iProbe/Docs
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
Docs/工作-盒子/系统用户统一规范.html
iProbe ba848e218d first commit
2022-10-18 16:59:37 +08:00

165 lines
No EOL
5.3 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="tool" content="leanote-desktop-app">
<title>系统用户统一规范</title>
<style>
*{font-family:"lucida grande","lucida sans unicode",lucida,helvetica,"Hiragino Sans GB","Microsoft YaHei","WenQuanYi Micro Hei",sans-serif;}
body {
margin: 0;
}
/*公用文字样式*/
h1{font-size:30px}h2{font-size:24px}h3{font-size:18px}h4{font-size:14px}
.note-container{
width:850px;
margin:auto;
padding: 10px 20px;
box-shadow: 1px 1px 10px #eee;
}
#title {
margin: 0;
}
table {
margin-bottom: 16px;
border-collapse: collapse;
}
table th, table td {
padding: 6px 13px;
border: 1px solid #ddd;
}
table th {
font-weight: bold;
}
table tr {
background-color: none;
border-top: 1px solid #ccc;
}
table tr:nth-child(2n) {
background-color: rgb(247, 247, 249);
}
.mce-item-table, .mce-item-table td, .mce-item-table th, .mce-item-table caption {
border: 1px solid #ddd;
border-collapse: collapse;
padding: 6px 13px;
}
blockquote {
border-left-width:10px;
background-color:rgba(128,128,128,0.05);
border-top-right-radius:5px;
border-bottom-right-radius:5px;
padding:15px 20px;
border-left:5px solid rgba(128,128,128,0.075);
}
blockquote p {
margin-bottom:1.1em;
font-size:1em;
line-height:1.45
}
blockquote ul:last-child,blockquote ol:last-child {
margin-bottom:0
}
pre {
padding: 18px;
background-color: #f7f7f9;
border: 1px solid #e1e1e8;
border-radius: 3px;
display: block;
}
code {
padding: 2px 4px;
font-size: 90%;
color: #c7254e;
white-space: nowrap;
background-color: #f9f2f4;
border-radius: 4px;
}
.footnote {
vertical-align: top;
position: relative;
top: -0.5em;
font-size: .8em;
}
hr {
margin:2em 0
}
img {
max-width:100%
}
pre {
word-break:break-word
}
p,pre,pre.prettyprint,blockquote {
margin:0 0 1.1em
}
hr {
margin:2em 0
}
img {
max-width:100%
}
.sequence-diagram,.flow-chart {
text-align:center;
margin-bottom:1.1em
}
.sequence-diagram text,.flow-chart text {
font-size:15px !important;
font-family:"Source Sans Pro",sans-serif !important
}
.sequence-diagram [fill="#ffffff"],.flow-chart [fill="#ffffff"] {
fill:#f6f6f6
}
.sequence-diagram [stroke="#000000"],.flow-chart [stroke="#000000"] {
stroke:#3f3f3f
}
.sequence-diagram text[stroke="#000000"],.flow-chart text[stroke="#000000"] {
stroke:none
}
.sequence-diagram [fill="#000"],.flow-chart [fill="#000"],.sequence-diagram [fill="#000000"],.flow-chart [fill="#000000"],.sequence-diagram [fill="black"],.flow-chart [fill="black"] {
fill:#3f3f3f
}
ul,ol {
margin-bottom:1.1em
}
ul ul,ol ul,ul ol,ol ol {
margin-bottom:1.1em
}
kbd {
padding:.1em .6em;
border:1px solid rgba(63,63,63,0.25);
-webkit-box-shadow:0 1px 0 rgba(63,63,63,0.25);
box-shadow:0 1px 0 rgba(63,63,63,0.25);
font-size:.7em;
font-family:sans-serif;
background-color:#fff;
color:#333;
border-radius:3px;
display:inline-block;
margin:0 .1em;
white-space:nowrap
}
.toc ul {
list-style-type:none;
margin-bottom:15px
}
</style>
<!-- 该css供自定义样式 -->
<link href="../leanote-html.css" rel="stylesheet">
</head>
<body>
<div class="note-container">
<h1 class="title" id="leanote-title">系统用户统一规范</h1>
<div class="content-html" id="leanote-content"><div>更改应用用户的所属组</div><div>创建一个本地用户组</div><div>groupadd -g 150 appgroup</div><div>取出fspfappl用户中的所有用户</div><div>awk -F: '{print $1,$4}' /etc/passwd | grep '1500' | awk '{print $1}' &gt;changroup</div><div>把fspfappl内的所有用户添加到本地用户appgroup中</div><div>for line in `cat changroup`;do usermod -a -G appgroup $line;done</div><div><br></div><div><br></div><div><br></div><div><br></div><div>更改opmm用户的权限</div><div>添加到ssh允许列表</div><div>if grep -q '^AllowGroups' /etc/ssh/sshd_config;then sed -i '/^AllowGroups/ s/$/ opmm/' /etc/ssh/sshd_config;else echo&nbsp;'AllowGroups&nbsp;sops&nbsp;ops&nbsp;code&nbsp;emergency&nbsp;opmm'&nbsp;&gt;&gt;&nbsp;/etc/ssh/sshd_config;fi</div><div><br></div><div>重启ssh</div><div>service sshd restart</div><div><br></div><div>更改组名ops为opmm</div><div>if grep -q ops /etc/group;then groupmod -n opmm ops ;else groupadd -g 1101 opmm;fi</div><div><br></div><div>从wheel组中删除opmm用户</div><div>sed -i '/^wheel/ s/opmm,//' /etc/group</div><div><br></div><div>取出fspfappl用户中的所有用户</div><div>egrep '\b1500\b' /etc/passwd |cut -d: -f1</div><div>###awk -F: '{print $1,$4}' /etc/passwd | grep '1500' | awk '{print $1}'</div><div><br></div><div>为opmm添加能切换到fspfappl组用户的权限</div><div>sed -i '/^root/a opmm\tALL=(ALL)\tNOPASSWD: ' /etc/sudoers</div><div>cat /root/changroup | while read line;do sed -i "/^opmm/ s/$/\/bin\/su - $line, /" /etc/sudoers;done</div><div>###for line in `cat /root/changroup` ;do sed -i "/^opmm/ s/$/\/bin\/su - $line, /" /etc/sudoers;done</div><div>sed -i '/^opmm/ s/, $//' /etc/sudoers</div><div><br></div><div>为opmm添加执行一些root才能执行的命令的权限</div><div>sed -i '/^## Processes$/a Cmnd_Alias PROCESSES = \/sbin\/lvs, \/sbin\/lvdisplay, \/sbin\/pvcreate,\/sbin\/pvs,\/sbin\/pvdisplay' /etc/sudoers</div><div>sed -i '/^opmm/a %opmm\tALL=NOPASSWD: PROCESSES' /etc/sudoers</div></div>
</div>
<!-- 该js供其它处理 -->
<script src="../leanote-html.js"></script>
</body>
</html>
Reference in a new issue View git blame Copy permalink