작성자: 백승찬
작성일: 2008.04.15(화)
기타 관리용 명령어
■ wc CMD
■ su CMD
■ id CMD
■ groups CMD
■ last CMD
■ who CMD
■ w CMD
■ rusers CMD
wc CMD
_________________
display a count of lines, words and characters in a file
The wc utility reads one or more input files and, by
default, writes the number of newline characters, words and
bytes contained in each input file to the standard output.
(명령어 형식)
# wc /etc/passwd : 라인수, 워드수, 문자수를 확인할수 있다.
# wc -l /etc/passwd : 라인수를 확인 할 수 있다.
# wc -w /etc/passwd : 단어수를 확인 할 수 있다.
# wc -c /etc/paawd : 문자수를 확인 할 수 있다.
[참조] wc -l 명령어 응용예
# cat /etc/passwd | wc -l : 시스템 사용자의 총수를 알수 있다.
# pkginfo | wc -l : 시스템에 설치된 패키지를 수를 알수 있다.
# patchadd -p | wc -l : 시스템에 설치된 패치의 수를 알 수 있다.
# ps -ef | wc -l : 현재 실행 중인 프로세스의 수를 알 수 있다.
(시스템 성능/사용량 카운트 수집) Data Gathering
(첫번째 예) Apache Webserver
- apache 1.3.X (Process 방식)
- apache 2.X (Thread 방식)
Web Client -----------------> Web Server
http://Server httpd
# ps -ef | grep httpd | wc -l > httpd.count
(두번째 예)
# df -k
# df -k / | tail -1 | awk '{print $5}' > df.count
(세번째 예)
# ftpcount | grep realuser | awk '{print $5}' > ftp.count
su CMD
__________________
become super user or another user
The su command allows one to become another user without
logging off or to assume a role. The default user name is
root (superuser).
(명령어 형식)
su [user]
su - [user]
■ End User => root (O) EX) user01 => root
■ End User => End User (O) EX) user01 => user02
■ root => End User (O) EX) root => user01
■ root => root (X)
Becoming User bin While Retaining Your Previously
Exported Environment
To become user bin while retaining your previously exported
environment, execute:
example% su bin
Example 2: Becoming User bin and Changing to bin's Login
Environment
To become user bin but change the environment to what would
be expected if bin had originally logged in, execute:
example% su - bin
[EX] "su bin / su - bin" 명령어 실습
# cd /etc
# pwd
# su user01
(a). shell prompt (# echo $PS1)
(b). current directory (# pwd)
(c). echo $PATH
# id
# exit
(UID값만 바뀐다. 환경은 이전사용자 환경)
# cd /etc
# pwd
# su - user01
(a). shellp prompt (# echo $PS1)
(b). current directory (# pwd)
(c). echo $PATH
$ id
$ exit
(로그인한 사용자의 환경파일 적용)
[참고] 오라클 사용자로 전환(When Oracle User Switching)
(시나리오) root 사용자로 작업을 하다가 oracle 사용자로 전환 해야 하는 경우 다음과 같
이 명령어를 사용하지 않는다면 문제가 발생할 수 있다. 이것은 oracle 사용자의 홈디렉토
리에 존재하는 환경파일(예: ~/.profile)의 변수 설정이 되지 않는다면 oracle 사용자가
정상적으로 작업을 할수 없기 때문이다.
# su oracle
# su - oracle
[EX] 쉘 스크립트에서 많이 사용되는 su 명령어의 예
To execute command with the temporary environment and permissions of user bin
# su - bin -c "command args" (명령어 한줄만 su로 바뀐 권한으로 실행)
id CMD
__________________
return user identity
If no user operand is provided, the id utility writes the
user and group IDs and the corresponding user and group
names of the invoking process to standard output. If the
effective and real IDs do not match, both are written. If
multiple groups are supported by the underlying system,
/usr/xpg4/bin/id also writes the supplementary group affili-
ations of the invoking process.
