5장은 로컬 계정이고 6장은 네트워크 계정 관련 방법을 알려 주는 것
디비이용 인증 vs ldap 서버 기반 인증
디비 : read보다는 write 관련 작업이 많은 경우 디비기반 인증
ldap은 파일베이스드..
read가 많이 일어나면 ldap 서버기반으로..
sssd (pid 8148) is running...
[root@server4 ~]# getent passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
usbmuxd:x:113:113:usbmuxd user:/:/sbin/nologin
avahi-autoipd:x:170:170:Avahi IPv4LL Stack:/var/lib/avahi-autoipd:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
rtkit:x:499:499:RealtimeKit:/proc:/sbin/nologin
abrt:x:498:498::/etc/abrt:/sbin/nologin
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
nslcd:x:65:55:LDAP Client User:/:/sbin/nologin
saslauth:x:497:495:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
avahi:x:70:70:Avahi mDNS/DNS-SD Stack:/var/run/avahi-daemon:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
tcpdump:x:72:72::/:/sbin/nologin
pulse:x:496:494:PulseAudio System Daemon:/var/run/pulse:/sbin/nologin
gdm:x:42:42::/var/lib/gdm:/sbin/nologin
student:x:500:500::/home/student:/bin/bash
visitor:x:501:501::/home/visitor:/bin/bash
faraday:x:502:502::/home/faraday:/bin/bash
juliet:x:503:503::/home/juliet:/bin/bash
jack:x:504:504::/home/jack:/bin/bash
kate:x:505:505::/home/kate:/bin/bash
james:x:506:506::/home/james:/bin/bash
walt:x:507:507::/home/walt:/bin/bash
ben:x:508:508::/home/ben:/bin/bash
clair:x:509:509::/home/clair:/bin/bash
hugo:x:510:510::/home/hugo:/bin/bash
elvis:x:511:511::/home/elvis:/bin/bash
[root@server4 ~]# getent passwd ldapuser4
ldapuser4:*:1704:1704:LDAP Test User 4:/home/guests/ldapuser4:/bin/bash
[root@server4 ~]# cd /etc/sssd
[root@server4 sssd]# ls
sssd.api.conf sssd.api.d sssd.conf
[root@server4 sssd]# vim sssd.conf
[root@server4 sssd]# service sssd restart
Stopping sssd: [ OK ]
Starting sssd: [ OK ]
[root@server4 sssd]# getent passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
usbmuxd:x:113:113:usbmuxd user:/:/sbin/nologin
avahi-autoipd:x:170:170:Avahi IPv4LL Stack:/var/lib/avahi-autoipd:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
rtkit:x:499:499:RealtimeKit:/proc:/sbin/nologin
abrt:x:498:498::/etc/abrt:/sbin/nologin
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
nslcd:x:65:55:LDAP Client User:/:/sbin/nologin
saslauth:x:497:495:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
avahi:x:70:70:Avahi mDNS/DNS-SD Stack:/var/run/avahi-daemon:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
tcpdump:x:72:72::/:/sbin/nologin
pulse:x:496:494:PulseAudio System Daemon:/var/run/pulse:/sbin/nologin
gdm:x:42:42::/var/lib/gdm:/sbin/nologin
student:x:500:500::/home/student:/bin/bash
visitor:x:501:501::/home/visitor:/bin/bash
faraday:x:502:502::/home/faraday:/bin/bash
juliet:x:503:503::/home/juliet:/bin/bash
jack:x:504:504::/home/jack:/bin/bash
kate:x:505:505::/home/kate:/bin/bash
james:x:506:506::/home/james:/bin/bash
walt:x:507:507::/home/walt:/bin/bash
ben:x:508:508::/home/ben:/bin/bash
clair:x:509:509::/home/clair:/bin/bash
hugo:x:510:510::/home/hugo:/bin/bash
elvis:x:511:511::/home/elvis:/bin/bash
ldapuser4:*:1704:1704:LDAP Test User 4:/home/guests/ldapuser4:/bin/bash
[root@server4 sssd]# getent passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
usbmuxd:x:113:113:usbmuxd user:/:/sbin/nologin
avahi-autoipd:x:170:170:Avahi IPv4LL Stack:/var/lib/avahi-autoipd:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
rtkit:x:499:499:RealtimeKit:/proc:/sbin/nologin
abrt:x:498:498::/etc/abrt:/sbin/nologin
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
nslcd:x:65:55:LDAP Client User:/:/sbin/nologin
saslauth:x:497:495:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
avahi:x:70:70:Avahi mDNS/DNS-SD Stack:/var/run/avahi-daemon:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
tcpdump:x:72:72::/:/sbin/nologin
pulse:x:496:494:PulseAudio System Daemon:/var/run/pulse:/sbin/nologin
