Linux上查看用户创建日期的几种方法总结
<p><span><strong>前言</strong></span></p>
<p>
你知道吗,如何在 Linux 系统上查看帐户的创建日期?如果知道,那么有些什么办法。</p>
<p>
你成功了么?如果是的话,该怎么做?</p>
<p>
基本上 Linux 系统不会跟踪这些信息,因此,获取这些信息的替代方法是什么?</p>
<p>
你可能会问为什么我要查看这个?</p>
<p>
是的,在某些情况下,你可能需要查看这些信息,那时就会对你会有帮助。</p>
<p>
<strong>可以使用以下 7 种方法进行验证。</strong></p>
<ul>
<li>
使用 /var/log/secure</li>
<li>
使用 aureport 工具</li>
<li>
使用 .bash_logout</li>
<li>
使用 chage 命令</li>
<li>
使用 useradd 命令</li>
<li>
使用 passwd 命令</li>
<li>
使用 last 命令</li>
</ul>
<p>
<span><strong>方式 1:使用 /var/log/secure</strong></span></p>
<p>
它存储所有安全相关的消息,包括身份验证失败和授权特权。它还会通过系统安全守护进程跟踪 sudo 登录、SSH 登录和其他错误记录。</p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_65732">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
<div class="line number3 index2 alt2">
3</div>
<div class="line number4 index3 alt1">
4</div>
<div class="line number5 index4 alt2">
5</div>
<div class="line number6 index5 alt1">
6</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash comments"># grep prakash /var/log/secure</code>
</div>
<div class="line number2 index1 alt1">
<code class="bash plain">Apr 12 04:07:18 centos.2daygeek.com </code><code class="bash functions">useradd</code><code class="bash plain">: new group: name=prakash, GID=501</code>
</div>
<div class="line number3 index2 alt2">
<code class="bash plain">Apr 12 04:07:18 centos.2daygeek.com </code><code class="bash functions">useradd</code><code class="bash plain">: new user: name=prakash, UID=501, GID=501, home=</code><code class="bash plain">/home/prakash</code><code class="bash plain">, shell=</code><code class="bash plain">/bin/bash</code>
</div>
<div class="line number4 index3 alt1">
<code class="bash plain">Apr 12 04:07:34 centos.2daygeek.com </code><code class="bash functions">passwd</code><code class="bash plain">: pam_unix(</code><code class="bash functions">passwd</code><code class="bash plain">:chauthtok): password changed </code><code class="bash keyword">for</code> <code class="bash plain">prakash</code>
</div>
<div class="line number5 index4 alt2">
<code class="bash plain">Apr 12 04:08:32 centos.2daygeek.com sshd: Accepted password </code><code class="bash keyword">for</code> <code class="bash plain">prakash from 103.5.134.167 port 60554 ssh2</code>
</div>
<div class="line number6 index5 alt1">
<code class="bash plain">Apr 12 04:08:32 centos.2daygeek.com sshd: pam_unix(sshd:session): session opened </code><code class="bash keyword">for</code> <code class="bash plain">user prakash by (uid=0)</code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
<span><strong>方式 2:使用 aureport 工具</strong></span></p>
<p>
aureport 工具可以根据记录在审计日志中的事件记录生成汇总和柱状报告。默认情况下,它会查询 /var/log/audit/ 目录中的所有 audit.log 文件来创建报告。</p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_760342">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
<div class="line number3 index2 alt2">
3</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash comments"># aureport --auth | grep prakash</code>
</div>
<div class="line number2 index1 alt1">
<code class="bash plain">46. 04</code><code class="bash plain">/12/2018</code> <code class="bash plain">04:08:32 prakash 103.5.134.167 </code><code class="bash functions">ssh</code> <code class="bash plain">/usr/sbin/sshd</code> <code class="bash functions">yes</code> <code class="bash plain">288</code>
</div>
<div class="line number3 index2 alt2">
<code class="bash plain">47. 04</code><code class="bash plain">/12/2018</code> <code class="bash plain">04:08:32 prakash 103.5.134.167 </code><code class="bash functions">ssh</code> <code class="bash plain">/usr/sbin/sshd</code> <code class="bash functions">yes</code> <code class="bash plain">291</code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