(명령어 형식)
# id
# id -a
# id user01
[참고] root 사용자의 UID, GID
UID=0(root), GID=1(other)
[참고] UID, GID, EUID, EGID
- UID/GID - who am i
- EUID/EGID - id, whoami
- UID (User Identification) (처음 로그인했을때 UID)
- EUID(Effective UID) (현재 UID) -계속 변함
- GID (Group Identification) (처음 로그인했을때 GID)
- EGID(Effective GID) (현재 GID) - 계속 변함
[EX] UID, GID, EUID, EGID 개념의 이해
# telnet localhost
user01 사용자로 로그인
$ id
uid=100(user01) gid=100(class1)
$ /usr/ucb/whoami
user01
$ who am i
user01 pts/9 Feb 2 01:48 (localhost)
$ su - root
Password: <----- root 사용자 암호 입력
# id
uid=0(root) gid=1(other)
# whoami
root
# who am i
user01 pts/9 Feb 2 01:48 (localhost)
===== HOSTA ===== ===== HOSTB ======
# telnet HOSTB ------------> user01 사용자로 로그인
$ id
$ whoami
$ who am i
$ su - root
# id
# whoami
# who am i
# su - user02
$ id
$ /usr/ucb/whoami
$ who am i
----------------------------
UID EUID
----------------------------
500 500 --> user01 사용자로 로그인 했을때
500 0 --> "su - root" 명령어 수행 후
----------------------------
groups CMD
__________________
print group membership of user
The command groups prints on standard output the groups to
which you or the optionally specified user belong. Each user
belongs to a group specified in /etc/passwd and possibly to
other groups as specified in /etc/group. Note that
/etc/passwd specifies the numerical ID (gid) of the group.
The groups command converts gid to the group name in the
output.
(명령어 형식)
# groups
# groups user01
# groups user01 user02
[참조] /etc/group에 그룹 정의
[EX] groups 명령어 실습
# groups
other root bin sys adm uucp mail tty lp nuucp daemon
# groups user01
staff
# groups user01 root
user01 : staff
root : other root bin sys adm uucp mail tty lp nuucp daemon
last CMD
-------------
display login and logout information about users and terminals
The last command looks in the /var/adm/wtmpx file, which
records all logins and logouts, for information about a
user, a terminal, or any group of users and terminals. Argu-
ments specify names of users or terminals of interest. If
multiple arguments are given, the information applicable to
any of the arguments is printed. For example, last root con-
sole lists all of root's sessions, as well as all sessions
on the console terminal. last displays the sessions of the
specified users and terminals, most recent first, indicating
the times at which the session began, the duration of the
session, and the terminal on which the session took place.
last also indicates whether the session is continuing or was
cut short by a reboot.
The pseudo-user reboot logs in when the system reboots.
Thus, # last reboot
(명령어 형식)
# last
# last user01
# last reboot
+----------+
| |
| User |
| |
+----------+
| |
| reboot |
| |
+----------+
(명령어 출력 화면 해석)
# last user01
.....
user01 pts/11 localhost Sat Jan 12 14:51 - 15:29 (00:38)
----------------------------------------------------
필드 설명
----------------------------------------------------
user01 사용자의 이름
pts/11 제어 터미널(가상 터미널)
localhost 원격 호스트
Sat Jan 12 14:51 로그인 시간
15:29 로그아웃 시간
(00:38) 총 사용한 시간
----------------------------------------------------
# last reboot
......
reboot system boot Thu Jan 10 15:39
----------------------------------------------------
필드 설명
----------------------------------------------------
reboot 가상사용자
system boot 상태정보
Thu Jan 10 15:39 리부팅 시간
----------------------------------------------------
[참고] wtmpx, utmpx 파일
/var/adm/utmpx - who 명령어 참조
/var/adm/wtmpx - last 명령어 참조
[EX] /var/adm/utmpx & /var/adm/wtmpx
# cd /var/adm
# mv wtmpx wtmpx.old
# last
# who
# mv wmtpx.old wtmpx
exit CMD
--------------
End the application
Terminate the process, returning returnCode to the system as
the exit status. If returnCode isn't specified then it
defaults to 0.
