System own service ( On ).md
Linux System own service
Own services , Services that do not require users to install software independently , It's a service that can be used directly after the system is installed （ built-in ）
1、 understand Linux Of 7 Operation mode
2、 Understand the relationship between users and user groups ( a key )
3、 Master the operation command of user group and user ( a key )
4、 Can say the location of network card configuration file
5、 Able to use shell Command management network services
6、 understand sshd Service and application scenarios
7、 Able to use sshd Services to achieve remote management and file transfer
8、 master scp Realize file transfer
One 、Linux Operation mode
1、 What is the operating mode
Operation mode can also be called operation level （Running Level）
stay Linux There is a process ：init （initialize, initialization ）, process id yes 1
Check the process ：
# ps -ef | grep init
There is a corresponding configuration file for this process ：inittab（ System run level profile , Location /etc/inittab）
Use vim Command to open /etc/inittab file ：
After opening , The effect is shown below ：
# The first ones all stand for notes , The runtime will not parse this line of command
According to the above description , It can be learned that ,Centos6.9 in 7 Operation level / Pattern ：
0 — Indicates the shutdown level （ Do not set the default run level to this value ）
1 — Single user mode （ Retrieve root Cryptographically ）, similar Windows Security mode in
2 — Multi user mode , No NFS（Network File Syetem）
3 — Multi user mode , Full multi-user mode （ Without a desk , Pure command line mode ）=> a key （ Servers are used the most ）
4 — Patterns not used （ Reserved mode , Custom mode ）
5 — X11, Complete graphical interface mode => a key （ Personal computers are used the most ）
6 — Indicates restart level （ Do not set the default run level to this value ）
2、 Several commands related to the run level
# init 0 It means shut down (halt)
# init 3 Switch to mode without desktop （CLI Command line mode ）
# init 5 Switch to the GUI （ The premise is to make sure that the graphical interface is installed ）
# init 6 Restart the computer (reboot)
Be careful ： The above commands are temporary ways to switch the run level . and init The command requires super administrator rights , Ordinary users can't execute .
These commands are actually called init process , The digital （ Operation level ） Pass it on to the process , The process reads the configuration file and performs the corresponding operation .
① Switch to pure command line mode
Switch to pure command line mode （ Temporary switching , Restart and then resume ）
Running results ：
After switching, you need to enter the user name and password , When I entered the password, there was no “*” prompt , As long as you confirm that the password you entered is correct , Just press enter .
② Switch to desktop mode
③ Set mode is always command line only
First step ： Use vim Editor Editor /etc/inittab file
# vim /etc/inittab
The second step ： Set the default run level to 3
After setting up , Then restart the operating system , After restart, it will enter command line mode by default .
Two 、 User and user group management （ a key ）
Linux The system is a multi-user and multi task operating system , Any user who wants to use system resources , You must first apply to the system administrator for an account , Then enter the system as this account .
User's account , On the one hand, it can help the system administrator to track the users who use the system , And control their access to system resources ; On the other hand, it can help users organize files , And provide security protection for users .
Each user account has a unique user name and its own password , After the user enters the correct user name and password at login , You can access the system and your home directory （ home ）. To achieve user account management , The main tasks to be completed are as follows ：
* Management of user groups
* Add user account 、 Delete 、 Modification and user password management
Notice three files ：
* /etc/group Store key information about user groups
* /etc/passwd Store users' key information
* /etc/shadow Store user's password information
2、 The relationship between users and groups
Linux Operating system , There is only one primary group of users , But affiliate groups can have multiple .
Network language ： Godfather , A man has only one father , But Godfather can have n individual
3、 User group management
Each user has a user group , The system can centrally manage all users in a user group .
The management of user groups involves the addition of user groups 、 Delete and modify .
Files related to user groups ：/etc/group
Use vim command , open /etc/group file , As shown in the figure below ：
File structure ：
daemon : x : 1 : bin,daemon
User group name : password : User group ID : User name in the group ( Affiliate group )
In particular ：
① Code bit x Represents a placeholder , User groups can set passwords , But in most cases, you don't need to set
② User name in the group ： Indicates that the additional group is the user name of the Group ; For example, the above paragraph 4 That's ok , said sys User groups are users bin And adm Additional groups of .
