Monday, 22 February 2021

Linux Admin - Quota Management

 CentOS disk quotas can be enabled both; alerting the system administrator and denying further disk-storage-access to a user before disk capacity is exceeded. When a disk is full, depending on what resides on the disk, an entire system can come to a screeching halt until recovered.

Enabling Quota Management in CentOS Linux is basically a 4 step process −

  • Step 1 − Enable quota management for groups and users in /etc/fstab.

  • Step 2 − Remount the filesystem.

  • Step 3 − Create Quota database and generate disk usage table.

  • Step 4 − Assign quota policies.

Enable Quota Management in /etc/fstab

First, we want to backup our /etc/fstab filen −

[root@centosLocal centos]# cp -r /etc/fstab ./

We now have a copy of our known working /etc/fstab in the current working directory.

# 
# /etc/fstab 
# Created by anaconda on Sat Dec 17 02:44:51 2016 
# 
# Accessible filesystems, by reference, are maintained under '/dev/disk' 
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
# 
/dev/mapper/cl-root        /         xfs     defaults                      0 0
UUID = 4b9a40bc-9480-4     /boot     xfs     defaults                      0 0

/dev/mapper/cl-home        /home     xfs     defaults,usrquota,grpquota    0 0

/dev/mapper/cl-swap        swap      swap    defaults                      0 0

We made the following changes in the options section of /etc/fstab for the volume or Label to where quotas are to be applied for users and groups.

  • usrquota
  • grpquota

As you can see, we are using the xfs filesystem. When using xfs there are extra manual steps involved. /home is on the same disk as /. Further investigation shows / is set for noquota, which is a kernel level mounting option. We must re-configure our kernel boot options.

root@localhost rdc]# mount | grep ' / ' 
/dev/mapper/cl-root on / type xfs (rw,relatime,seclabel,attr2,inode64,noquota)

[root@localhost rdc]#

Reconfiguring Kernel Boot Options for XFS File Systems

This step is only necessary under two conditions −

  • When the disk/partition we are enabling quotas on, is using the xfs file system
  • When the kernel is passing noquota parameter to /etc/fstab at boot time

Step 1 − Make a backup of /etc/default/grub.

cp /etc/default/grub ~/

Step 2 − Modify /etc/default/grub.

Here is the default file.

GRUB_TIMEOUT=5 
GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)" 
GRUB_DEFAULT=saved 
GRUB_DISABLE_SUBMENU=true 
GRUB_TERMINAL_OUTPUT="console" 
GRUB_CMDLINE_LINUX="crashkernel=auto rd.lvm.lv=cl/root rd.lvm.lv=cl/swap rhgb quiet" 
GRUB_DISABLE_RECOVERY="true"

We want to modify the following line −

GRUB_CMDLINE_LINUX="crashkernel=auto rd.lvm.lv=cl/root rd.lvm.lv=cl/swap rhgb quiet"

to

GRUB_CMDLINE_LINUX="crashkernel=auto rd.lvm.lv=cl/root rd.lvm.lv 
=cl/swap rhgb quiet rootflags=usrquota,grpquota"

Note − It is important we copy these changes verbatim. After we reconfigure grub.cfg, our system will fail to boot if any errors were made in the configuration. Please, try this part of the tutorial on a non-production system.

Step 3 − Backup your working grub.cfg

cp /boot/grub2/grub.cfg /boot/grub2/grub.cfg.bak

Make a new grub.cfg

[root@localhost rdc]# grub2-mkconfig -o /boot/grub2/grub.cfg 
Generating grub configuration file ... 
Found linux image: /boot/vmlinuz-3.10.0-514.el7.x86_64 
Found initrd image: /boot/initramfs-3.10.0-514.el7.x86_64.img 
Found linux image: /boot/vmlinuz-0-rescue-dbba7fa47f73457b96628ba8f3959bfd 
Found initrd image: /boot/initramfs-0-rescuedbba7fa47f73457b96628ba8f3959bfd.img 
done

[root@localhost rdc]#

Reboot

[root@localhost rdc]#reboot

If all modifications were precise, we should not have the availability to add quotas to the xfs file system.

[rdc@localhost ~]$ mount | grep ' / ' 
/dev/mapper/cl-root on / type xfs (rw,relatime,seclabel,attr2,inode64,usrquota,grpquota)
 
[rdc@localhost ~]$

We have passed the usrquota and grpquota parameters via grub.

Now, again edit /etc/fstab to include / since /homeon the same physical disk.