(명령어 형식)
# exit [Number]
[참고] exit Number
0 : 정상 종료(Normal Termination)
1 ~ 255 : 비정상 종료(Abnormal Termination)
[EX1] 현재 터미널 종료
# exit
[EX2] 로그 아웃
# telnet 172.16.8.254
root 사용자로 로그인
# hostname
# exit
[EX3] 서브 쉘 종료
# bash
# ps
# exit
who CMD
__________________
who is on the system
The who utility can list the user's name, terminal line,
login time, elapsed time since activity occurred on the
line, and the process-ID of the command interpreter (shell)
for each current UNIX system user. It examines the
/var/adm/utmpx file to obtain its information. If file is
given, that file (which must be in utmpx(4) format) is exam-
ined. Usually, file will be /var/adm/wtmpx, which contains a
history of all the logins since the file was last created.
(명령어 형식)
# who
# who -r (현재 Runlevel 확인)
# whoami (현재 사용자 정보 확인)
# who am i (로그인한 사용자 정보 확인)
# who -H (Headline, 헤드라인 정보 표시)
(명령어 출력 화면 해석)
# who
root pts/4 1월 14 09:57 (192.168.222.1:0.0)
----------------------------------------------------
필드 설명
----------------------------------------------------
root 사용자 정보
pts/4 제어 터미널
1월 14 09:57 로그인 시간
192.168.222.1 원격호스트
----------------------------------------------------
[참고] /var/adm/utmpx
# mv /var/adm/utmpx /var/adm/utmpx.old
# who
# mv /var/adm/utmpx.old /var/adm/utmpx
[EX] 172.16.8.254 로그인 실습
# telnet 172.16.8.254
user01 사용자로 로그인
$
(At solaris254)
# who
whodo / w CMD
__________________
who is doing what
The whodo command produces formatted and dated output from
information in the /var/adm/utmpx and /proc/pid files.
The display is headed by the date, time, and machine name.
For each user logged in, device name, user-ID and login time
is shown, followed by a list of active processes associated
with the user-ID. The list includes the device name,
process-ID, CPU minutes and seconds used, and process name.
(명령어 형식)
# whodo
# whodo user01
# whodo -l (w CMD 명령어 출력 형태로 출력)
# man whodo
.....
-l Produce a long form of output. The fields displayed
are: the user's login name, the name of the tty the
user is on, the time of day the user logged in (in
hours:minutes), the idle time - that is, the time
since the user last typed anything (in hours:minutes),
the CPU time used by all processes and their children
on that terminal (in minutes:seconds), the CPU time
used by the currently active processes (in
minutes:seconds), and the name and arguments of the
current process.
.....
(명령어 출력 화면 해석)
# w
.....
user01 pts/8 7:16오후 -ksh
----------------------------------------------------
필드 설명
----------------------------------------------------
user01 사용자이름
pts/8 제어터미널
7:16오후 명령어 수행시간
-ksh 수행 명령어
----------------------------------------------------
[EX] 악의적인 사용자 로그아웃 시킴
[TERM1] use01 사용자 윈도우
# telnet localhost
user01 사용자로 로그인
$ vi /etc/passwd
[TERM2] 관리자 윈도우
# w
# w user01 (# w | grep user01)
[참고] 사용자 활동 모니터링
# while [ 1 ]
> do
> w user01
> sleep 2
> done
[TERM3] 관리자 윈도우
# ps -U user01
ksh's PID(450)
# kill -9 450
rusers CMD
__________________
who is logged in on remote machines
The rusers command produces output similar to who(1), but
for remote machines. The listing is in the order that
responses are received, but this order can be changed by
specifying one of the options listed below.
A remote host will only respond if it is running the rusersd
daemon, which may be started up from inetd(1M) or
listen(1M).
(명령어 형식)
# rusers -a
# rusers -h
# rusers -l
# rusers 172.16.8.202
# man rusers
.....
-a Give a report for a machine even if no users are
logged on.
-h Sort alphabetically by host name.
-l Give a longer listing in the style of who(1).
.....
작성일: 2008.04.15(화)
기타 관리용 명령어
■ wc CMD
■ su CMD
■ id CMD
■ groups CMD
■ last CMD
■ who CMD
■ w CMD
■ rusers CMD
wc CMD
_________________
display a count of lines, words and characters in a file
The wc utility reads one or more input files and, by
default, writes the number of newline characters, words and
bytes contained in each input file to the standard output.
