< ์ฌ์ฉ์ ๊ณ์ ๊ด๋ จ ํ์ผ >

/etc/default/useradd : useradd ๋ช
๋ น์ด์ ๊ธฐ๋ณธ๊ฐ
/etc/passwd : ์ฌ์ฉ์ ๊ณ์ ์ ๋ณด ๋ฌธ์ ํ์ผ
/etc/shadow : ์ฌ์ฉ์ pw ์ ๋ณด ๋ฌธ์ํ์ผ
/etc/group : ์ฌ์ฉ์ ๊ทธ๋ฃน ์ ๋ณด ๋ฌธ์ ํ์ผ
/etc/skel : ๊ณ์ ์์ฑ์ ๊ตฌ์ฑ๋๋ ํ์ผ๋๋ ํ ๋ฆฌ๋ค์ ์ ์ฅ์ --> ๋ผ๋
/home/์ฌ์ฉ์ : ์ฌ์ฉ์ ํ๋๋ ํ ๋ฆฌ
/var/spool/mail/์ฌ์ฉ์ : ์ฌ์ฉ์ ๋ฉ์ผํจ
cat /etc/login.defs
์ค์ ๋ด์ฉ ใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
ก
PASS_MAX_DAYS 99999 # ๊ฑฐ์ ๋ฌดํ๋
PASS_MIN_DAYS 0 # ์ต์ ๋ ์ง (pw๋ฅผ ๋ฐ๊พผ ์์ ์์๋ถํฐ ํด๋น ์ซ์๋งํผ์ ๋ ์ง ๋์๋ง ์ฌ์ฉ๊ฐ๋ฅ)
PASS_MIN_LEN 5 # ์ต์ ๊ธธ์ด
PASS_WARN_AGE 7 # ๋ชฐ๋ผ๋๋จ.(pw๋ง๋ฃ์ผ 7์ผ ์ ์ ๊ฒฝ๊ณ ๋ฅผ ๋์์ค)
UID_MIN 1000 # ์ฌ์ฉ์ ๊ณ์ ์ฒซ ๋ถ์ฌ ๋ฒํธ
UID_MAX 60000 # ์ฌ์ฉ์ ๊ณ์ ๋ง์ง๋ง ๋ถ์ฌ ๋ฒํธ
SYS_UID_MIN 201 # ์์คํ
์ ํ ๋น๋ ๋ถ์ฌ ๋ฒํธ
SYS_UID_MAX 999 # ''
GID_MIN 1000 # ๊ทธ๋ฃน ๊ณ์ ์ฒซ ๋ถ์ฌ ๋ฒํธ
GID_MAX 60000 # ๊ทธ๋ฃน ๊ณ์ ๋ง์ง๋ง ๋ถ์ฌ ๋ฒํธ
SYS_GID_MIN 201 # ์์คํ
๊ทธ๋ฃน์ ํ ๋น๋ ๋ถ์ฌ ๋ฒํธ
SYS_GID_MAX 999 # ''
#USERDEL_CMD /usr/sbin/userdel_local --> userdel ๋ช
๋ น์ด ์ ๋ณด ์์น
CREATE_HOME yes --> user๋ฅผ ๋ง๋ค๋ home ๋๋ ํ ๋ฆฌ๋ฅผ ์๋์ผ๋ก ๋ง๋ค๊ฒ์ธ์ง
UMASK 077 --> ๊ธฐ๋ณธ ๋ถ์ฌ ๊ถํ
USERGROUPS_ENAB yes --> ์ฌ์ฉ์๋ฅผ ๋ง๋ค๋ ๋ง๋ค์ด์ง๋ ์ฌ์ฉ์๊ฐ ์ํ ๊ทธ๋ฃน๋ ์ฌ์ฉ์๋ฅผ ์ญ์ ์ ๋์์ ์ญ์ ํ ๊ฒ์ธ์ง
ENCRYPT_METHOD SHA512 --> ์ํธํ ๋ฐฉ์
ใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
ก

cat /etc/default/useradd
์ค์ ๋ด์ฉ ใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
ก
# useradd defaults file
GROUP=100
--> ๊ธฐ๋ณธ GID (UID์ ๊ฐ์ด ๋ฒํธ๋ฅผ ์ฌ์ฉํ๋ผ.)
ex) ํ ๊ณ์ ์ UID์ GID๋ชจ๋ 1002์ผ ์ ์์.
HOME=/home
--> ๊ณ์ ์์ฑ์ ๊ณ์ ์ ๋๋ ํ ๋ฆฌ๋ฅผ /home์ผ๋ก ์ค์ .
INACTIVE=-1
--> ํจ์ค์๋ ์ ํจ๊ธฐ๊ฐ์ ๋นํ์ฑํ.(์ ํจ๊ธฐ๊ฐ์ด ์๋ค. --> ํ๋ฒ ์ค์ ํ ๊ณ์ ์ฌ์ฉ.)
EXPIRE=
--> ํจ์ค์๋ ๋ง๋ฃ๊ธฐ๊ฐ ๋นํ์ฑ
SHELL=/bin/bash
--> ๊ณ์ ๊ธฐ๋ณธ shell(๋ช
๋ น์ด ํด์๊ธฐ), bash shell
SKEL=/etc/skel
--> ๊ณ์ ๊ธฐ๋ณธ skel(๋ผ๋) ์ /etc/skel ๋ก ์ค์ .
CREATE_MAIL_SPOOL=yes
--> ์ฌ์ฉ์๋ง๋ค ๊ฐ์ธ ๋ฉ์ผ ํ์ผ์ ๊ฐ์ง์ง
ใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
ก

