练习题一

确保新建用户具有必须30天更改一次密码

[root@localhost ~]# vim /etc/login.defs 

应 该 为 M A X = 30 \color{#FF3030}{应该为MAX=30} 应该为MAX=30

练习题二

创建新组consultants，GID设为35000

[root@localhost ~]# groupadd -g 35000 consultants
[root@localhost ~]# tail -1 /etc/group
consultants:x:35000:

练习题三

为consultants的所有成员配置管理权限，使其能够以任何用户身份执行任何命令

[root@localhost ~]# vim /etc/sudoers

练习题四

创建consultants1、consultants2、consultants3用户，并使consultants作为他们的补充组

[root@localhost ~]# useradd -G consultants consultants1
[root@localhost ~]# useradd -G consultants consultants2
[root@localhost ~]# useradd -G consultants consultants3
[root@localhost ~]# grep  -w consultants /etc/group
consultants:x:35000:consultants1,consultants2,consultants3

练习题五

将consultants1、consultants2、consultants账户设为从当天起90天过期

[root@localhost ~]# chage -M 90 consultants1
[root@localhost ~]# chage -M 90 consultants2
[root@localhost ~]# chage -M 90 consultants3
[root@localhost ~]# chage -l consultants3
Last password change					: Dec 23, 2020
Password expires					: Mar 23, 2021
Password inactive					: never
Account expires						: never
Minimum number of days between password change		: 30
Maximum number of days between password change		: 90
Number of days of warning before password expires	: 7

练习题六

更改consultants2账户的密码策略，使其每15天要求创建新密码

[root@localhost ~]# chage -m 15 consultants2
[root@localhost ~]# chage -l consultants2
Last password change					: Dec 23, 2020
Password expires					: Mar 23, 2021
Password inactive					: never
Account expires						: never
Minimum number of days between password change		: 15
Maximum number of days between password change		: 90
Number of days of warning before password expires	: 7

应 该 为 M A X = 15 \color{#FF3030}{应该为MAX=15} 应该为MAX=15

练习题七

另外，强制consultants1、consultants2、consultants3用户在第一次登录时更改密码

[root@localhost ~]# chage -d 0 consultants1
[root@localhost ~]# chage -d 0 consultants2
[root@localhost ~]# chage -d 0 consultants3
[root@localhost ~]# chage -l consultants1
Last password change					: password must be changed
Password expires					: password must be changed
Password inactive					: password must be changed
Account expires						: never
Minimum number of days between password change		: 30
Maximum number of days between password change		: 90
Number of days of warning before password expires	: 7