① User group add
grammar ：# groupadd [ Options Option value ] User group name
Options ：-g： Set up user groups ID Numbers , If you don't specify , Default from 500 Then increase by degrees
Use tail Command view /etc/group file ：
② User group modification
grammar ：# groupmod [ Options Option value ] User group name
Options ：-g ：gid abbreviation , Set up a custom user group ID Numbers
-n ：name abbreviation , Set the name of the new user group
Sample code ： modify admins User group , Group ID Change to 520, Change the name to admin
③ User group delete
grammar ：# groupdel User group name
Case study ： Delete admin Group
4、 User management
User management involves the addition of users 、 Delete and modify .
User related files ：/etc/passwd
① Add users
grammar ：# useradd [ Options The value of the option ] … user name
Options ：-g： Represents the user owner of the specified user （ The main ） Group , The option value can be a user group ID, It can also be a group name
-G： Indicates the user attachment of the specified user （ additional ） Group , The option value can be a user group ID, It can also be a group name
-u ：uid, User id（ User's identifier ）, The system will default from 500 After that, it is distributed in order uid, If you do not want to use system assigned , You can customize 【 Similar to Tencent QQ The situation of the optional number of 】
-c：comment, Add notes （ Choose whether to add ）
-s： Specify the... Used by the user after login shell Interpreter , Default /bin/bash【 Special receptionist 】, If you don't want it logged in , Can be set to /sbin/nologin
-d： Specifies the starting directory when the user logs in （ Home directory location ）
-n： Cancel the creation of a group named by user name （ understand ）
Sample code ： Create user zhangsan, No options . But the system will automatically create a group with the same name as the user .
Verify success ：
① Use tail The file to view /etc/passwd file , As shown in the figure below ：
② Verify that there is a home directory （ stay Centos After creating a user, a directory with the same name will be created ）
③ id command User name operation
useradd user name
useradd -g Specify the group you belong to
useradd -G Specify additional groups
useradd -s shell Parser path (/bin/bash Login system ,/sbin/nologin You are not allowed to log in to the system )
② know /etc/passwd file
Use vim Command to open /etc/passwd file , As shown in the figure below ：
root : x : 0 : 0 : root : /root : /bin/bash
user name : password : user ID : User group ID : notes : Home directory : Interpreter shell
user name ： Create a new user name , Later login needs to input
password ： This password location is generally "x", Represents the space occupied by the password , The real password is stored in /etc/shadow
user ID： ID of the user ;【-u】
User group ID： The primary group the user belongs to ID;【-g】
notes ： Explain what the user is doing ;【-c】
Home directory ： The default location after the user logs in to the system ;【-d】
Interpreter shell： Wait for the user to enter the system , After the user enters the command , The interpreter will collect the user input
Make , Pass it to the kernel for processing ;【 If the interpreter is /bin/bash Indicates that the user can log in to the system ,/sbin/nologin
Indicates that the user cannot log in to the system 】【-s】
Be careful ： When you don't add options , perform useradd Then a series of operations are performed
① Create a home directory with the same name
② Create a user group with the same name
Case study ： Add options , Create user lisi, Give Way lisi Belong to 501 The main group , Additional group 500, Choose your own number 666, And it requires that you can't log in to the system , The note is "user lisi"
Be careful ： To view the user's main group, you can view passwd file , But to see additional group information, you need to look at group file
cndws The meaning of line ： stay cndws In the group （ Group id yes 500） There is a group user lisi（lisi Additional groups of
Namely 500, The name of the additional group is cndws）.
If you need to specify more than one additional group for a user , You only need to set the id By English comma “,” Split it up .
