LFCA: Koyi Gudanar da Asusun Mai amfani - Sashe na 5

A matsayinka na mai gudanar da tsarin Linux, za a dora maka nauyin tabbatar da kwararar dukkan ayyukan IT a cikin kungiyar ka. Ganin cewa wasu ayyukan IT suna haɗuwa, mai gudanar da tsarin yawanci yakan sanya huluna da yawa gami da kasancewa tushen bayanai ko mai kula da hanyar sadarwa.

Wannan labarin shine Sashi na 5 na jerin LFCA, a nan a wannan ɓangaren, zaku sanar da kanku game da umarnin tsarin gudanarwa na gaba ɗaya don ƙirƙira da sarrafa masu amfani a cikin tsarin Linux.

Gudanar da Asusun Mai amfani a cikin Linux

Daya daga cikin manyan ayyukan mai gudanar da tsarin Linux shine ƙirƙirar da sarrafa masu amfani a cikin tsarin Linux. Kowane asusun mai amfani yana da alamun ganowa na musamman 2: sunan mai amfani da ID ɗin Mai amfani (UID).

Ainihin, akwai manyan nau'ikan 3 na masu amfani a cikin Linux:

Mai amfani da tushe shine mai amfani mafi ƙarfi a cikin tsarin Linux kuma yawanci ana ƙirƙira shi yayin aiwatar shigarwa. Tushen mai amfani yana da cikakken iko a cikin tsarin Linux ko wani OSI mai kama da UNIX. Mai amfani zai iya samun damar duk umarni, fayiloli, da kundayen adireshi kuma ya gyara tsarin yadda suke so.

Tushen mai amfani na iya sabunta tsarin, girka da cirewa kunshe-kunshe, kara ko cire wasu masu amfani, bayarwa ko soke izinin, da aiwatar da duk wani aikin gudanar da tsarin ba tare da wani takurawa ba.

Mai amfani da tushen kawai zai iya yin komai akan tsarin. Tsammani ta hanyar Linux da tsarin UNIX shine cewa kun san sarai abin da kuke yi tare da tsarin. Wannan ya ce, mai amfani da tushen zai iya karya tsarin. Abin da kawai za a yi shi ne kawai don aiwatar da umarnin kisa, kuma tsarin zai kasance cikin hayaƙi.

A saboda wannan dalili, yin umarni mai gudana kamar mai amfani tushen hana shi sosai. Madadin haka, kyakkyawan aiki yana buƙatar ku saita masu amfani da sudo. Wancan shine baiwa sudo gata ga mai amfani na yau da kullun don yin wasu ayyukan gudanarwa da ƙuntata wasu ayyuka kawai ga mai amfani da tushe.

Mai amfani na yau da kullun mai amfani ne na yau da kullun wanda mai gudanarwa zai iya ƙirƙirar shi. Yawancin lokaci, akwai tanadi don ƙirƙirar ɗaya yayin aiwatar shigarwa. Koyaya, har yanzu kuna iya ƙirƙirar yawancin masu amfani na yau da kullun kamar yadda ake buƙata bayan shigarwa.

Mai amfani na yau da kullun zai iya yin ayyuka kawai da samun damar fayiloli da kundayen adireshi waɗanda aka ba su izini. Idan ana buƙata, ana iya ba mai amfani na yau da kullun ɗaukaka don aiwatar da matakan gudanarwa. Hakanan za'a iya share ko amfani da masu amfani na yau da kullun lokacin da buƙata ta taso.

Wannan ba asusun shiga bane wanda aka kirkiri lokacin da aka sanya kunshin software. Irin waɗannan asusu ana amfani dasu da sabis don aiwatar da tsari a cikin tsarin. Ba a tsara su ko nufin su aiwatar da duk wani aiki na yau da kullun ko ayyukan gudanarwa a cikin tsarin ba.

