5 L i n u x I D User ID U I D I D Group ID G I D U I D G I D set -UID Windows NT L i n u x L i n u x U I D Wi n d o w s S I D Windows NT L i n u x N T A d m i n i s t r a t o r L i n u x L i n u x Access Control Lists A C L 19 N I S 5.1 L i n u x L i n u L i n u x w w w World Wide We b
54 5.1.1 home directory / h o m e h d c / h o m e / h d c / Apache We b w w w / u s r / l o c a l / a p a c h e U N I X / L i n u x / r o o t / h o m e / u / h o m e / h o m e / e n g i n e e r i n g / h o m e / a c c o u n t i n g / h o m e / a d m i n B o s z e / h o m e / e n g i n e e r i n g / b o s z e 5.1.2 N S A D E S D E S U I D s h e l l 18
5 55 s h a d o w s h a d o w l o g i n L i n u x F r e e B S D M D 5 c o ff e e is VERY GOOD for you and me c i V G f y a m 5.1.3 shell s h e l l Wi n d o w s c o m m a n d. c o m Program Manager U N I X s h e l l 6 s h e l l Bourne Again Shell B A S H L i n u x s h e l l / e t c / s h e l l s s h e l l U N I X / e t c / s h e l l s s h e l l s h e l l s h e l l B A S H 5.1.4 D O S a u t o e x e c. b a t c o n f i g. s y s D O S U N I X
56 s h e l l s c r i p t s h e l l B A S H. b a s h r c. b a s h r c a u t o e x e c. b a t L i n u x 5.1.5 L i n u x L i n u x / v a r / s p o o l / m a i l j y o m / v a r / s p o o l / m a i l / j y o m c h o w n c h m o d c h g r p t o u c h [ root@ford /root ] # touch myfile m y f i l e 5.2 Windows NT User Manager A P I L i n u x U N I X p i c o We b U N I X L i n u x L i n u x 5.2.1 /etc/passwd / e t c / p a s s w d I D U I D
5 57 I D G I D G E C O S s h e l l s s h a h b o Q a v h h a C K a X g 1 0 0 1 0 2 Steven Shah / h o m e / s s h a h / b i n / t c s h U N I X U N I X D E S * b o Q a v h h a C K a X g * boqavhhackaxg*caught pirating I D U I D U I 0 0 U I D U I D r o o t 0 U I D Windows NT Windows NT L i n u x - 1 65535 n o b o d y U I D 80 s h e l l
58 5.2.2 /etc/shadow / e t c / p a s s w d / e t c / p a s s w d / e t c / s h a d o w / e t c / s h a d o w / e t c / s h a d o w 1 9 7 0 1 1 1 9 7 0 1 1 s s h a h b o Q a v h h a C K a X g 1 0 7 5 0 0 9 9 9 9 9 7-1 - 1 1 3 4 5 2 9 8 6 8-1 - 1 5.2.3 /etc/group / e t c / p a s s w d I D G I D / e t c / g r o u p G I D / e t c / g r o u p I D G I D p r o j e c t b a H r E 1 K P N j r P E 1 0 2 sshah, hdc
5 59 / e t c / p a s s w d 8 G I D p r o j e c t b a H r E 1 K P N j r P E 1 0 2 sshah, hdc p r o j e c t * 1 0 2 5.3 L D A P We b L i n u x 5.3.1 G U I u s e r a d d u s e r d e l u s e r m o d g r o u p a d d g r o u p d e l g r o u p m o d G U I Red Hat L i n u x 1. useradd u s e r a d d G U I
60 [ root@ford /root ] # useradd sshah s s h a h useradd -D 5-1 5-1 useradd -c comment G E C O S Steven Shah -c Steven -d homedir / h o m e / l o g i n s s h a h / h o m e / s h a h -d /home/sysadm/sshah -e expire-date M M / D D / Y Y 2000 00 -e 04/01/00 2000 4 1 -f inactive-time 0-1 -f 3 3-1 -g initial group / e t c / g r o u p -g project -G group [,... ] - G p r o j e c t a d m i n -G projetc, a d m i n -m [ -k skel-dir ] / e t c / s k e l 2 - k skel dir - m - k / e t c / a d m i n s k e l -m -k /etc/adminskel - M - m - M - n Red Hat Linux -s shell s h e l l X - Wi n d o w s Bourne Shell / b i n / b a s h s h e l l Turbo C Shell / b i n / t c s h s h e l l s h e l l / e t c / s h e l l s -u uid U I D L o g i n U I D U I D
5 61 H. D. Core a d m i n s u p p o r t a d m i n Turbo C Shell h d c [ root@fordd /root ] # useradd -c " H. D. core " -g admin -G sopport -s /bin/tcsh hdc 2. userdel u s e r d e l u s e r a d d userdel [ -r ] u s e r n a m e userdel sshah / e t c / p a s s w d / e t c / s h a d o w / e t c / g r o u p userdel -r sshah 3. usermod u s e r m o d u s e r a d - l u s e r a d d - l - u U I D u s e r m o d h d c H. D. H H. D. Core [ root@ford/root ] # usermod -c " H. D. Core " hdc 4. groupadd / e t c / g r o u p U I D 1 00 100 g r o u p a d d / e t c / g r o u p groupadd [ -g gid ] [ -r ] [ -f ] group 5-2 G I D 8 00 r e s e a r c h
62 [ root@ford /root ] # groupadd -g 800 research 5-2 groupadd -g g i d G I D g i d - r Red Hat 499 G I D - r g r o u p a d d 499 - f Red Hat Linux g ro u p 5. groupdel g r o u p u s e r d e l g r o u p d e l / e t c / g r o u p groupdel g r o u p g r o u p r e s e a r c h [ root@ford /root ] # groupdel research 6. groupmod g r o u p m o d groupmod -g gid -n group-name group - g G I D - n s u p e r m a n b a t m a n [ root@ford /root ] # groupmod -n batman superman 5.3.2 L i n u x C o n f L i n u x C o n f L i n u x C o n f X - Wi n d o w s G N O M E E n l i g h t e n m e n t Red Hat L i n u x C o n f l i n u x c o n f L i n u x C o n f L i n u x C o n f 5-1
5 63 1. 5-1 LinuxConf A d d 5-2 5-2 L i n u x C o n f ( o p t ) u s e r a d d L i n u x C o n f
64 5-3 P r i v i l e g e s 5-3 L i n u x C o n f P r i v i l e g e s A c c e p t 2. L i n u x C o n f 5-4 A c c e p t 5-4 L i n u x C o n f
5 65 U I D 3. 5-1 D e l 5-5 5-5 L i n u x C o n f A c c e p t / h o m e / o l d a c c o u n t s 4. L i n u x C o n f Group Definition 5-6 A d d A c c e p t 5. A c c e p t 6. 5-6
66 D e l D e l Ye s 5-6 L i n u x C o n f 5.4 SetUID S e t G I D / v a r / l o g / m e s s a g e s l s s s h a h l s l s s s h a h S e t U I D l s S e t U I D o n s s h a h l s l s s s h a h S e t G I D S e t U I D S e t G I D c h m o d 6 S e t U I D 4 S e t G I D 2 / b i n / l s S e t U I D [ root@ford /root ] # chmod 4755 /bin/ls
5 67 5.5 U I D / e t c / p a s s w d U I D L i n u x U I D / e t c / p a s s w d U I D / e t c / p a s s w d U I D U I U I D 5.6 L i n u x U N I X U N I X N T / U N I X U I D G I D /etc/passwd U I D Linux Linux Windows 95/98/NT U N I X P e r l / e t c / p a s s w d N T L i n u x U N I X N T P e r l