Monday, 4 February 2019

Linux user group, permission

# linxu && command:
a && b
$ false || echo "Oops, fail"
Oops, fail

$ true || echo "Will not be printed"
$  

$ true && echo "Things went well"
Things went well

$ false && echo "Will not be printed"
$

$ false ; echo "This will always run"
This will always run

#linx next line within same command \

# linux git clone if not existed, else update
if cd repo; then git pull; else git clone https://server/repo repo; fi

# source .bashrc will give latest bash command such as ll, and so on.
# without .profile, need to source .bashrc every time after login, set up .profile

#linux user without user@user displayed
chsh
then change to /bin/bash


# linux user created without home folder:

mkhomedir_helper username
# Examine current machine IP && IPs that other process has taken
ip addr

# Get current workign dir:
pwd

# SSH notes: recall ssh is generated by (it must be created by the user you wanted to ssh in to the other remote. i.e my_user_name)
$ ssh-keygen -t rsa -b 2048
Generating public/private rsa key pair.
Enter file in which to save the key (/home/username/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/username/.ssh/id_rsa.
Your public key has been saved in /home/username/.ssh/id_rsa.pub.
#copy to remote server can be done: (ssh-copy-id user@hostname.example.com)
ssh-copy-id id@server
This copies the public key in the current server to the remote server

SSH to git:
$ in git add a deploy key(set whether can ssh using pull or push or both)
copy the public key (everything) in /home/username/.ssh/id_rsa.pub 
in deploy key content
$ now can try git clone ssh://git....



# best pratice is to avoid using root user as possible, we can give sudo permission group to a user to let the user to execute stuff as root using sudo

# execute sudo without entering password
sudo visudo
opened by nano, added NOPASSWD:ALL(only good for dev server for making things fast)

# Allow members of group sudo to execute any command       for nano ^ means ctrl , so ctrl + X is to quit                                                
%sudo   ALL=(ALL:ALL) NOPASSWD:ALL                                                                        


# create a user  with home folder(-m) and shared bin/bash (-s/bin/bash)
useradd -m -s/bin/bash user_name_you_want

# change to a user
sudo su user_name

# set user password
passwd user

# append a group to user
usermod -aG group_you_want user_name_you_want

# check for a user current groups(sudo, docker, docker has its own group, once assigned, no need to sudo docker anymore)
id user_name_you_want

# list all user groups
cut -d: -f1 /etc/group | sort
# list all local users #jenkins will create a user called jenkins. when generating ssh private/public keys for jenkins, need to use jenkins user
cut -d: -f1 /etc/passwd

No comments:

Post a comment