标题: Solaris Sysadmin学习笔记之User,Group and Initiallization Files篇 [打印本页] 作者: 麋鹿 时间: 21-6-2004 09:20 标题: Solaris Sysadmin学习笔记之User,Group and Initiallization Files篇 Upon completion of this module, you should be able to:<br>
l Create and manage user accounts on the local system using the admintool utility<br>
l Describe the format of the files /etc/passwd and /etc/shadow for securing login access<br>
l Describe the format of the /etc/group file for maintaining shared and restricted access to files and directories<br>
l Add, modify, and delete user accounts on the local system with the commands useradd, usermod, and userdel<br>
l Add, modify, and delete group accounts for the local system with the commands groupadd, groupmod, and groupdel<br>
l Define the two different types of shell initialization files<br>
l Describe the shell startup activities during login for the three main Solaris Operating Environment shells<br>
l List the shell initialization files used to set up a user’s work environment at login<br>
l Describe the purpose of the /etc/skel directory<br>
l Modify initialization files to customize a user’s work environment<br>
<br>
Each user account consists of five main components:<br>
User name, Password, User’s home directory, User’s login shell, User initialisation files<br>
<br>
User identification = UID Not over 60000<br>
Group identification = GID, each GID number must be an integer between 100 to 60000<br>
Sysadmin GID=14<br>
You can add a user to predefined groups of users listed in the /etc/group file<br>
One of the password status choices is “No password” setuid only: no oen can log in to the account, but you can run account programs, such as lp or uucp<br>
<br>
Execute the admintool utility from Common Desktop Environment = CDE or OpenWindowsTM environment<br>
# admintool &<br>
Creating a new Group in the /etc/group file<br>
Browse—Groups—Edit—Add<br>
<br>
Adding a New User Account<br>
Edit—Add—Normal password—specify the home directory<br>
In the User ID field, use the default UID provided by admintool<br>
Admintool copies and renames only the /etc/skel initialisation files for the login shell selected for the new user.<br>
<br>
Modifying a User Account<br>
Edit—Modify—from the password menu, select Account is locked to lock the account<br>
Verify: # cat /etc/shadow<br>
The locked user account should show the password field set to LK<br>
You can also lock a user account from the command line: # passwd –l username<br>
<br>
Deleting a User Account<br>
Edit—Delete<br>
Be sure to note the user’s UID before removal, files that were owned by the deleted user account are now tracked by the system by the UID number that had been assigned to that user.<br>
To locate all files owned by a user: # find / -user UID<br>
To locate and remove all files owned by the user: # find / -user UID –exec rm {} \<br>
<br>
The Solaris stores user account and group account information in the following system files:<br>
/etc/passwd<br>
Each line entry in this file contains the following seven fields separated by colons:<br>
loginID:x:UID:GID:comment:home_directory:login_shell<br>
/etc/shadow<br>
Each line entry contains the following nine fields, separated by colons:<br>
loginID:password:lastchg:min:max:warn:inactive:expire:<br>
/etc/group<br>
Each line entry in the /etc/group file contains the following four fields, each separated by a colon character.<br>
groupname:group-password:GID:username-list<br>
<br>
Creating and Managing Accounts from the Command-line<br>
# useradd –u 100 –g other –d /export/home/newuser1 –m –s /bin/ksh –c “Regular User Account” newuser1<br>
<br>
Changing the login name and home director for user1 to guest1<br>
# usermod –d /export/home/guest1 –m –l guest1 newuser1<br>
-l newlogname– Changes a user’s login name for the specified user account.<br>
-m Moves the user’s home directory to the new location specified with the -d option.<br>
<br>
Deleting User Accounts<br>
# userdel guest1<br>
# userdel –r guest1<br>
-r remove the user home directory from the system<br>
<br>
Adding Group Accounts<br>
# groupadd –g 301 class1<br>
-g assign the GID for the new group<br>
<br>
Modifying Group Accounts<br>
# groupmod –g 400 class<br>
<br>
Deleting Group Accounts<br>
# groupdel class1<br>
<br>
<br>
Understanding Initialization Files<br>
When users log in to the system, their login shells look for and execute two different types of initialization files. The first type controls the system-wide environment. The second type controls the user’s environment<br>
<br>
System-Wide Initialization Files <br>
Reside in the /etc directory<br>
/etc/profile for The Bourne and Korn login shell<br>
/etc/.login for The C login shell<br>
<br>
User Initialization Files<br>
Users can customize<br>
<br>
The root user’s login shell by default is the Bourne shell, and root’s shell entry in the /etc/passwd file appears as /sbin/sh<br>
<br>
The Solaris Operating Environment provides you with a set of initialization file templates.<br>
The initialization file templates are located in the /etc/skel directory<br>
Shell Initialization File Templates User’s Initialization Files<br>
Bourne /etc/skel/local.profile $HOME/.profile<br>
Korn /etc/skel/local.profile $HOME/.profile<br>
C /etc/skel/local.login $HOME/.login<br>
/etc/skel/local.cshrc $HOME/.cshrc<br> 作者: chubbycat 时间: 21-6-2004 09:23 标题: re:Solaris 8 Training m... Solaris 8 Training manual?作者: 麋鹿 时间: 21-6-2004 09:24 标题: re:初学Solaris,不敢敝帚自珍,特抛砖... 初学Solaris,不敢敝帚自珍,特抛砖引玉,与IT移友共享之,望众同心协力努力奋斗,不求尽善尽美,但求无愧我心。<br>
<br>
感谢猫兄友情帮助。<br>