for example -G 500,501,502
① The main group can only have 1 individual （ It's similar to having only one parent ）, Additional groups can be multiple , There can also be no additional groups （ class
It's like recognizing Godfather and godmother , There can be or not , There can be more than one ）
② Master group must have
③ Later in the course, the document group refers to the main group （ understand ）
③ Modify the user
command ：usermod(user modify)
grammar ：# usermod [ Options The value of the option ] … user name
Options ：-g： Represents the user main group of the specified user , The value of the option can be user group ID, It can also be a group name
-G： Represents the user attachment group for the specified user , The value of the option can be user group ID, It can also be a group name
-u：uid, User id（ User's identifier ）, The system will default from 500 After that, it is distributed in order uid, If you do not want to use system assigned , You can customize 【 Similar to Tencent QQ The situation of the optional number of 】
-l：login name abbreviation , Lowercase L, Change user name
-c< remarks >： Modify the comment text of user account
-d< Log in to the directory >： Modify the directory when the user logs in
-s<shell>： Modify the shell
Sample code ： modify zhangsan The main group of users is 500, The additional group is changed to 501
Sample code ： modify zhangsan The user is called wangwu
usermod user name Subordinate to the group Additional group shell Parser
usermod -l user name
usermod -g Subordinate to the group
usermod -G Additional group
usermod -s Shell Parser ,/bin/bash or /sbin/nologin
④ Change user password
Linux Users without passwords are not allowed to log in to the system , Therefore, the users created above are currently locked , You need to set a password before you can log on to your computer .
grammar ：# passwd user name 【 If you don't specify a user name, change your password 】
Sample code ： Set up wangwu The user password of
notes ： There is no input prompt when setting the password , Don't worry about typing , Make sure the two passwords are the same , Just press enter .
You can also use weak passwords ( Such as 123456), But not recommended , Otherwise, you will see the following prompt ：
⑤ know /etc/shadow file （ understand ）
Files related to user passwords ：/etc/shadow
After setting the password for the user , Will be automatically /etc/shadow In the document , Use vim Editor open ：
From the above screenshot ,lisi There is no password set .
⑥ Switching users
After setting the user password, you can use this account to log in to the system , If the system is logged in , You can use su Command to switch users .
grammar ：# su [-] account number
What to pay attention to when switching users ：
a. from root No password is needed to switch to normal users , But vice versa root password ;
b. The working path before and after switching users is the same , Added options [-] Will automatically switch to the user's home ;
c. Ordinary users have no access to root User home directory , But vice versa ;
⑦ Delete user
command ：userdel（userdel：user delete（ User deletion ））
grammar ：# userdel Options user name
Options ：-r： Means to delete users at the same time , Delete its home directory
Be careful ： Already logged in wangwu When the user delete, it will prompt that the deletion failed , But there's no sign in lisi The user can delete normally , At this time, I want to delete wangwu What shall I do? ？
terms of settlement ： Simple and crude ,kill All processes corresponding to the user
Tips ： All commands that operate with the user （ except passwd Outside , You can only change your own password , That is, no user name is specified ） only
Yes root Super administrators have the right to execute .
remarks ： You can also log in to the user you want to delete , Press the shortcut key “ctrl+d” Log off the current user , Then back to the previous user （root） At this time, you can delete the user to be deleted .
Delete the account => Delete home => Delete group （ The main group ）
3、 ... and 、 Network settings
1、 Network card configuration file location
If we want to be right Linux Network settings , First, we need to find the location of the network card configuration file ：
Name the configuration file format of the network card in the directory ：ifcfg- The network card name
eth0 Represents the first network card in the computer
eth1 Represents the second network card in the computer
2、 Configuration file details
ifcfg-eth0 It's the first network card in our computer , notes ： Some servers may have multiple network cards at the same time
Use cat command , see ifcfg-eth0
Argument parsing ：
Device： Equipment name
Type： Network type , Ethernet
UUID： Universal unique identifier
ONBOOT： Start up or not , The default is no, Recommended setting is yes
BOOTPROTO：（protocol, agreement ）IP Address assignment ,dhcp Represents a dynamic host allocation protocol （ Automatic access to ）,static（ Manual settings ）
HWADDR：（hardware address） Hardware address ,MAC Address , In hexadecimal form
3、 Check the status of the network card
grammar ：# service network status
4、 start-up / restart / Stop the network card
grammar ：# service network start|restart|stop
Parameters ：start start-up ,restart restart ,stop stop it
Be careful ： There may not be service Command to quickly operate the service , But there's a common catalog ：/etc/init.d, There are many service shortcuts in this directory （service The command wants to be able to operate the service quickly , You have to make sure that the service is in init.d in ）.