(명령어 형식)
# wc /etc/passwd : 라인수, 워드수, 문자수를 확인할수 있다.
# wc -l /etc/passwd : 라인수를 확인 할 수 있다.
# wc -w /etc/passwd : 단어수를 확인 할 수 있다.
# wc -c /etc/paawd : 문자수를 확인 할 수 있다.
[참조] wc -l 명령어 응용예
# cat /etc/passwd | wc -l : 시스템 사용자의 총수를 알수 있다.
# pkginfo | wc -l : 시스템에 설치된 패키지를 수를 알수 있다.
# patchadd -p | wc -l : 시스템에 설치된 패치의 수를 알 수 있다.
# ps -ef | wc -l : 현재 실행 중인 프로세스의 수를 알 수 있다.
(시스템 성능/사용량 카운트 수집) Data Gathering
(첫번째 예) Apache Webserver
- apache 1.3.X (Process 방식)
- apache 2.X (Thread 방식)
Web Client -----------------> Web Server
http://Server httpd
# ps -ef | grep httpd | wc -l > httpd.count
(두번째 예)
# df -k
# df -k / | tail -1 | awk '{print $5}' > df.count
(세번째 예)
# ftpcount | grep realuser | awk '{print $5}' > ftp.count
su CMD
__________________
become super user or another user
The su command allows one to become another user without
logging off or to assume a role. The default user name is
root (superuser).
(명령어 형식)
su [user]
su - [user]
■ End User => root (O) EX) user01 => root
■ End User => End User (O) EX) user01 => user02
■ root => End User (O) EX) root => user01
■ root => root (X)
Becoming User bin While Retaining Your Previously
Exported Environment
To become user bin while retaining your previously exported
environment, execute:
example% su bin
Example 2: Becoming User bin and Changing to bin's Login
Environment
To become user bin but change the environment to what would
be expected if bin had originally logged in, execute:
example% su - bin
[EX] "su bin / su - bin" 명령어 실습
# cd /etc
# pwd
# su user01
(a). shell prompt (# echo $PS1)
(b). current directory (# pwd)
(c). echo $PATH
# id
# exit
(UID값만 바뀐다. 환경은 이전사용자 환경)
# cd /etc
# pwd
# su - user01
(a). shellp prompt (# echo $PS1)
(b). current directory (# pwd)
(c). echo $PATH
$ id
$ exit
(로그인한 사용자의 환경파일 적용)
[참고] 오라클 사용자로 전환(When Oracle User Switching)
(시나리오) root 사용자로 작업을 하다가 oracle 사용자로 전환 해야 하는 경우 다음과 같
이 명령어를 사용하지 않는다면 문제가 발생할 수 있다. 이것은 oracle 사용자의 홈디렉토
리에 존재하는 환경파일(예: ~/.profile)의 변수 설정이 되지 않는다면 oracle 사용자가
정상적으로 작업을 할수 없기 때문이다.
# su oracle
# su - oracle
[EX] 쉘 스크립트에서 많이 사용되는 su 명령어의 예
To execute command with the temporary environment and permissions of user bin
# su - bin -c "command args" (명령어 한줄만 su로 바뀐 권한으로 실행)
id CMD
__________________
return user identity
If no user operand is provided, the id utility writes the
user and group IDs and the corresponding user and group
names of the invoking process to standard output. If the
effective and real IDs do not match, both are written. If
multiple groups are supported by the underlying system,
/usr/xpg4/bin/id also writes the supplementary group affili-
ations of the invoking process.