Fayilolin Gudanar da Mai amfani

Bayani game da masu amfani a cikin tsarin Linux ana adana su a cikin fayiloli masu zuwa:

  • Fayil din/sauransu/passwd
  • Fayil din/sauransu/rukuni
  • Fayil din/sauransu/gshadow
  • Fayil ɗin/sauransu/inuwa

Bari mu fahimci kowane fayil da abin da yake yi:

Fayil ɗin/sauransu/passwd ya ƙunshi ɗan bayani game da masu amfani waɗanda ke ƙunshe da fannoni daban-daban. Don duba abubuwan cikin fayil ɗin, kawai yi amfani da umarnin cat kamar yadda aka nuna.

$ cat /etc/passwd

Ga takaitaccen kayan fitarwa.

tecmint:x:1002:1002:tecmint,,,:/home/tecmint:/bin/bash

Bari mu mai da hankali kan layin farko da nama daga bangarori daban-daban. Farawa daga hagu na nesa, muna da masu zuwa:

  • Sunan mai amfani: Wannan sunan mai amfani ne, a wannan yanayin, tecmint.
  • Kalmar wucewa: Shafi na biyu yana wakiltar ɓoyayyen kalmar sirri na mai amfani. Ba a buga kalmar sirri a cikin rubutu bayyananne, a maimakon haka, ana amfani da mai sanya wuri tare da alamar x.
  • UID: Wannan ID ɗin Mai amfani ne. Gano ne na musamman ga kowane mai amfani.
  • GID: Wannan shine ID ɗin Rukuni.
  • Bayani a taƙaice ko taƙaitaccen mai amfani.
  • Wannan ita ce hanyar zuwa kundin adireshin gidan mai amfani. Ga mai amfani da tecmint, muna da/gida/tecmint.
  • Wannan harsashi ne na shiga. Ga masu amfani da shiga na yau da kullun, ana yawan wakilta wannan azaman/bin/bash. Don asusun sabis kamar SSH ko MySQL, wannan galibi ana wakilta shi azaman/bin/ƙarya.

Wannan fayil ɗin ya ƙunshi bayani game da ƙungiyoyin mai amfani. Lokacin da aka ƙirƙiri mai amfani, harsashi yana ƙirƙirar rukuni ta atomatik wanda ya dace da sunan mai amfani na mai amfani. Wannan an san shi da ƙungiyar farko. An ƙara mai amfani zuwa rukunin farko akan ƙirƙirawa.

Misali, idan ka kirkiri wani mai amfani da ake kira bob, tsarin kai tsaye zai kirkiro wani rukuni da ake kira bob kuma yana kara mai amfani bob din a cikin kungiyar.

$ cat /etc/group

tecmint:x:1002:

Fayil ɗin/da sauransu/suna da ginshiƙai 3. Daga hagu na nesa, muna da:

  • Sunan rukuni. Kowane sunan rukuni dole ne ya zama na musamman.
  • kalmar wucewa ta rukuni. Galibi ana samun wakilcin mai sanya x.
  • ID na Rukuni (GID)
  • Membobin kungiya. Waɗannan membobin ne na ƙungiyar. An bar wannan filin fanko idan mai amfani shi kaɗai ne memba a cikin rukunin.

SAURARA: Mai amfani na iya zama memba na ƙungiyoyi da yawa. Hakanan, rukuni na iya samun membobi da yawa.

Don tabbatar da ƙungiyoyin da mai amfani yake, gudanar da umurnin:

$ groups username

Misali, don bincika ƙungiyoyin da mai amfani tecmint yake, gudanar da umarnin:

$ groups tecmint

Sakamakon ya tabbatar da cewa mai amfani yana cikin ƙungiyoyi biyu: tecmint da sudo.

tecmint : tecmint sudo

Wannan fayil ɗin ya ƙunshi ɓoyayyen sirri ko 'inuwa' kalmomin shiga don asusun rukuni kuma, saboda dalilai na tsaro, masu amfani na yau da kullun ba za su iya samun damar su ba. Abun karantawa ne kawai daga tushen mai amfani da masu amfani tare da gatan sudo.

$ sudo cat /etc/gshadow

tecmint:!::

Daga hagu na hagu, fayil ɗin ya ƙunshi fannoni masu zuwa:

  • Sunan rukuni
  • Rubutun kalmar sirri na Rukuni
  • Kungiyar rukuni
  • Membobin rukuni

Fayil ɗin/da sauransu/yana adana masu amfani ainihin kalmomin shiga a cikin tsari ko ɓoyayyen tsari. Bugu da ƙari, filayen sun rabu biyu kuma suna ɗaukar tsarin da aka nuna.

