Linux 用户，组，权限小练习-白红宇

1.新建一个没有家目录的用户openstack

2.复制/etc/skel为/home/openstack

3.改变/home/openstack及其内部的文件的属主，属组均为openstack

4./home/openstack及其内部的文件，属组和其他用户没有任何访问权限

                                     
[root@localhost ~]
# useradd -M openstack
[root@localhost ~]
# ls -l /home/openstack
ls
: 
/home/openstack
: No such 
file
or directory
[root@localhost ~]
# tail -1 /etc/passwd
openstack:x:4005:4005::
/home/openstack
:
/bin/bash
[root@localhost ~]
# id openstack
uid=4005(openstack) gid=4005(openstack) 
groups
=4005(openstack) context=root:system_r:unconfined_t:SystemLow-SystemHigh
[root@localhost ~]
# finger openstack
Login: openstack                Name: (null)
Directory: 
/home/openstack
Shell: 
/bin/bash
Never logged 
in
.
No mail.
No Plan.
[root@localhost ~]
# cp -rv /etc/skel /home/openstack
`
/etc/skel
' -> `/home/openstack'
`
/etc/skel/
.bashrc
' -> `/home/openstack/.bashrc'
`
/etc/skel/
.bash_logout
' -> `/home/openstack/.bash_logout'
`
/etc/skel/
.bash_profile
' -> `/home/openstack/.bash_profile'
[root@localhost ~]
# ls -la /home/openstack
total 40
drwxr-xr-x  2 root root 4096 May 16 16:14 .
drwxr-xr-x 28 root root 4096 May 16 16:14 ..
-rw-r--r--  1 root root   24 May 16 16:14 .bash_logout
-rw-r--r--  1 root root  176 May 16 16:14 .bash_profile
-rw-r--r--  1 root root  124 May 16 16:14 .bashrc
[root@localhost ~]
# cd /home/openstack
[root@localhost openstack]
# ls -la
total 40
drwxr-xr-x  2 root root 4096 May 16 16:14 .
drwxr-xr-x 28 root root 4096 May 16 16:14 ..
-rw-r--r--  1 root root   24 May 16 16:14 .bash_logout
-rw-r--r--  1 root root  176 May 16 16:14 .bash_profile
-rw-r--r--  1 root root  124 May 16 16:14 .bashrc
[root@localhost openstack]
# chown -R openstack:openstack .
[root@localhost openstack]
# ls -la
total 40
drwxr-xr-x  2 openstack openstack 4096 May 16 16:14 .
drwxr-xr-x 28 root      root      4096 May 16 16:14 ..
-rw-r--r--  1 openstack openstack   24 May 16 16:14 .bash_logout
-rw-r--r--  1 openstack openstack  176 May 16 16:14 .bash_profile
-rw-r--r--  1 openstack openstack  124 May 16 16:14 .bashrc
[root@localhost openstack]
# chmod go= .
[root@localhost openstack]
# ls -la
total 40
drwx------  2 openstack openstack 4096 May 16 16:14 .
drwxr-xr-x 28 root      root      4096 May 16 16:14 ..
-rw-r--r--  1 openstack openstack   24 May 16 16:14 .bash_logout
-rw-r--r--  1 openstack openstack  176 May 16 16:14 .bash_profile
-rw-r--r--  1 openstack openstack  124 May 16 16:14 .bashrc
[root@localhost openstack]
# chmod -R go= .
[root@localhost openstack]
# ls -la
total 40
drwx------  2 openstack openstack 4096 May 16 16:14 .
drwxr-xr-x 28 root      root      4096 May 16 16:14 ..
-rw-------  1 openstack openstack   24 May 16 16:14 .bash_logout
-rw-------  1 openstack openstack  176 May 16 16:14 .bash_profile
-rw-------  1 openstack openstack  124 May 16 16:14 .bashrc
[root@localhost openstack]
#
            
          

结果：

                                     
[root@localhost openstack]
# su - openstack
[openstack@localhost ~]$ 
id
uid=4005(openstack) gid=4005(openstack) 
groups
=4005(openstack) context=root:system_r:unconfined_t:SystemLow-SystemHigh
            
          

其实上面的过程也揭示了用户创建的过程。

（每一个命令执行完毕后，都应该想办法去验证它！）

本文转自zfz_linux_boy 51CTO博客，原文链接：http://blog.51cto.com/zhangfengzhe/1412919，如需转载请自行联系原作者