/dev/mapper/cl-root/xfs
defaults,usrquota,grpquota        0 0

Now let's enable the quota databases.

[root@localhost rdc]# quotacheck -acfvugM

Make sure Quotas are enabled.

[root@localhost rdc]# quotaon -ap 
group quota on / (/dev/mapper/cl-root) is on 
user quota on / (/dev/mapper/cl-root) is on 
group quota on /home (/dev/mapper/cl-home) is on 
user quota on /home (/dev/mapper/cl-home) is on 
[root@localhost rdc]#

Remount the File System

If the partition or disk is separate from the actively booted partition, we can remount without rebooting. If the quota was configured on a disk/partition booted in the root directory /, we may need to reboot the operating system. Forcing the remount and applying changes, the need to remount the filesystem may vary.

[rdc@localhost ~]$ df 
Filesystem              1K-blocks     Used      Available      Use%     Mounted on
/dev/mapper/cl-root     22447404      4081860   18365544       19%         /
devtmpfs                903448        0         903448         0%          /dev
tmpfs                   919308        100       919208         1%          /dev/shm
tmpfs                   919308        9180      910128         1%          /run
tmpfs                   919308        0         919308         0%          /sys/fs/cgroup
/dev/sda2               1268736       176612    1092124        14%         /boot
/dev/mapper/cl-var      4872192       158024    4714168        4%          /var
/dev/mapper/cl-home     18475008      37284     18437724       1%          /home
tmpfs                   183864        8         183856         1%          /run/user/1000

[rdc@localhost ~]$

As we can see, LVM volumes are in use. So it's simple to just reboot. This will remount /home and load the /etc/fstab configuration changes into active configuration.

Create Quota Database Files

CentOS is now capable of working with disk quotas on /home. To enable full quota supprt, we must run the quotacheck command.

quotacheck will create two files −

  • aquota.user
  • aquota.group

These are used to store quota information for the quota enabled disks/partitions.

Following are the common quotacheck switches.

SwitchAction
-uChecks for user quotas
-gChecks for group quotas
-cQuotas should be enabled for each file system with enables quotas
-vDisplays verbose output

Add Quota Limits Per User

For this, we will use the edquota command, followed by the username −

[root@localhost rdc]# edquota centos

Disk quotas for user centos (uid 1000):  
Filesystem                   blocks       soft       hard     inodes     soft     hard 
/dev/mapper/cl-root              12          0          0         13        0        0  
/dev/mapper/cl-home            4084          0          0        140        0        0

Let's look at each column.

  • Filesystem − It is the filesystem quotas for the user applied to

  • blocks − How many blocks the user is currently using on each filesystem

  • soft − Set blocks for a soft limit. Soft limit allows the user to carry quota for a given time period

  • hard − Set blocks for a hard limit. Hard limit is total allowable quota

  • inodes − How many inodes the user is currently using

  • soft − Soft inode limit

  • hard − Hard inode limit

To check our current quota as a user −

[centos@localhost ~]$ quota 
Disk quotas for user centos (uid 1000):  
Filesystem             blocks     quota      limit grace    files   quota   limit   grace 
/dev/mapper/cl-home    6052604    56123456   61234568       475     0       0       [centos@localhost ~]$

Following is an error given to a user when the hard quota limit has exceeded.

[centos@localhost Downloads]$ cp CentOS-7-x86_64-LiveKDE-1611.iso.part ../Desktop/

cp: cannot create regular file ‘../Desktop/CentOS-7-x86_64-LiveKDE-
1611.iso.part’: Disk quota exceeded

[centos@localhost Downloads]$

As we can see, we are closely within this user's disk quota. Let's set a soft limit warning. This way, the user will have advance notice before quota limits expire. From experience, you will get end-user complaints when they come into work and need to spend 45 minutes clearing files to actually get to work.

As an Administrator, we can check quota usage with the repquota command.

[root@localhost Downloads]# repquota  /home  
                    Block limits                            File limits  
User            used     soft     hard     grace       used     soft     hard     grace 
----------------------------------------------------------------------------------------
root      --       0         0        0                   3        0        0        
centos    -+ 6189824  56123456 61234568                 541      520      540      6days 

[root@localhost Downloads]#

As we can see, the user centos has exceeded their hard block quota and can no longer use any more disk space on /home.

-+denotes a hard quota has been exceeded on the filesystem.

When planning quotas, it is necessary to do a little math. What an Administrator needs to know is:How many users are on the system? How much free space to allocate amongst users/groups? How many bytes make up a block on the file system?