$ sudo cat /etc/shadow

tecmint:$6$iavr8PAxxnWmfh6J$iJeiuHeo5drKWcXQ.BFGUrukn4JWW7j4cwjX7uhH1:18557:0:99999:7:::

Fayil din yana da filaye 9. Farawa daga hagu mai nisa muna da:

  • Sunan mai amfani: Wannan shine sunan shigarku.
  • kalmar shiga ta mai amfani. Ana gabatar da wannan a cikin tsari ko ɓataccen tsari.
  • Canjin kalmar wucewa ta ƙarshe. Wannan ita ce ranar tunda kalmar sirri ta canza kuma ana kirgawa tun kwanan wata. Epoch shine 1 ga Janairu 1970.
  • Mafi karancin shekarun kalmar shiga. Wannan shine mafi karancin kwanakin da dole sai sun cika kafin saita kalmar sirri.
  • Matsakaicin adadin kalmar wucewa. Wannan shine adadin mafi yawan kwanaki bayan haka wanda dole ne a canza kalmar sirri.
  • Lokacin faɗakarwa. Kamar yadda sunan ya nuna, wannan adadin kwanakin kenan jim kadan kafin kalmar wucewa ta kare da za a sanar da mai amfani game da karewar kalmar wucewa.
  • Lokacin rashin aiki. Yawan kwanaki bayan kalmar wucewa ta ƙare cewa an kashe asusun mai amfani ba tare da mai amfani ya canza kalmar ba.
  • ranar karewa. Ranar da asusun mai amfani ya kare.
  • filin da aka adana. - An bar wannan fanko.

Yadda ake Kara Masu Amfani a Tsarin Linux

Don rarraba Debian da Ubuntu, ana amfani da mai amfani don ƙara masu amfani.

Aikin gabatarwa yana da sauki kuma kai tsaye.

# adduser username

Misali, don ƙara mai amfani da ake kira bob, gudanar da umurnin

# adduser bob

Daga fitowar, an ƙirƙiri wani mai amfani da ake kira 'bob' kuma an ƙara shi zuwa sabuwar ƙungiyar da aka kirkira mai suna 'bob'. Allyari, tsarin yana ƙirƙirar kundin adireshi na gida da kwafe fayilolin daidaitawa a ciki.

Bayan haka, za a nemi izinin sabon mai amfani da kalmar sirri sannan kuma tabbatar da shi. Harsashin zai kuma sa ku cikakken sunan mai amfani da sauran bayanan zaɓi kamar Room no da Work phone. Wannan bayanin ba lallai bane ya zama dole, saboda haka yana da aminci tsallake shi. A ƙarshe, danna ‘Y’ don tabbatar da cewa bayanin da aka bayar daidai ne.

Don tsarin RHEL & tushen CentOS , yi amfani da umarnin useradd.

# useradd bob

Na gaba, saita kalmar sirri don mai amfani ta amfani da umarnin passwd kamar haka.

# passwd bob

Yadda ake Share Masu Amfani a cikin Linux System

Don share mai amfani daga tsarin, yana da kyau a fara kulle mai amfani daga shiga cikin tsarin kamar yadda aka nuna.

# passwd -l bob

Idan kuna so, zaku iya adana fayilolin mai amfani ta amfani da umarnin tar.

# tar -cvf /backups/bob-home-directory.tar.bz2  /home/bob

A ƙarshe, don share mai amfani tare da kundin adireshin gida amfani da umarnin ƙaura kamar haka:

# deluser --remove-home bob

Allyari, kuna iya amfani da umarnin mai amfani kamar yadda aka nuna.

# userdel -r bob

Dokokin biyu sun cire mai amfani gaba ɗaya tare da kundin adireshin gidansu.

Wancan shine bayyanannen bayanan umarnin sarrafa mai amfani wanda zai tabbatar da amfani musamman yayin sarrafa asusun masu amfani a cikin ofishin ofishin ku. Gwada musu lokaci-lokaci don kaifin kwarewar tsarin gudanarwar ku.