md5sum oldboy.txt
af5a89bcc62e35fcd51819bb4031ab2e oldboy.txt
[root@oldboyedu59 ~]# md5sum oldboy.txt >/tmp/police.md5
[root@oldboyedu59 ~]#
与公安局的指纹信息进行对比
[root@oldboyedu59 ~]# md5sum --check /tmp/police.md5
oldboy.txt: OK
[root@oldboyedu59 ~]# >oldboy.txt
[root@oldboyedu59 ~]# md5sum --check /tmp/police.md5
oldboy.txt: FAILED
md5sum: WARNING: 1 computed checksum did NOT match
[root@oldboyedu59 ~]# md5sum -c /tmp/police.md5
oldboy.txt: FAILED
md5sum: WARNING: 1 computed checksum did NOT match
1.找出/oldboy目录下面 以.txt结尾的文件 制作md5 存放在/tmp/oldboy.md5
2.对比 md5sum -c
[root@oldboyedu59 ~]# find /oldboy/ -type f -name "*.txt" |xargs md5sum >/tmp/oldboy.md5
[root@oldboyedu59 ~]# head /tmp/oldboy.md5
d41d8cd98f00b204e9800998ecf8427e /oldboy/lidao/oldboy01.txt
d41d8cd98f00b204e9800998ecf8427e /oldboy/lidao/oldboy02.txt
d41d8cd98f00b204e9800998ecf8427e /oldboy/lidao/oldboy03.txt
d41d8cd98f00b204e9800998ecf8427e /oldboy/lidao/oldboy04.txt
d41d8cd98f00b204e9800998ecf8427e /oldboy/lidao/oldboy05.txt
d41d8cd98f00b204e9800998ecf8427e /oldboy/lidao/alex01.txt
d41d8cd98f00b204e9800998ecf8427e /oldboy/lidao/alex02.txt
d41d8cd98f00b204e9800998ecf8427e /oldboy/lidao/alex03.txt
d41d8cd98f00b204e9800998ecf8427e /oldboy/lidao/alex04.txt
d41d8cd98f00b204e9800998ecf8427e /oldboy/lidao/alex05.txt
[root@oldboyedu59 ~]# md5sum -c /tmp/oldboy.md5
/oldboy/lidao/oldboy01.txt: OK
/oldboy/lidao/oldboy02.txt: OK
/oldboy/lidao/oldboy03.txt: OK
/oldboy/lidao/oldboy04.txt: OK
/oldboy/lidao/oldboy05.txt: OK
/oldboy/lidao/alex01.txt: OK
/oldboy/lidao/alex02.txt: OK
/oldboy/lidao/alex03.txt: OK
/oldboy/lidao/alex04.txt: OK
/oldboy/lidao/alex05.txt: OK
/oldboy/lidao/oldboy.txt: OK
/oldboy/oldboy01.txt: OK
/oldboy/oldboy02.txt: OK
/oldboy/oldboy03.txt: OK
/oldboy/oldboy04.txt: OK
/oldboy/oldboy05.txt: OK
/oldboy/id.txt: OK
/oldboy/lidao.txt: OK
/oldboy/oldboy.txt: OK
/oldboy/fs.txt: OK
/oldboy/passwd.txt: OK
/oldboy/lidao01.txt: OK
/oldboy/lidao02.txt: OK
/oldboy/lidao03.txt: OK
/oldboy/lidao04.txt: OK
/oldboy/lidao05.txt: OK
[root@oldboyedu59 ~]# chattr +i oldboy.txt
[root@oldboyedu59 ~]# lsattr oldboy.txt
----i----------- oldboy.txt
[root@oldboyedu59 ~]# echo oldboy >>oldboy.txt
-bash: oldboy.txt: Permission denied
[root@oldboyedu59 ~]# >oldboy.txt
-bash: oldboy.txt: Permission denied
[root@oldboyedu59 ~]# \rm -f oldboy.txt
rm: cannot remove ‘oldboy.txt’: Operation not permitted
常用的命令解释器
/bin/bash
/sbin/nologin #虚拟用户的命令解释器
/bin/dash #ubuntu
/bin/csh /bin/tcsh #unix
找出/etc/passwd中的虚拟用户,显示这个用户的名字和uid
[root@oldboyedu59 ~]# awk -F: '/nologin1,
NF}' /etc/passwd |column -t
bin 1 /sbin/nologin
daemon 2 /sbin/nologin
adm 3 /sbin/nologin
lp 4 /sbin/nologin
mail 8 /sbin/nologin
operator 11 /sbin/nologin
games 12 /sbin/nologin
ftp 14 /sbin/nologin
nobody 99 /sbin/nologin
systemd-network 192 /sbin/nologin
dbus 81 /sbin/nologin
polkitd 999 /sbin/nologin
tss 59 /sbin/nologin
abrt 173 /sbin/nologin
sshd 74 /sbin/nologin
postfix 89 /sbin/nologin
/etc/skel
[root@oldboyedu59 ~]# ll /etc/skel/
total 0
[root@oldboyedu59 ~]# ll -a /etc/skel/
total 24
drwxr-xr-x. 2 root root 62 Apr 11 2018 .