Define quotas in terms of blocks as related to free disk-space.It is recommended to leave a "safe" buffer of free-space on the file system that will remain in worst case scenario: all quotas are simultaneously exceeded. This is especially on a partition that is used by the system for writing logs.

Posted by at No comments:

Linux Admin - User Management

 When discussing user management, we have three important terms to understand −

  • Users
  • Groups
  • Permissions

We have already discussed in-depth permissions as applied to files and folders. In this chapter, let's discuss about users and groups.

CentOS Users

In CentOS, there are two types accounts −

  • System accounts − Used for a daemon or other piece of software.

  • Interactive accounts − Usually assigned to a user for accessing system resources.

The main difference between the two user types is −

  • System accounts are used by daemons to access files and directories. These will usually be disallowed from interactive login via shell or physical console login.

  • Interactive accounts are used by end-users to access computing resources from either a shell or physical console login.

With this basic understanding of users, let's now create a new user for Bob Jones in the Accounting Department. A new user is added with the adduser command.

Following are some adduser common switches −

SwitchAction
-cAdds comment to the user account
-mCreates user home directory in default location, if nonexistent
-gDefault group to assign the user
-nDoes not create a private group for the user, usually a group with username
-MDoes not create a home directory
-sDefault shell other than /bin/bash
-uSpecifies UID (otherwise assigned by the system)
-GAdditional groups to assign the user to

When creating a new user, use the -c, -m, -g, -n switches as follows −

[root@localhost Downloads]# useradd -c "Bob Jones  Accounting Dept Manager" 
-m -g accounting -n bjones

Now let's see if our new user has been created −

[root@localhost Downloads]# id bjones 
(bjones) gid = 1001(accounting) groups = 1001(accounting)

[root@localhost Downloads]# grep bjones /etc/passwd 
bjones:x:1001:1001:Bob Jones  Accounting Dept Manager:/home/bjones:/bin/bash

[root@localhost Downloads]#

Now we need to enable the new account using the passwd command −

[root@localhost Downloads]# passwd bjones 
Changing password for user bjones. 
New password:  
Retype new password:  
passwd: all authentication tokens updated successfully.

[root@localhost Downloads]#

The user account is not enabled allowing the user to log into the system.

Disabling User Accounts

There are several methods to disable accounts on a system. These range from editing the /etc/passwd file by hand. Or even using the passwd command with the -lswitch. Both of these methods have one big drawback: if the user has ssh access and uses an RSA key for authentication, they can still login using this method.

Now let’s use the chage command, changing the password expiry date to a previous date. Also, it may be good to make a note on the account as to why we disabled it.

[root@localhost Downloads]# chage -E 2005-10-01 bjones
 
[root@localhost Downloads]# usermod  -c "Disabled Account while Bob out of the country 
for five months" bjones

[root@localhost Downloads]# grep bjones /etc/passwd 
bjones:x:1001:1001:Disabled Account while Bob out of the country for four 
months:/home/bjones:/bin/bash

[root@localhost Downloads]#

Manage Groups

Managing groups in Linux makes it convenient for an administrator to combine the users within containers applying permission-sets applicable to all group members. For example, all users in Accounting may need access to the same files. Thus, we make an accounting group, adding Accounting users.

For the most part, anything requiring special permissions should be done in a group. This approach will usually save time over applying special permissions to just one user. Example, Sally is in-charge of reports and only Sally needs access to certain files for reporting. However, what if Sally is sick one day and Bob does reports? Or the need for reporting grows? When a group is made, an Administrator only needs to do it once. The add users is applied as needs change or expand.

Following are some common commands used for managing groups −

  • chgrp
  • groupadd
  • groups
  • usermod

chgrp − Changes the group ownership for a file or directory.

Let's make a directory for people in the accounting group to store files and create directories for files.

[root@localhost Downloads]# mkdir /home/accounting

[root@localhost Downloads]# ls -ld /home/accounting
drwxr-xr-x. 2 root root 6 Jan 13 10:18 /home/accounting

[root@localhost Downloads]#

Next, let's give group ownership to the accounting group.

[root@localhost Downloads]# chgrp -v  accounting /home/accounting/ 
changed group of ‘/home/accounting/’ from root to accounting

[root@localhost Downloads]# ls -ld /home/accounting/ 
drwxr-xr-x. 2 root accounting 6 Jan 13 10:18 /home/accounting/

[root@localhost Downloads]#

Now, everyone in the accounting group has read and execute permissions to /home/accounting. They will need write permissions as well.