You can also use the command of network card here ：
# /etc/init.d/network start|restart|stop
Expand 1： If you modify the configuration file of the network card , But the directory hierarchy of configuration files is deep , At this point, you can create a shortcut in a shallow Directory （ Soft link ）, It's convenient to find out later .
command ：# ln -s The path to the original file Path to shortcut 【link】
Sample code ： Need to put ifcfg-eth0 The file in root Create a shortcut to your home directory
among , File type location l Indicates that its type is link（ Connection type ）, hinder -> It points to the original file path .
Expand 2： How to restart a single network card ？
Stop a network card ：# ifdown adapter name
Turn on a network card ：# ifup adapter name
Sample code ： Start and stop （ restart ）eth0 network card
Be careful ： In the actual work, do not arbitrarily ban the network card , There are risks ！
ifconfig obtain IP Address , open Windows Medium DOS window ：Windows key + R, Input cmd, Get into DOS window
Four 、sshd service
1、 What is? ssh
ssh（secure shell, Secure Shell Protocol ）, The agreement has 2 A common function ： Remote connection 、 Remote file transfer .
Protocol uses port number ： The default is 22.
Port specification ：0-65535 +65535 +1 +10086
2、sshd_config The configuration file
The port number can be modified , If modification is needed , It needs to be modified ssh The configuration file for the service ：
change Port port ：
Port number can be modified , But pay attention to 2 One thing ：
a. Pay attention to the scope , The port range is from 0-65535;
b. You can't use the port that other services have occupied （ Common can't use ：20,21,23,25,80,443,3389,3306,11211 wait ）;
3、 start-up / restart / Out of Service
ssh service name ：sshd（ In the service name d Full name daemon, Daemon ）
ssh Service startup / stop it / restart
#service sshd start/stop/restart
# /etc/init.d/sshd start/stop/restart
sshd The service is started by default , There's no need to start , It can be restarted after modifying its configuration .
For the later remote management and file transfer can be carried out smoothly , It is suggested to close two contents ：
first ：iptables A firewall ,service iptables stop, Temporarily Closed （ Computer restart failed ）
the second ：SELinux
setenforce 0, Temporarily Closed .
getenforce, obtain selinux current state
vim /etc/sysconfig/selinux,SELINUX=enforcing Change it to SELINUX=disabled, Permanent ban
Particular attention ：
In the virtual machine Linux Restart the operating system after it is restarted or shut down , Both of the above settings will fail , It has to be set up again .
4、secureCRT Realize remote connection
Terminal tools mainly help operation and maintenance personnel connect to remote servers , Common terminal tools are ：Xshell、secureCRT（ shareware ）、Putty、Win Built-in tools 、MobaXterm etc. . With secureCRT For example ：
① Get server IP Address , Can pass ifconfig Command to view
② On the client （Win or Mac） Use in ping The instruction tests whether the network can communicate with each other
③ open secureCRT, single click Connect -> Quick Connect
Set up the host Hostname And Username, As shown in the figure below ：
After setting up , single click Connect Connect , As shown in the figure below ：
Pop up the password box , Input root Password , single click Save password Save password , And then click OK
After successful connection , The effect is shown below ：
5、FileZilla Realize file transfer
We can use it in addition sshd Besides the remote management of services , You can also use sshd Services to achieve file upload and download .
Visual interface transfer tool ：Filezilla（ client ）
open FileZilla, The effect is shown below ：
① choice " file " => " Site manager ", single click " New site ", Input host 、 port 、 User name and password ：
② Click Connect , After the connection is successful, as shown in the figure below ：
③ Upload ： Find the file to upload in the local resource , Such as FTP/readme.txt, Right mouse button , Choose upload
④ download ： Find the file to download in the remote resource , Such as /root/install.log, Right mouse button , Select Download
6、scp Command to achieve file transfer （ a key ）
a. scp Options user name @linux The host address : Resource path Linux Local address （ Download to Linux）
① Download the file
② Download folder , Add options -r
b. scp Options Resource path user name @linux The host address : Remote path （ Upload to Linux）
① Upload files
② Upload folder
The above command is often used in Linux The server and Linux File transfer between servers , If you want to Window And Linux The server transfers files , You can also use pscp command , Syntax and scp Agreement , No extension here .