first commit

2022-10-18 16:59:37 +08:00 · 2022-10-18 16:59:37 +08:00 · ba848e218d
commit ba848e218d
1001 changed files with 152333 additions and 0 deletions
--- a/工作-盒子/系统用户统一规范.html
+++ b/工作-盒子/系统用户统一规范.html
@ -0,0 +1,165 @@
+<!DOCTYPE html>
+<html>
+<head>
+<meta charset="utf-8">
+<meta name="tool" content="leanote-desktop-app">
+<title>系统用户统一规范</title>
+<style>
+
+*{font-family:"lucida grande","lucida sans unicode",lucida,helvetica,"Hiragino Sans GB","Microsoft YaHei","WenQuanYi Micro Hei",sans-serif;}
+
+body {
+  margin: 0;
+}
+
+/*公用文字样式*/
+h1{font-size:30px}h2{font-size:24px}h3{font-size:18px}h4{font-size:14px}
+.note-container{
+    width:850px; 
+    margin:auto;
+    padding: 10px 20px;
+    box-shadow: 1px 1px 10px #eee;
+}
+#title {
+  margin: 0;
+}
+table {
+    margin-bottom: 16px;
+    border-collapse: collapse;
+}
+table th, table td {
+    padding: 6px 13px;
+    border: 1px solid #ddd;
+}
+table th {
+    font-weight: bold;
+}
+
+table tr {
+    background-color: none;
+    border-top: 1px solid #ccc;
+}
+table tr:nth-child(2n) {
+    background-color: rgb(247, 247, 249);
+}
+.mce-item-table, .mce-item-table td, .mce-item-table th, .mce-item-table caption {
+  border: 1px solid #ddd;
+  border-collapse: collapse;
+  padding: 6px 13px;
+}
+blockquote {
+  border-left-width:10px;
+  background-color:rgba(128,128,128,0.05);
+  border-top-right-radius:5px;
+  border-bottom-right-radius:5px;
+  padding:15px 20px;
+  border-left:5px solid rgba(128,128,128,0.075);
+}
+blockquote p {
+  margin-bottom:1.1em;
+  font-size:1em;
+  line-height:1.45
+}
+blockquote ul:last-child,blockquote ol:last-child {
+  margin-bottom:0
+}
+pre {
+  padding: 18px;
+  background-color: #f7f7f9;
+  border: 1px solid #e1e1e8;
+  border-radius: 3px;
+  display: block;
+}
+code {
+  padding: 2px 4px;
+  font-size: 90%;
+  color: #c7254e;
+  white-space: nowrap;
+  background-color: #f9f2f4;
+  border-radius: 4px;
+}
+.footnote {
+  vertical-align: top;
+  position: relative;
+  top: -0.5em;
+  font-size: .8em;
+}
+
+hr {
+  margin:2em 0
+}
+img {
+  max-width:100%
+}
+pre {
+  word-break:break-word
+}
+p,pre,pre.prettyprint,blockquote {
+  margin:0 0 1.1em
+}
+hr {
+  margin:2em 0
+}
+img {
+  max-width:100%
+}
+.sequence-diagram,.flow-chart {
+  text-align:center;
+  margin-bottom:1.1em
+}
+.sequence-diagram text,.flow-chart text {
+  font-size:15px !important;
+  font-family:"Source Sans Pro",sans-serif !important
+}
+.sequence-diagram [fill="#ffffff"],.flow-chart [fill="#ffffff"] {
+  fill:#f6f6f6
+}
+.sequence-diagram [stroke="#000000"],.flow-chart [stroke="#000000"] {
+  stroke:#3f3f3f
+}
+.sequence-diagram text[stroke="#000000"],.flow-chart text[stroke="#000000"] {
+  stroke:none
+}