[root@localhost Downloads]# chmod g+w /home/accounting/

[root@localhost Downloads]# ls -ld /home/accounting/ 
drwxrwxr-x. 2 root accounting 6 Jan 13 10:18 /home/accounting/

[root@localhost Downloads]#

Since the accounting group may deal with sensitive documents, we need to apply some restrictive permissions for other or world.

[root@localhost Downloads]# chmod o-rx /home/accounting/

[root@localhost Downloads]# ls -ld /home/accounting/ 
drwxrwx---. 2 root accounting 6 Jan 13 10:18 /home/accounting/

[root@localhost Downloads]#

groupadd − Used to make a new group.

SwitchAction
-gSpecifies a GID for the group
-KOverrides specs for GID in /etc/login.defs
-oAllows overriding non-unique group id disallowance
-pGroup password, allowing the users to activate themselves

Let's make a new group called secret. We will add a password to the group, allowing the users to add themselves with a known password.

[root@localhost]# groupadd secret

[root@localhost]# gpasswd secret 
Changing the password for group secret 
New Password:  
Re-enter new password:

[root@localhost]# exit 
exit

[centos@localhost ~]$ newgrp secret 
Password:

[centos@localhost ~]$ groups 
secret wheel rdc

[centos@localhost ~]$

In practice, passwords for groups are not used often. Secondary groups are adequate and sharing passwords amongst other users is not a great security practice.

The groups command is used to show which group a user belongs to. We will use this, after making some changes to our current user.

usermod is used to update account attributes.

Following are the common usermod switches.

SwitchAction
-aAppends, adds user to supplementary groups, only with the -G option
-cComment, updatesthe user comment value
-dHome directory, updates the user's home directory
-GGroups, adds or removesthe secondary user groups
-gGroup, default primary group of the user
[root@localhost]# groups centos 
centos : accounting secret

[root@localhost]#

[root@localhost]# usermod -a -G wheel centos

[root@localhost]# groups centos
centos : accounting wheel secret

[root@localhost]#
Posted by at No comments:

Linux Admin - File / Folder Management

 To introduce permissions as they apply to both directories and files in CentOS Linux, let's look at the following command output.

[centos@centosLocal etc]$ ls -ld /etc/yum* 
drwxr-xr-x. 6 root root 100 Dec  5 06:59 /etc/yum 
-rw-r--r--. 1 root root 970 Nov 15 08:30 /etc/yum.conf 
drwxr-xr-x. 2 root root 187 Nov 15 08:30 /etc/yum.repos.d

Note − The three primary object types you will see are

  • "-" − a dash for plain file

  • "d" − for a directory

  • "l" − for a symbolic link

We will focus on the three blocks of output for each directory and file −

  • drwxr-xr-x : root : root
  • -rw-r--r-- : root : root
  • drwxr-xr-x : root : root

Now let's break this down, to better understand these lines −

dMeans the object type is a directory
rwxIndicates directory permissions applied to the owner
r-xIndicates directory permissions applied to the group
r-xIndicates directory permissions applied to the world
rootThe first instance, indicates the owner of the directory
rootThe second instance, indicates the group to which group permissions are applied

Understanding the difference between ownergroup and world is important. Not understanding this can have big consequences on servers that host services to the Internet.

Before we give a real-world example, let's first understand the permissions as they apply to directories and files.

Please take a look at the following table, then continue with the instruction.

OctalSymbolicPerm.Directory
1xExecuteEnter the directory and access files
4rReadList the files within the directory
2wWriteDelete or modify the files in a directory

Note − When files should be accessible for reading in a directory, it is common to apply read and execute permissions. Otherwise, the users will have difficulty working with the files. Leaving write disabled will assure files cannot be: renamed, deleted, copied over, or have permissions modified.

Applying Permissions to Directories and Files

When applying permissions, there are two concepts to understand −

  • Symbolic Permissions
  • Octal Permissions

In essence, each are the same but a different way to referring to, and assigning file permissions. For a quick guide, please study and refer to the following table −

ReadWriteExecute
Octal421
Symbolicrwx

When assigning permissions using the octal method, use a 3 byte number such as: 760. The number 760 translates into: Owner: rwx; Group: rw; Other (or world) no permissions.

Another scenario: 733 would translate to: Owner: rwx; Group: wx; Other: wx.

There is one drawback to permissions using the Octal method. Existing permission sets cannot be modified. It is only possible to reassign the entire permission set of an object.

