AX_DAYS 30
3.新创建wangwu用户,并查看密码有效期为30天。
[root@localhost ~]# useradd wangwu && echo "000000" | passwd --stdin wangwu
Changing password for user wangwu.
passwd: all authentication tokens updated successfully.
[root@localhost ~]# cat /etc/shadow | grep wangwu
wangwu:$6$qTt8ruAd$PbgMJlgjO6.Bp4YpQwN60oTyZyPloMxTjOUBJ0aYEBAjzg/opw4Ci6LZG5/RtBJW/YJ7QbJaMUEFbkLl9XTG8/:18136:0:30:7:::
4.更改已存在的用户lisi密码有效期为30天。
[root@localhost ~]# chage -M 30 lisi
[root@localhost ~]# cat /etc/shadow | grep lisi
lisi:$6$VLsvfMkO$aNnVeB1wWspXnD.4QErik1iLRw80jI7qqosbn9RgtGA9di5QFYh5ZWe3sUtLyshADukCH9vdZ55DZghDu4c.K.:18136:0:30:7:::
5.强制zhangsan用户下次登录必须修改密码。
[root@localhost ~]# chage -d 0 zhangsan
[root@localhost ~]# cat /etc/shadow | grep zhangsan
zhangsan:$6$MWTXL8Jt$rEFwO.UoAmoKmxczVgiJtOWCHtdYwRbW1G.drbEFrWuKYCAvfEByRN7eohVxonsVZCtqJ.oV3c1sLaVGUVIk9.:0:0:99999:7:::
6.使用zhangsan用户登录发现必须要修改密码,注意密码复杂性要求,示例密码:asdf1928。
login as: zhangsan
zhangsan@192.168.128.133's password:
You are required to change your password immediately (root enforced)
WARNING: Your password has expired.
You must change your password now and login again!
Changing password for user zhangsan.
Changing password for zhangsan.
(current) UNIX password:
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
history 命令历史
命令历史记录在带来便利的同时,也存在着潜在的风险,比如曾经输入的明文密码等。
- 对所有用户生效,修改系统环境变量,可修改能查看最近历史记录的条数。
# vi /etc/profile
HISTSIZE=1000
~/.bash_logout在用户注销时会自动执行,可实现自动清除命令记录,下次登录将无法查看以前的命令记录。
# vi ~/.bash_logout
history -c
clear
Demo:
1.查看命令历史记录。
[root@localhost ~]# history
1 grep "/bin/bash$" /etc/passwd
2 useradd zhangsan && echo "000000" | passwd --stdin zhangsan
3 grep "/bin/bash$" /etc/passwd
4 lsattr /etc/passwd /etc/shadow
5 chattr +i /etc/passwd /etc/shadow
6 lsattr /etc/passwd /etc/shadow
7 useradd lisi && echo "000000" | passwd --stdin lisi
8 grep "/bin/bash$" /etc/passwd
9 lsattr /etc/passwd /etc/shadow
10 chattr -i /etc/passwd /etc/shadow
11 lsattr /etc/passwd /etc/shadow
12 useradd lisi && echo "000000" | passwd --stdin lisi
13 grep "/bin/bash$" /etc/passwd
14 cat /etc/shadow
15 yum install vim -y
16 vim /etc/login.defs
17 useradd wangwu && echo "000000" | passwd --stdin wangwu
18 cat /etc/shadow | grep wangwu
19 chage -M 30 lisi
20 cat /etc/shadow | grep lisi
21 chage -d 0 zhangsan
22 cat /etc/shadow | grep zhangsan
23 history
2.修改配置文件记录的历史为20条,并立即生效。
[root@localhost ~]# vim /etc/profile
#HISTSIZE=1000
HISTSIZE=20
[root@localhost ~]# source /etc/profile
3.再次查看命令历史记录。
[root@localhost ~]# history
6 useradd lisi && echo "000000" | passwd --stdin lisi
7 grep "/bin/bash$" /etc/passwd
8 lsattr /etc/passwd /etc/shadow
9 chattr -i /etc/passwd /etc/shadow
10 lsattr /etc/passwd /etc/shadow
11 useradd lisi && echo "000000" | passwd --stdin lisi
12 grep "/bin/bash$" /etc/passwd
13 cat /etc/shadow
14 yum install vim -y
15 vim /etc/login.defs
16 useradd wangwu && echo "000000" | passwd --stdin wangwu
17 cat /etc/shadow | grep wangwu
18 chage -M 30 lisi
19 cat /etc/shadow | grep lisi
20 chage -d 0 zhangsan
21 cat /etc/shadow | grep zhangsan
22 history
23 vim /etc/p