(명령어 형식)
# id
# id -a
# id user01
[참고] root 사용자의 UID, GID
UID=0(root), GID=1(other)
[참고] UID, GID, EUID, EGID
- UID/GID - who am i
- EUID/EGID - id, whoami
- UID (User Identification) (처음 로그인했을때 UID)
- EUID(Effective UID) (현재 UID) -계속 변함
- GID (Group Identification) (처음 로그인했을때 GID)
- EGID(Effective GID) (현재 GID) - 계속 변함
[EX] UID, GID, EUID, EGID 개념의 이해
# telnet localhost
user01 사용자로 로그인
$ id
uid=100(user01) gid=100(class1)
$ /usr/ucb/whoami
user01
$ who am i
user01 pts/9 Feb 2 01:48 (localhost)
$ su - root
Password: <----- root 사용자 암호 입력
# id
uid=0(root) gid=1(other)
# whoami
root
# who am i
user01 pts/9 Feb 2 01:48 (localhost)
===== HOSTA ===== ===== HOSTB ======
# telnet HOSTB ------------> user01 사용자로 로그인
$ id
$ whoami
$ who am i
$ su - root
# id
# whoami
# who am i
# su - user02
$ id
$ /usr/ucb/whoami
$ who am i
----------------------------
UID EUID
----------------------------
500 500 --> user01 사용자로 로그인 했을때
500 0 --> "su - root" 명령어 수행 후
----------------------------
groups CMD
__________________
print group membership of user
The command groups prints on standard output the groups to
which you or the optionally specified user belong. Each user
belongs to a group specified in /etc/passwd and possibly to
other groups as specified in /etc/group. Note that
/etc/passwd specifies the numerical ID (gid) of the group.
The groups command converts gid to the group name in the
output.
(명령어 형식)
# groups
# groups user01
# groups user01 user02
[참조] /etc/group에 그룹 정의
[EX] groups 명령어 실습
# groups
other root bin sys adm uucp mail tty lp nuucp daemon
# groups user01
staff
# groups user01 root
user01 : staff
root : other root bin sys adm uucp mail tty lp nuucp daemon
last CMD
-------------
display login and logout information about users and terminals
The last command looks in the /var/adm/wtmpx file, which
records all logins and logouts, for information about a
user, a terminal, or any group of users and terminals. Argu-
ments specify names of users or terminals of interest. If
multiple arguments are given, the information applicable to
any of the arguments is printed. For example, last root con-
sole lists all of root's sessions, as well as all sessions
on the console terminal. last displays the sessions of the
specified users and terminals, most recent first, indicating
the times at which the session began, the duration of the
session, and the terminal on which the session took place.
last also indicates whether the session is continuing or was
cut short by a reboot.
The pseudo-user reboot logs in when the system reboots.
Thus, # last reboot
(명령어 형식)
# last
# last user01
# last reboot
+----------+
| |
| User |
| |
+----------+
| |
| reboot |
| |
+----------+
(명령어 출력 화면 해석)
# last user01
.....
user01 pts/11 localhost Sat Jan 12 14:51 - 15:29 (00:38)
----------------------------------------------------
필드 설명
----------------------------------------------------
user01 사용자의 이름
pts/11 제어 터미널(가상 터미널)
localhost 원격 호스트
Sat Jan 12 14:51 로그인 시간
15:29 로그아웃 시간
(00:38) 총 사용한 시간
----------------------------------------------------
# last reboot
......
reboot system boot Thu Jan 10 15:39
----------------------------------------------------
필드 설명
----------------------------------------------------
reboot 가상사용자
system boot 상태정보
Thu Jan 10 15:39 리부팅 시간
----------------------------------------------------
[참고] wtmpx, utmpx 파일
/var/adm/utmpx - who 명령어 참조
/var/adm/wtmpx - last 명령어 참조
[EX] /var/adm/utmpx & /var/adm/wtmpx
# cd /var/adm
# mv wtmpx wtmpx.old
# last
# who
# mv wmtpx.old wtmpx
exit CMD
--------------
End the application
Terminate the process, returning returnCode to the system as
the exit status. If returnCode isn't specified then it
defaults to 0.