Now you might wonder, what is wrong with always re-assigning permissions? Imagine a large directory structure, for example /var/www/ on a production web-server. We want to recursively take away the w or write bit on all directories for Other. Thus, forcing it to be pro-actively added only when needed for security measures. If we re-assign the entire permission set, we take away all other custom permissions assigned to every sub-directory.

Hence, it will cause a problem for both the administrator and the user of the system. At some point, a person (or persons) would need to re-assign all the custom permissions that were wiped out by re-assigning the entire permission-set for every directory and object.

In this case, we would want to use the Symbolic method to modify permissions −

chmod -R o-w /var/www/

The above command would not "overwrite permissions" but modify the current permission sets. So get accustomed to using the best practice

  • Octal only to assign permissions
  • Symbolic to modify permission sets

It is important that a CentOS Administrator be proficient with both Octal and Symbolic permissions as permissions are important for the integrity of data and the entire operating system. If permissions are incorrect, the end result will be both sensitive data and the entire operating system will be compromised.

With that covered, let's look at a few commands for modifying permissions and object owner/members −

  • chmod
  • chown
  • chgrp
  • umask

chmod : Change File Mode Permission Bits

CommandAction
-cLike verbose, but will only report the changes made
-vVerbose, outputsthe diagnostics for every request made
-RRecursively applies the operation on files and directories

chmod will allow us to change permissions of directories and files using octal or symbolic permission sets. We will use this to modify our assignment and uploads directories.

chown : Change File Owner and Group

CommandAction
-cLike verbose, but will only report the changes made
-vVerbose, outputsthe diagnostics for every request made
-RRecursively applies the operation on files and directories

chown can modify both owning the user and group of objects. However, unless needing to modify both at the same time, using chgrp is usually used for groups.

chgrp : Change Group Ownership of File or Directory

CommandAction
-cLike verbose, but will only report the changes
-vVerbose, outputs the diagnostics for every request made
-RRecursively, applies the operations on file and directories

chgrp will change the group owner to that supplied.

Real-world practice

Let's change all the subdirectory assignments in /var/www/students/ so the owning group is the students group. Then assign the root of students to the professors group. Later, make Dr. Terry Thomas the owner of the students directory, since he is tasked as being in-charge of all Computer Science academia at the school.

As we can see, when created, the directory is left pretty raw.

[root@centosLocal ~]# ls -ld /var/www/students/ 
drwxr-xr-x. 4 root root 40 Jan  9 22:03 /var/www/students/

[root@centosLocal ~]# ls -l /var/www/students/ 
total 0 
drwxr-xr-x. 2 root root 6 Jan  9 22:03 assignments 
drwxr-xr-x. 2 root root 6 Jan  9 22:03 uploads 

[root@centosLocal ~]#

As Administrators we never want to give our root credentials out to anyone. But at the same time, we need to allow users the ability to do their job. So let's allow Dr. Terry Thomas to take more control of the file structure and limit what students can do.

[root@centosLocal ~]# chown -R drterryt:professors /var/www/students/ 
[root@centosLocal ~]# ls -ld /var/www/students/ 
drwxr-xr-x. 4 drterryt professors 40 Jan  9 22:03 /var/www/students/

[root@centosLocal ~]# ls -ls /var/www/students/ 
total 0 
0 drwxr-xr-x. 2 drterryt professors 6 Jan  9 22:03 assignments 
0 drwxr-xr-x. 2 drterryt professors 6 Jan  9 22:03 uploads

[root@centosLocal ~]#

Now, each directory and subdirectory has an owner of drterryt and the owning group is professors. Since the assignments directory is for students to turn assigned work in, let's take away the ability to list and modify files from the students group.

[root@centosLocal ~]# chgrp students /var/www/students/assignments/ && chmod 
736 /var/www/students/assignments/

[root@centosLocal assignments]# ls -ld /var/www/students/assignments/ 
drwx-wxrw-. 2 drterryt students 44 Jan  9 23:14 /var/www/students/assignments/

[root@centosLocal assignments]#

Students can copy assignments to the assignments directory. But they cannot list contents of the directory, copy over current files, or modify files in the assignments directory. Thus, it just allows the students to submit completed assignments. The CentOS filesystem will provide a date-stamp of when assignments turned in.