+.sequence-diagram [fill="#000"],.flow-chart [fill="#000"],.sequence-diagram [fill="#000000"],.flow-chart [fill="#000000"],.sequence-diagram [fill="black"],.flow-chart [fill="black"] {
+  fill:#3f3f3f
+}
+ul,ol {
+  margin-bottom:1.1em
+}
+ul ul,ol ul,ul ol,ol ol {
+  margin-bottom:1.1em
+}
+kbd {
+  padding:.1em .6em;
+  border:1px solid rgba(63,63,63,0.25);
+  -webkit-box-shadow:0 1px 0 rgba(63,63,63,0.25);
+  box-shadow:0 1px 0 rgba(63,63,63,0.25);
+  font-size:.7em;
+  font-family:sans-serif;
+  background-color:#fff;
+  color:#333;
+  border-radius:3px;
+  display:inline-block;
+  margin:0 .1em;
+  white-space:nowrap
+}
+.toc ul {
+  list-style-type:none;
+  margin-bottom:15px
+}
+</style>
+<!-- 该css供自定义样式 -->
+<link href="../leanote-html.css" rel="stylesheet">
+</head>
+
+<body>
+
+	<div class="note-container">
+		<h1 class="title" id="leanote-title">系统用户统一规范</h1>
+		<div class="content-html" id="leanote-content"><div>更改应用用户的所属组</div><div>创建一个本地用户组</div><div>groupadd -g 150 appgroup</div><div>取出fspfappl用户中的所有用户</div><div>awk -F: '{print $1,$4}' /etc/passwd | grep '1500' | awk '{print $1}' &gt;changroup</div><div>把fspfappl内的所有用户添加到本地用户appgroup中</div><div>for line in `cat changroup`;do usermod -a -G appgroup $line;done</div><div><br></div><div><br></div><div><br></div><div><br></div><div>更改opmm用户的权限</div><div>添加到ssh允许列表</div><div>if grep -q '^AllowGroups' /etc/ssh/sshd_config;then sed -i '/^AllowGroups/ s/$/ opmm/' /etc/ssh/sshd_config;else echo&nbsp;'AllowGroups&nbsp;sops&nbsp;ops&nbsp;code&nbsp;emergency&nbsp;opmm'&nbsp;&gt;&gt;&nbsp;/etc/ssh/sshd_config;fi</div><div><br></div><div>重启ssh</div><div>service sshd restart</div><div><br></div><div>更改组名ops为opmm</div><div>if grep -q ops /etc/group;then groupmod -n opmm ops ;else groupadd -g 1101 opmm;fi</div><div><br></div><div>从wheel组中删除opmm用户</div><div>sed -i '/^wheel/ s/opmm,//' /etc/group</div><div><br></div><div>取出fspfappl用户中的所有用户</div><div>egrep '\b1500\b' /etc/passwd |cut -d: -f1</div><div>###awk -F: '{print $1,$4}' /etc/passwd | grep '1500' | awk '{print $1}'</div><div><br></div><div>为opmm添加能切换到fspfappl组用户的权限</div><div>sed -i '/^root/a opmm\tALL=(ALL)\tNOPASSWD: ' /etc/sudoers</div><div>cat /root/changroup | while read line;do sed -i "/^opmm/ s/$/\/bin\/su - $line, /" /etc/sudoers;done</div><div>###for line in `cat /root/changroup` ;do sed -i "/^opmm/ s/$/\/bin\/su - $line, /" /etc/sudoers;done</div><div>sed -i '/^opmm/ s/, $//' /etc/sudoers</div><div><br></div><div>为opmm添加执行一些root才能执行的命令的权限</div><div>sed -i '/^## Processes$/a Cmnd_Alias PROCESSES = \/sbin\/lvs, \/sbin\/lvdisplay, \/sbin\/pvcreate,\/sbin\/pvs,\/sbin\/pvdisplay' /etc/sudoers</div><div>sed -i '/^opmm/a %opmm\tALL=NOPASSWD: PROCESSES' /etc/sudoers</div></div>
+	</div>
+
+<!-- 该js供其它处理 -->
+<script src="../leanote-html.js"></script>
+</body>
+</html>