gdm:x:42:42::/var/lib/gdm:/sbin/nologin
student:x:500:500::/home/student:/bin/bash
visitor:x:501:501::/home/visitor:/bin/bash
faraday:x:502:502::/home/faraday:/bin/bash
juliet:x:503:503::/home/juliet:/bin/bash
jack:x:504:504::/home/jack:/bin/bash
kate:x:505:505::/home/kate:/bin/bash
james:x:506:506::/home/james:/bin/bash
walt:x:507:507::/home/walt:/bin/bash
ben:x:508:508::/home/ben:/bin/bash
clair:x:509:509::/home/clair:/bin/bash
hugo:x:510:510::/home/hugo:/bin/bash
elvis:x:511:511::/home/elvis:/bin/bash
ldapuser10:*:1710:1710:LDAP Test User 10:/home/guests/ldapuser10:/bin/bash
ldapuser11:*:1711:1711:LDAP Test User 11:/home/guests/ldapuser11:/bin/bash
ldapuser12:*:1712:1712:LDAP Test User 12:/home/guests/ldapuser12:/bin/bash
ldapuser13:*:1713:1713:LDAP Test User 13:/home/guests/ldapuser13:/bin/bash
ldapuser14:*:1714:1714:LDAP Test User 14:/home/guests/ldapuser14:/bin/bash
ldapuser15:*:1715:1715:LDAP Test User 15:/home/guests/ldapuser15:/bin/bash
ldapuser16:*:1716:1716:LDAP Test User 16:/home/guests/ldapuser16:/bin/bash
ldapuser17:*:1717:1717:LDAP Test User 17:/home/guests/ldapuser17:/bin/bash
ldapuser18:*:1718:1718:LDAP Test User 18:/home/guests/ldapuser18:/bin/bash
ldapuser19:*:1719:1719:LDAP Test User 19:/home/guests/ldapuser19:/bin/bash
ldapuser20:*:1720:1720:LDAP Test User 20:/home/guests/ldapuser20:/bin/bash
ldapuser21:*:1721:1721:LDAP Test User 21:/home/guests/ldapuser21:/bin/bash
ldapuser22:*:1722:1722:LDAP Test User 22:/home/guests/ldapuser22:/bin/bash
ldapuser23:*:1723:1723:LDAP Test User 23:/home/guests/ldapuser23:/bin/bash
ldapuser24:*:1724:1724:LDAP Test User 24:/home/guests/ldapuser24:/bin/bash
ldapuser25:*:1725:1725:LDAP Test User 25:/home/guests/ldapuser25:/bin/bash
ldapuser26:*:1726:1726:LDAP Test User 26:/home/guests/ldapuser26:/bin/bash
ldapuser27:*:1727:1727:LDAP Test User 27:/home/guests/ldapuser27:/bin/bash
ldapuser28:*:1728:1728:LDAP Test User 28:/home/guests/ldapuser28:/bin/bash
ldapuser29:*:1729:1729:LDAP Test User 29:/home/guests/ldapuser29:/bin/bash
ldapuser30:*:1730:1730:LDAP Test User 30:/home/guests/ldapuser30:/bin/bash
ldapuser1:*:1701:1701:LDAP Test User 1:/home/guests/ldapuser1:/bin/bash
ldapuser2:*:1702:1702:LDAP Test User 2:/home/guests/ldapuser2:/bin/bash
ldapuser3:*:1703:1703:LDAP Test User 3:/home/guests/ldapuser3:/bin/bash
ldapuser4:*:1704:1704:LDAP Test User 4:/home/guests/ldapuser4:/bin/bash
ldapuser5:*:1705:1705:LDAP Test User 5:/home/guests/ldapuser5:/bin/bash
ldapuser6:*:1706:1706:LDAP Test User 6:/home/guests/ldapuser6:/bin/bash
ldapuser7:*:1707:1707:LDAP Test User 7:/home/guests/ldapuser7:/bin/bash
ldapuser8:*:1708:1708:LDAP Test User 8:/home/guests/ldapuser8:/bin/bash
ldapuser9:*:1709:1709:LDAP Test User 9:/home/guests/ldapuser9:/bin/bash
[root@server4 sssd]# ssh ldapuser4@demo.example.com
The authenticity of host 'demo.example.com (192.168.0.250)' can't be established.
RSA key fingerprint is 18:4b:aa:97:1b:96:10:11:f4:b0:a8:1b:ed:36:f5:e5.
Are you sure you want to continue connecting (yes/no)? y
Please type 'yes' or 'no': yes
Warning: Permanently added 'demo.example.com,192.168.0.250' (RSA) to the list of known hosts.
ldapuser4@demo.example.com's password:
Could not chdir to home directory /home/guests/ldapuser4: No such file or directory
-bash-4.1$ ls
bin dev lib media net root srv testdir var
boot etc lib64 misc opt sbin storage tmp
cgroup home lost+found mnt proc selinux sys usr
-bash-4.1$ exit
logout
Connection to demo.example.com closed.
[root@server4 sssd]#
'UNIX > Redhat' 카테고리의 다른 글
| 명령어 경로 알기 (0) | 2012.12.05 |
|---|---|
| 12/08/29 10장 (0) | 2012.08.29 |
| LVM - 솔라리스에서 RAID 사용 및 VG 활성화, VG제거, PV삭제, LV스냅샷, LV축소 (0) | 2012.08.28 |
| 12/08/28 5장 계정 관리 (0) | 2012.08.28 |
| 12/08/28 4장 논리 볼륨 관리 (0) | 2012.08.28 |