As the assignments directory owner −

[drterryt@centosLocal assignments]$ whoami 
drterryt

[drterryt@centosLocal assignments]$ ls -ld /var/www/students/assignment 
drwx-wxrw-. 2 drterryt students 44 Jan  9 23:14 /var/www/students/assignments/

[drterryt@centosLocal assignments]$ ls -l /var/www/students/assignments/ 
total 4 
-rw-r--r--. 1 adama  students  0 Jan  9 23:14 myassign.txt 
-rw-r--r--. 1 tammyr students 16 Jan  9 23:18 terryt.txt

[drterryt@centosLocal assignments]$

We can see, the directory owner can list files as well as modify and remove files.

umask Command: Supplies the Default Modes for File and Directory Permissions As They are Created

umask is an important command that supplies the default modes for File and Directory Permissions as they are created.

umask permissions use unary, negated logic.

PermissionOperation
0Read, write, execute
1Read and write
2Read and execute
3Read only
4Read and execute
5Write only
6Execute only
7No permissions
[adama@centosLocal umask_tests]$ ls -l ./ 
-rw-r--r--. 1 adama students 0 Jan 10 00:27 myDir 
-rw-r--r--. 1 adama students 0 Jan 10 00:27 myFile.txt

[adama@centosLocal umask_tests]$ whoami 
adama

[adama@centosLocal umask_tests]$ umask 
0022

[adama@centosLocal umask_tests]$

Now, let’s change the umask for our current user, and make a new file and directory.

[adama@centosLocal umask_tests]$ umask 077

[adama@centosLocal umask_tests]$ touch mynewfile.txt

[adama@centosLocal umask_tests]$ mkdir myNewDir

[adama@centosLocal umask_tests]$ ls -l 
total 0 
-rw-r--r--. 1 adama students 0 Jan 10 00:27 myDir 
-rw-r--r--. 1 adama students 0 Jan 10 00:27 myFile.txt 
drwx------. 2 adama students 6 Jan 10 00:35 myNewDir 
-rw-------. 1 adama students 0 Jan 10 00:35 mynewfile.txt

As we can see, newly created files are a little more restrictive than before.

umask for users must should be changed in either −

  • /etc/profile
  • ~/bashrc
[root@centosLocal centos]# su adama 
[adama@centosLocal centos]$ umask 
0022 
[adama@centosLocal centos]$

Generally, the default umask in CentOS will be okay. When we run into trouble with a default of 0022, is usually when different departments belonging to different groups need to collaborate on projects.

This is where the role of a system administrator comes in, to balance the operations and design of the CentOS operating system.

Posted by at No comments:

Linux Admin - Basic CentOS Linux Commands

 Before learning the tools of a CentOS Linux Administrator, it is important to note the philosophy behind the Linux administration command line.

Linux was designed based on the Unix philosophy of “small, precise tools chained together simplifying larger tasks”. Linux, at its root, does not have large single-purpose applications for one specific use a lot of the time. Instead, there are hundreds of basic utilities that when combined offer great power to accomplish big tasks with efficiency.

Examples of the Linux Philosophy

For example, if an administrator wants a listing of all the current users on a system, the following chained commands can be used to get a list of all system users. On execution of the command, the users are on the system are listed in an alphabetical order.

[root@centosLocal centos]# cut /etc/passwd -d":" -f1 | sort 
abrt 
adm 
avahi 
bin 
centos 
chrony 
colord 
daemon 
dbus

It is easy to export this list into a text file using the following command.

[root@localhost /]# cut /etc/passwd -d ":" -f1 > system_users.txt        
[root@localhost /]# cat ./system_users.txt | sort | wc –l 
40       
[root@localhost /]#

It is also possible to compare the user list with an export at a later date.

[root@centosLocal centos]#  cut /etc/passwd -d ":" -f1 > system_users002.txt && 
   cat system_users002.txt | sort | wc -l 
41 
[root@centosLocal centos]# diff ./system_users.txt ./system_users002.txt  
evilBackdoor [root@centosLocal centos]#

A new user, “evilBackdoor", has been added to the system.

With this approach of small tools chained to accomplish bigger tasks, it is simpler to make a script performing these commands, than automatically email results at regular time intervals.

Basic Commands every Linux Administrator should be proficient in are −

In the Linux world, Administrators use filtering commands every day to parse logs, filter command output, and perform actions with interactive shell scripts. As mentioned, the power of these commands come in their ability to modify one another through a process called piping.

The following command shows how many words begin with the letter a from the CentOS main user dictionary.

[root@centosLocal ~]# egrep '^a.*$' /usr/share/dict/words | wc -l 
25192 
[root@centosLocal ~]#
Posted by at No comments:
Subscribe to: Posts (Atom)