cat /etc/passwd
์ค์ ๋ด์ฉ ใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
ก
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
. . .
. . .
tcpdump:x:72:72::/:/sbin/nologin
--> tcpdump : ํ์ฌ ํ๋ฅด๊ณ ์๋ ๋คํธ์ํฌ ํจํท ์บก์ณ ๋ฐ๋ชฌ. wireshark์ ๋น์ท.
--> tcpdump [ip ์ฃผ์] [TCP]
test:x:1000:1000::/home/test:/bin/bash
test2:x:1001:1003::/home/test2:/bin/bash
์ฌ์ฉ์๋ช
: ๋น๋ฒ(์๋ณด์) : uid : gid : ๋ณ๋ช
(์ฃผ์) : homedir : shell
ใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
ก

cat /etc/shadow
์ค์ ๋ด์ฉ ใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
ก
. . .
test : $6$ittGTz3y$xXk1FqJCPB.nOdSUGu/ : 19001 : 0 : 99999 : 7 : : :
. . .
ใ กใ กใ กใ กใ กใ กใ กใ กใ กใ ก
๊ณ์ ๋ช
: sha512๋ก ์ํธํํ passwd : ํจ์ค์๋ ๋ณ๊ฒฝ์ผ : ์ต์ํจ์ค์๋ ๋ณ๊ฒฝ๊ฐ๋ฅ์ผ : ํจ์ค์๋ ์ต๋์ผ์ : ํจ์ค์๋ ๊ฒฝ๊ณ ์ผ์ : ํจ์ค์๋ ๋ง๋ฃ ํ ๋นํ์ฑํ ์ผ ์ : ๋ฏผ๋ฃ์ผ :
1. ๊ณ์ ๋ช
--> test
2. sha512๋ก ์ํธํํ passwd --> $6$ittGTz3y$xXk1FqJCPB.nOdSUGu/
3. ํจ์ค์๋ ๋ณ๊ฒฝ์ผ --> 19001
4. ์ต์ํจ์ค์๋ ๋ณ๊ฒฝ ๊ฐ๋ฅ์ผ --> 0
5. ํจ์ค์๋ ์ต๋์ผ ์ --> 99999
6. ํจ์ค์๋ ๊ฒฝ๊ณ ์ผ ์ --> 7
7. ํจ์ค์๋ ๋ง๋ฃ ํ ๋นํ์ฑํ ์ผ ์ --> x
8. ๋ง๋ฃ์ผ --> x
ใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
ก

cat /etc/group
๋ด์ฉ ใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
ก
test:x:1000:
testusers:x:1001:
group1:x:1002:
test2:x:1003:

ใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
ก
**
cd /etc/skel ์ 3๊ฐ์ ํ์ผ๋ค.
cd /home/test ์ ์๋ 3๊ฐ์ .bash* ํ์ผ๋ค์ ๊ณ์ ์์ฑ์ /etc/skel ์์ ๋ณต์ฌํ์ฌ ๊ฐ์ ธ์จ๋ค.
ใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
ก
< shell ์ข
๋ฅ >
(1) /bin/sh : ๋ณต๊ตฌ์ฉ ์
(2) /bin/ksh : UNIX ๊ธฐ๋ณธ์ -> ํ์ดํ ๋ฐฉํฅํค ์ธ์ no(ํค๋ณด๋๋ก ํด์ผํจ.)
(3) /bin/bash : Linux ์ ์ฉ ์
(4) /bin/dash : Debian ๊ณ์ด ์ ์ฉ ์
(5) /bin/csh : C ์ธ์ด ํ๋ก๊ทธ๋จ ์ ์ฉ ์
ใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
กใ
ก
< ๊ถํ ์ค์ >
[UID] [GID] [Other]
r w x r w x r w x
umask 4 2 1 4 2 1 4 2 1 : 777
R ead : ์ฝ๊ธฐ --> cat, vi(์ฝ๊ธฐ), ls
W rite : ์ฐ๊ธฐ --> vi ๋ฌธ์ ์์ , ์ ์ฅ, ํ์ผ ์์ฑ ์ญ์ ์ด๋ฆ ๋ณ๊ฒฝ
e X ute : ์คํ --> ์คํฌ๋ฆฝํธ, ๋ฐ๋ชฌ, crontab
-rw-r--r-- 1 root root 193 Apr 1 2020 .bash_profile
rw- r-- r-- : 644 ์์ ์๋ ์ฝ๊ธฐ, ์ฐ๊ธฐ / ๊ทธ๋ฃน๊ณผ other์ ์ฝ๊ธฐ
ex)
UMASK 755 rwx r-w r-w test test
--> test ๊ณ์ : ์ฝ๊ธฐ, ์ฐ๊ธฐ, ์คํ ๋ชจ๋ ๊ฐ๋ฅ.
--> test๊ทธ๋ฃน์ ์ํ ์ฌ์ฉ์ : ์ฝ๊ธฐ, ์คํ ๋ง ๊ฐ๋ฅ.
--> other : ์ฝ๊ธฐ, ์คํ ๊ฐ๋ฅ
๋๊ธ