新建用户
useradd wangpasswd wangusermod -s /bin/bash wangusermod -d /home/wang wang
授权
chmod u+w /etc/sudoersvim /etc/sudoersroot ALL=(ALL:ALL) ALLwang ALL=(ALL:ALL) ALL%sudo ALL=(ALL:ALL) ALLtenguwang ALL=(ALL:ALL) NOPASSWD:ALL---chmod u-w /etc/sudoers
创建登陆用户
sudo useradd -r -m -s /bin/bash tenguwangchmod 644 /home/safe/.ssh/id_rsa.pubchmod 600 /home/safe/.ssh/id_rsa
shell
#!/usr/bin/bash## TenguWangread -p "请输入要创建的账户名称:" usernameuseradd -r -m -s /bin/bash ${username}echo "用户${username}创建成功"ls -al /home/${username}read -p "请输入${username}密码:" passwdecho "${username}:${passwd}" | sudo chpasswdchmod +w /etc/sudoersecho "${username} ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoerschmod -w /etc/sudoersecho "${username}免密已设置完成"echo "开始写入密钥文件"mkdir /home/${username}/.sshecho "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC688q9OFg/AChEQiJJWQ80y6HCn2LDhNDlmNn9eR7r6ZsjICxF9K8q2S9QfUAH2O78Z2plFpoBqzk3N+JYLv4R9RkxlXJBZ2EHrWfpyjLIQsPb0Bh8CRjxw0BH2ZWeiBxuteIcAEedR61A4pPzsT5JBO+DUHrCXeYSIujuIAlIROF7W0HO3gSrhzZh8QsbWbEwTTn/fgnOtmkDPx3+gwrZmn4iXUdLBJs9rd/HVQTlhMfIXc6jn3xW0Ww3hTWdf8/+hL1tJum8B2VyywiiXmENbVHVH4U5uGuqOLXUUbigUbWaVIzyV9sbJg4SQtfUt+gVDhJ6eQVuA4r40ahhKU0PIy4fSEPn+oOWrHBeB1rFR1zrrwoVUoMvIA0sbjWfIKvJUrSwLS9KBSHplxGbY/xtpXNECoIYmHz9LQOrURjRJjrddFVdND2eKUpXdw1JUvRypjCKX50YcGl4kAmVBSVXG7LYZmA+EsC1JD24uavXlS454vI8uZPW6+GE3T1DaO0= TenGuWang" > /home/${username}/.ssh/authorized_keyschown -R tenguwang.tenguwang /home/${username}/.sshecho "您用户${username}创建成功,密码:${passwd}"
useradd: cannot open /etc/passwd
解决办法
lsattr /etc/passwd----i----------- /etc/passwd# 去除i属性chattr -i /etc/passwd
Cento7创建大于1000的用户密钥无法登录
usermod -u 555 tenguwanggroupmod -g 555 tenguwang
[root@tenguwang ~]# usermod -u 555 tenguwangusermod: user tenguwang is currently used by process 21843kill -9 `lsof -u tenguwang` # 直接杀掉
在Linux系统中,1000以下的UID是系统保留的UID。随意修改系统上某些帐号的 UID 很可能会导致某些程序无法进行,甚至导致系统无法顺利运行。我们可以通过/usr/share/doc/setup-2.8.71/uidgid来查看具体对应关系,当然不同的版本路径可能不一样,可以用/usr/share/doc/setup*/uidgid来通配
[root@tenguwang ~]# cat /usr/share/doc/setup-2.8.71/uidgidNAME UID GID HOME SHELL PACKAGESroot 0 0 /root /bin/bash setupbin 1 1 /bin /sbin/nologin setupdaemon 2 2 /sbin /sbin/nologin setupsys - 3 - - setupadm 3 4 /var/adm /bin/bash setuptty - 5 - - setupdisk - 6 - - setuplp 4 7 /var/spool/lpd /sbin/nologin setupmem - 8 - - setupkmem - 9 - - setupwheel - 10 - - setupcdrom - 11 - - setupsync 5 (0) /sbin /bin/sync setupshutdown 6 (0) /sbin /sbin/shutdown setuphalt 7 (0) /sbin /sbin/halt setupmail 8 12 /var/spool/mail /sbin/nologin setupnews 9 13 /var/spool/news /sbin/nologin setupuucp 10 14 /var/spool/uucp /sbin/nologin uucpoperator 11 (0) /root /sbin/nologin setupgames 12 (100) /usr/games /sbin/nologin setupgopher 13 30 /var/gopher /sbin/nologin -(not created by default)ftp 14 50 /var/ftp /sbin/nologin setupman - 15 - - setupoprofile 16 16 /var/lib/oprofile /sbin/nologin oprofilepkiuser 17 17 /usr/share/pki /sbin/nologin pki-ca,rhpki-cadialout - 18 - - setupfloppy - 19 - - setupgames - 20 - - setupslocate - 21 - - slocateutmp - 22 - - initscripts,libutemptersquid 23 23 /var/spool/squid /dev/null squidpvm 24 24 /usr/share/pvm3 /bin/bash pvmnamed 25 25 /var/named /bin/false bindpostgres 26 26 /var/lib/pgsql /bin/bash postgresql-servermysql 27 27 /var/lib/mysql /bin/bash mysqlnscd 28 28 / /bin/false nscdrpcuser 29 29 /var/lib/nfs /bin/false nfs-utilsconsole - 31 - - devrpc 32 32 / /bin/false portmapamandabackup 33 (6) /var/lib/amanda /bin/false amandatape - 33 - - setupnetdump 34 34 /var/crash /bin/bash netdump-client, netdump-serverutempter - 35 - - libutemptervdsm 36 - / /bin/bash kvm, vdsmkvm - 36 - - kvm, vdsm, libvirtrpm 37 37 /var/lib/rpm /bin/bash rpmntp 38 38 /etc/ntp /sbin/nologin ntpvideo - 39 - - setupdip - 40 - - pppmailman 41 41 /var/mailman /bin/false mailmangdm 42 42 /var/gdm /bin/bash gdmxfs 43 43 /etc/X11/fs /bin/false XFree86-xfspppusers - 44 - - linuxconfpopusers - 45 - - linuxconfslipusers - 46 - - linuxconfmailnull 47 47 /var/spool/mqueue /dev/null sendmailapache 48 48 /var/www /bin/false apachewnn 49 49 /home/wnn /bin/bash FreeWnnsmmsp 51 51 /var/spool/mqueue /dev/null sendmailpuppet 52 52 /var/lib/puppet /sbin/nologin puppettomcat 53 53 /var/lib/tomcat /sbin/nologin tomcatlock - 54 - - lockdevldap 55 55 /var/lib/ldap /bin/false openldap-serversfrontpage 56 56 /var/www /bin/false mod_frontpagenut 57 57 /var/lib/ups /bin/false nutbeagleindex 58 58 /var/cache/beagle /bin/false beagletss 59 59 - /sbin/nologin trouserspiranha 60 60 /etc/sysconfig/ha /dev/null piranhaprelude-manager 61 61 - /sbin/nologin prelude-managersnortd 62 62 - /sbin/nologin snortdaudio - 63 - - setupcondor 64 64 /var/lib/condor /sbin/nologin condordnslcd 65 (55) / /sbin/nologin nslcdwine - 66 - - winepegasus 66 65 /var/lib/Pegasus /sbin/nologin tog-pegasuswebalizer 67 67 /var/www/html/usage /sbin/nologin webalizerhaldaemon 68 68 / /sbin/nologin halvcsa 69 69 - /sbin/nologin dev,MAKEDEVavahi 70 70 /var/run/avahi-daemon /sbin/nologin avahirealtime - 71 - - -tcpdump 72 72 / /sbin/nologin tcpdumpprivoxy 73 73 /etc/privoxy /bin/bash privoxysshd 74 74 /var/empty/sshd /sbin/nologin openssh-serverradvd 75 75 / /bin/false radvdcyrus 76 (12) /var/imap /bin/bash cyrus-imapdsaslauth - 76 - - cyrus-imapdarpwatch 77 77 /var/lib/arpwatch /sbin/nologin arpwatchfax 78 78 /var/spool/fax /sbin/nologin mgettynocpulse 79 79 /etc/sysconfig/nocpulse /bin/bash nocpulsedesktop 80 80 - /sbin/nologin desktop-file-utilsdbus 81 81 / /sbin/nologin dbusjonas 82 82 /var/lib/jonas /sbin/nologin jonasclamav 83 83 /tmp /sbin/nologin clamavscreen - 84 - - screenquaggavt - 85 - - quaggasabayon 86 86 - /sbin/nologin sabayonpolkituser 87 87 / /sbin/nologin PolicyKitwbpriv - 88 - - samba-commonpostfix 89 89 /var/spool/postfix /bin/true postfixpostdrop - 90 - - postfixmajordomo 91 91 /usr/lib/majordomo /bin/bash majordomoquagga 92 92 / /sbin/nologin quaggaexim 93 93 /var/spool/exim /sbin/nologin eximdistcache 94 94 / /sbin/nologin distcacheradiusd 95 95 / /bin/false freeradiushsqldb 96 96 /var/lib/hsqldb /sbin/nologin hsqldbdovecot 97 97 /usr/libexec/dovecot /sbin/nologin dovecotident 98 98 / /sbin/nologin identnobody 99 99 / /sbin/nologin setupusers - 100 - - setupqemu 107 107 / /sbin/nologin libvirtovirt 108 108 / /sbin/nologin libvirtrhevm 109 109 /home/rhevm /sbin/nologin vdsm-regjetty 110 110 /usr/share/jetty /sbin/nologin jettysaned 111 111 / /sbin/nologin sane-backendsvhostmd 112 112 /usr/share/vhostmd /sbin/nologin vhostmdusbmuxd 113 113 / /sbin/nologin usbmuxdbacula 133 133 /var/spool/bacula /sbin/nologin baculacimsrvr 134 134 / /sbin/nologin tog-pegasus-libsmock - 135 / - mockricci 140 140 /var/lib/ricci /sbin/nologin ricciluci 141 141 /var/lib/luci /sbin/nologin luciactivemq 142 142 /usr/share/activemq /sbin/nologin activemqstap-server 155 155 /var/lib/stap-server /sbin/nologin systemtapstapusr - 156 / - systemtap-runtimestapsys - 157 / - systemtap-runtimestapdev - 158 / - systemtap-runtimeswift 160 160 /var/lib/swift /sbin/nologin openstack-swiftglance 161 161 /var/lib/glance /sbin/nologin openstack-glancenova 162 162 /var/lib/nova /sbin/nologin openstack-novakeystone 163 163 /var/lib/keystone /sbin/nologin openstack-keystonequantum 164 164 /var/lib/quantum /sbin/nologin openstack-quantumcinder 165 165 /var/lib/cinder /sbin/nologin openstack-cinderceilometer 166 166 /var/lib/ceilometer /sbin/nologin openstack-ceilometerceph 167 167 /var/lib/ceph /sbin/nologin ceph-commonavahi-autoipd 170 170 /var/lib/avahi-autoipd /sbin/nologin avahipulse 171 171 /var/run/pulse /sbin/nologin pulseaudiortkit 172 172 /proc /sbin/nologin rtkitabrt 173 173 /etc/abrt /sbin/nologin abrtretrace 174 174 /usr/share/retrace-server /sbin/nologin retrace-serverovirtagent 175 175 / /sbin/nologin ovirt-guest-agentats 176 176 / /sbin/nologin trafficserverdhcpd 177 177 / /sbin/nologin dhcpmyproxy 178 178 /var/lib/myproxy /sbin/nologin myproxy-serversanlock 179 179 /var/run/sanlock /sbin/nologin sanlockaeolus 180 180 /var/aeolus /sbin/nologin aeolus-configurewallaby 181 181 /var/lib/wallaby /sbin/nologin wallabykatello 182 182 /usr/share/katello /sbin/nologin katello-commonelasticsearch 183 183 /usr/share/java/elasticsearch /sbin/nologin elasticsearchmongodb 184 184 /var/lib/mongodb /sbin/nologin mongodbjboss 185 185 /var/lib/jbossas /sbin/nologin jbossas-core #was jboss-as and wildflyjbosson-agent 186 - / /sbin/nologin jboss-on-agentjbosson - 186 - - jboss-on-agentheat 187 187 /var/lib/heat /sbin/nologin heathaproxy 188 188 /var/lib/haproxy /sbin/nologin haproxyhacluster 189 - / /sbin/nologin pacemakerhaclient - 189 - - pacemakersystemd-journal - 190 - - systemdsystemd-journal-gateway 191 191 / /sbin/nologin systemd#systemd-journal-gateway dynamic on new systems (may have different uid/gid)systemd-network 192 192 / /sbin/nologin systemdsystemd-resolve 193 193 / /sbin/nologin systemdgnats ? ? ? ? gnats, gnats-dblistar ? ? ? ? listarnfsnobody 65534 65534 /var/lib/nfs /sbin/nologin nfs-utils# Note: nfsnobody is 4294967294 on 64-bit platforms (-2)
若有收获,就点个赞吧
0 人点赞
