Bài giảng Quản trị Linux: Basic system administration. Chương này trình bày những nội dung chính sau: File and directory management, linking files, file and directory permissions, sudoers. Mời các bạn cùng tham khảo để biết thêm các nội dung chi tiết.
Đặng Thanh Bình Basic System Administration Contents • File and Directory management – ls, cd, pwd, mkdir, mv cp, rm, rmdir, locate, find, grep – touch, cat – Recursive and interactive modes – PATH variable, which command • Linking Files • File and directory permissions • sudoers FILE AND DIRECTORY MANAGEMENT The Linux Directory Structure • Directory: Used to organize other files into a logical tree structure – Stored in a filesystem of a specific partition in the hard disk • Root: The top level directory – Referred to using the / character • Forms root of a hierarchical tree The Linux Directory Structure • The Windows file system structure The Linux Directory Structure • The Linux file system structure File Types • basic file types – Normal files (program, text, library, …) – Directory – Special files (device, socket, pipe, …) – Symbolic links (symlinks) File Name Regulations • Maximum 255 characters • May contain any characters special characters) (including • Hidden file/directory starts with a period (.) Pathname • Absolute pathname: starts with “/” • Relative pathname: DOES not start with a “/” • Special pathnames: • – parent directory • – current directory Changing Directories • Home directory: unique to each user – ~ metacharacter used to refer to home directory • pwd (print working directory) command: displays current directory in the directory tree • cd (change directory) command: change the current directory in the directory tree – Argument specifies the destination directory – cd: go to user’s home directory – cd PATHNAME 10 Setting Special Permissions • Numeric representation of regular and special permissions 65 SUDOERS 66 How To Obtain Root Privileges • Login as root • Use “su” to become root • Use “sudo” to execute commands as root 67 /etc/sudoers file • The /etc/sudoers file controls – who can run what commands as what users on what machines – special things such as whether you need a password for particular commands • The file is composed – aliases (basically variables) and – user specifications (which control who can run what) 68 Aliases • kinds of aliases: User_Alias, Host_Alias and Cmnd_Alias • Each alias definition is of the form: – Runas_Alias, Alias_Type NAME = item1, item2, where Alias_Type is one of types above • Use semicolon as separator – Alias_Type NAME1 = item1, item2 : NAME2 = item3 • There are also built in aliases called ALL which match everything where they are used 69 User Alias # Everybody in the system group "admin" is covered by the alias ADMINS User_Alias ADMINS = %admin # The users "tom", "dick", and "harry" are covered by the USERS alias User_Alias USERS = tom, dick, harry # The users "tom" and "mary" are in the WEBMASTERS alias User_Alias WEBMASTERS = tom, mary # You can also use ! to exclude users from an alias # This matches anybody in the USERS alias who isn't in WEBMASTERS or ADMINS aliases User_Alias LIMITED_USERS = USERS, !WEBMASTERS, !ADMINS 70 Runas Aliases # UID 0 is normally used for root # Note the hash (#) on the following line indicates a uid, not a comment Runas_Alias ROOT = #0 # This is for all the admin users similar to the User_Alias of ADMINS set earlier # with the addition of "root" Runas_Alias ADMINS = %admin, root 71 Host Aliases # This is all the servers Host_Alias SERVERS = 192.168.0.1, 192.168.0.2, server1 # This is the whole network Host_Alias NETWORK = 192.168.0.0/255.255.255.0 # And this is every machine in the network that is not a server Host_Alias WORKSTATIONS = NETWORK, !SERVER # This could have been done in one step with #Host_Alias WORKSTATIONS = 192.168.0.0/255.255.255.0, ! SERVERS # but I think this method is clearer 72 Command Aliases # All the shutdown commands Cmnd_Alias SHUTDOWN_CMDS = /sbin/poweroff, /sbin/reboot, /sbin/halt # Printing commands Cmnd_Alias PRINTING_CMDS = /usr/sbin/lpc, /usr/sbin/lprm # Admin commands Cmnd_Alias ADMIN_CMDS = /usr/sbin/passwd, /usr/sbin/useradd, /usr/sbin/userdel, /usr/sbin/usermod, /usr/sbin/visudo # Web commands Cmnd_Alias WEB_CMDS = /etc/init.d/apache2 73 User Specifications • User Specifications are where the sudoers file sets who can run what as who • Syntax = • • • • • user list is a list of users or a user alias host list is a list of hosts or a host alias operator list is a list of users they must be running as command list is a list of commands or a cmnd alias tag list allows you set special things – PASSWD and NOPASSWD to specify whether the user has to enter a password or not – NOEXEC to prevent any programs launching shells themselves 74 User Specifications Example # This lets the webmasters run all the web commands on the machine "webserver" provided they give a password WEBMASTERS webserver= WEB_CMDS # This lets the admins run all the admin commands on the servers ADMINS SERVERS= ADMIN_CMDS # This lets all the USERS run admin commands on the workstations provided they give the root password or and admin password (using "sudo u ") USERS WORKSTATIONS=(ADMINS) ADMIN_CMDS # This lets "harry" shutdown his own machine without a password harry harrysmachine= NOPASSWD: SHUTDOWN_CMDS # And this lets everybody print without requiring a password 75 ALL ALL=(ALL) NOPASSWD: PRINTING_CMDS What is visudo? • The program used to edit the sudoers file • Traditionally, visudo opens the /etc/sudoers file with the "vi" text editor • Ubuntu, however, has configured visudo to use the "nano" text editor instead • If you would like to change it, issue the following command: sudo selecteditor 76 What is visudo? $ sudo selecteditor Select an editor. To change later, run 'selecteditor' 1. /bin/ed 2. /bin/nano FILENAME (use Ctrl-D to finish) 14 Viewing Text Files • tac command: displays... to specify the number of lines to be displayed (e.g., head -2 filename) 15 Viewing Text Files • more command: displays text files page-bypage – Pressing Spacebar displays the next page – Pressing