(명령어 형식)
# exit [Number]
[참고] exit Number
0 : 정상 종료(Normal Termination)
1 ~ 255 : 비정상 종료(Abnormal Termination)
[EX1] 현재 터미널 종료
# exit
[EX2] 로그 아웃
# telnet 172.16.8.254
root 사용자로 로그인
# hostname
# exit
[EX3] 서브 쉘 종료
# bash
# ps
# exit
who CMD
__________________
who is on the system
The who utility can list the user's name, terminal line,
login time, elapsed time since activity occurred on the
line, and the process-ID of the command interpreter (shell)
for each current UNIX system user. It examines the
/var/adm/utmpx file to obtain its information. If file is
given, that file (which must be in utmpx(4) format) is exam-
ined. Usually, file will be /var/adm/wtmpx, which contains a
history of all the logins since the file was last created.
(명령어 형식)
# who
# who -r (현재 Runlevel 확인)
# whoami (현재 사용자 정보 확인)
# who am i (로그인한 사용자 정보 확인)
# who -H (Headline, 헤드라인 정보 표시)
(명령어 출력 화면 해석)
# who
root pts/4 1월 14 09:57 (192.168.222.1:0.0)
----------------------------------------------------
필드 설명
----------------------------------------------------
root 사용자 정보
pts/4 제어 터미널
1월 14 09:57 로그인 시간
192.168.222.1 원격호스트
----------------------------------------------------
[참고] /var/adm/utmpx
# mv /var/adm/utmpx /var/adm/utmpx.old
# who
# mv /var/adm/utmpx.old /var/adm/utmpx
[EX] 172.16.8.254 로그인 실습
# telnet 172.16.8.254
user01 사용자로 로그인
$
(At solaris254)
# who
whodo / w CMD
__________________
who is doing what
The whodo command produces formatted and dated output from
information in the /var/adm/utmpx and /proc/pid files.
The display is headed by the date, time, and machine name.
For each user logged in, device name, user-ID and login time
is shown, followed by a list of active processes associated
with the user-ID. The list includes the device name,
process-ID, CPU minutes and seconds used, and process name.
(명령어 형식)
# whodo
# whodo user01
# whodo -l (w CMD 명령어 출력 형태로 출력)
# man whodo
.....
-l Produce a long form of output. The fields displayed
are: the user's login name, the name of the tty the
user is on, the time of day the user logged in (in
hours:minutes), the idle time - that is, the time
since the user last typed anything (in hours:minutes),
the CPU time used by all processes and their children
on that terminal (in minutes:seconds), the CPU time
used by the currently active processes (in
minutes:seconds), and the name and arguments of the
current process.
.....
(명령어 출력 화면 해석)
# w
.....
user01 pts/8 7:16오후 -ksh
----------------------------------------------------
필드 설명
----------------------------------------------------
user01 사용자이름
pts/8 제어터미널
7:16오후 명령어 수행시간
-ksh 수행 명령어
----------------------------------------------------
[EX] 악의적인 사용자 로그아웃 시킴
[TERM1] use01 사용자 윈도우
# telnet localhost
user01 사용자로 로그인
$ vi /etc/passwd
[TERM2] 관리자 윈도우
# w
# w user01 (# w | grep user01)
[참고] 사용자 활동 모니터링
# while [ 1 ]
> do
> w user01
> sleep 2
> done
[TERM3] 관리자 윈도우
# ps -U user01
ksh's PID(450)
# kill -9 450
rusers CMD
__________________
who is logged in on remote machines
The rusers command produces output similar to who(1), but
for remote machines. The listing is in the order that
responses are received, but this order can be changed by
specifying one of the options listed below.
A remote host will only respond if it is running the rusersd
daemon, which may be started up from inetd(1M) or
listen(1M).
(명령어 형식)
# rusers -a
# rusers -h
# rusers -l
# rusers 172.16.8.202
# man rusers
.....
-a Give a report for a machine even if no users are
logged on.
-h Sort alphabetically by host name.
-l Give a longer listing in the style of who(1).
.....
'9. 도서관 > __사. Network' 카테고리의 다른 글
| UNIX 피해 시스템 분석 (0) | 2008.11.05 |
|---|---|
| crontab -옵션 (0) | 2008.11.05 |
| crontab 사용법 (0) | 2008.11.05 |
| Corrupt label; wrong magic number (레이블링) (0) | 2008.11.04 |
| 2장 파티션 (0) | 2008.11.04 |
댓글