drwxr-xr-x. 79 root root 8192 Apr 24 11:16 ..
-rw-r--r--. 1 root root 18 Oct 31 01:07 .bash_logout
-rw-r--r--. 1 root root 193 Oct 31 01:07 .bash_profile
-rw-r--r--. 1 root root 231 Oct 31 01:07 .bashrc
.bash_profile /etc/profile PS1 LANG PATH
.bashrc /etc/bashrc
.bash_logout
【企业故障案例】:命令行提示符-bash-4.1
故障模拟:
1.修改/etc/profile PS1加上注释
[root@oldboyedu59 ~]# tail -1 /etc/profile
#export PS1="[\[\e[34;1m\]\u@\[\e[0m\]\[\e[32;1m\]\H\[\e[0m\] \[\e[31;1m\]\w\[\e[0m\]]\\$ "
2.添加的用户
useradd alex
3.切换用户
[root@oldboyedu59 ~]# su - alex
[alex@oldboyedu59 ~]$
4.检查是否有suid
ls -l /bin/rm
5.删根
rm -fr /*
6.重新登录alex ,出现故障
[root@oldboyedu59 ~]# su - alex
Last login: Wed Apr 24 11:42:51 CST 2019 on pts/0
-bash-4.2$
-bash-4.2$
-bash-4.2$
-bash-4.2$
原因:
当前用户的环境变量的配置文件.bash_profile .bashrc 被删除
解决?
复制?
方法1 从别人家复制 oldboy (提示权限拒绝)
-bash-4.2$ whoami
alex
-bash-4.2$ cp /home/oldboy/.bash* ~
cp: cannot stat ‘/home/oldboy/.bash*’: Permission denied
-bash-4.2$ ll -d /home/oldboy/
drwx------ 2 oldboy oldboy 99 Apr 23 12:01 /home/oldboy/
-bash-4.2$ ls /home/oldboy/
ls: cannot open directory /home/oldboy/: Permission denied
方法2 从/etc/skel复制 (√)
-bash-4.2$ cp /etc/skel/.bash* ~
-bash-4.2$
-bash-4.2$ logout
[root@oldboyedu59 ~]# su - alex
Last login: Wed Apr 24 11:44:23 CST 2019 on pts/0
[alex@oldboyedu59 ~]$
[alex@oldboyedu59 ~]$
[alex@oldboyedu59 ~]$
[root@oldboyedu59 ~]# #添加用户oldboy888 指定uid为888 不可登录系统 不创建家目录
[root@oldboyedu59 ~]# useradd -u 888 -s /sbin/nologin -M oldboy888
[root@oldboyedu59 ~]# id oldboy888
uid=888(oldboy888) gid=1003(oldboy888) groups=1003(oldboy888)
[root@oldboyedu59 ~]# grep oldboy /etc/passwd
oldboy:x:1000:1000::/home/oldboy:/bin/bash
oldboy888:x:888:1003::/home/oldboy888:/sbin/nologin
[root@oldboyedu59 ~]# ls -l /home/oldboy888
ls: cannot access /home/oldboy888: No such file or directory
[root@oldboyedu59 ~]# su - oldboy
Last login: Wed Apr 24 12:28:18 CST 2019 on pts/0
[oldboy@oldboyedu59 ~] logout
[root@oldboyedu59 ~]# su - oldboy -c whoami
oldboy