<span><strong>方式 3:使用 .bash_logout</strong></span></p>
<p>
家目录中的 .bash_logout 对 bash 有特殊的含义,它提供了一种在用户退出系统时执行命令的方式。</p>
<p>
我们可以查看用户家目录中 .bash_logout 的更改日期。该文件是在用户第一次注销时创建的。</p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_377616">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
<div class="line number3 index2 alt2">
3</div>
<div class="line number4 index3 alt1">
4</div>
<div class="line number5 index4 alt2">
5</div>
<div class="line number6 index5 alt1">
6</div>
<div class="line number7 index6 alt2">
7</div>
<div class="line number8 index7 alt1">
8</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash comments"># stat /home/prakash/.bash_logout</code>
</div>
<div class="line number2 index1 alt1">
<code class="bash spaces"> </code><code class="bash plain">File: `</code><code class="bash plain">/home/prakash/</code><code class="bash plain">.bash_logout'</code>
</div>
<div class="line number3 index2 alt2">
<code class="bash spaces"> </code><code class="bash plain">Size: 18 Blocks: 8 IO Block: 4096 regular </code><code class="bash functions">file</code>
</div>
<div class="line number4 index3 alt1">
<code class="bash plain">Device: 801h</code><code class="bash plain">/2049d</code> <code class="bash plain">Inode: 256153 Links: 1</code>
</div>
<div class="line number5 index4 alt2">
<code class="bash plain">Access: (0644</code><code class="bash plain">/-rw-r--r--</code><code class="bash plain">) Uid: ( 501/ prakash) Gid: ( 501/ prakash)</code>
</div>
<div class="line number6 index5 alt1">
<code class="bash plain">Access: 2017-03-22 20:15:00.000000000 -0400</code>
</div>
<div class="line number7 index6 alt2">
<code class="bash plain">Modify: 2017-03-22 20:15:00.000000000 -0400</code>
</div>
<div class="line number8 index7 alt1">
<code class="bash plain">Change: 2018-04-12 04:07:18.283000323 -0400</code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
<span><strong>方式 4:使用 chage 命令</strong></span></p>
<p>
chage 意即 “change age”。该命令让用户管理密码过期信息。chage 命令可以修改上次密码更改日期后需要更改密码的天数。</p>
<p>
系统使用此信息来确定用户何时必须更改其密码。如果用户自帐户创建日期以来没有更改密码,这个就有用。</p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_818462">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
<div class="line number3 index2 alt2">
3</div>
<div class="line number4 index3 alt1">
4</div>
<div class="line number5 index4 alt2">
5</div>
<div class="line number6 index5 alt1">
6</div>
<div class="line number7 index6 alt2">
7</div>
<div class="line number8 index7 alt1">
8</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash comments"># chage --list prakash</code>
</div>
<div class="line number2 index1 alt1">
<code class="bash plain">Last password change : Apr 12, 2018</code>
</div>
<div class="line number3 index2 alt2">
<code class="bash plain">Password expires : never</code>
</div>
<div class="line number4 index3 alt1">
<code class="bash plain">Password inactive : never</code>
</div>
<div class="line number5 index4 alt2">
<code class="bash plain">Account expires : never</code>
</div>
<div class="line number6 index5 alt1">
<code class="bash plain">Minimum number of days between password change : 0</code>
</div>
<div class="line number7 index6 alt2">
<code class="bash plain">Maximum number of days between password change : 99999</code>
</div>
<div class="line number8 index7 alt1">
<code class="bash plain">Number of days of warning before password expires : 7</code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
<span><strong>方式 5:使用 useradd 命令</strong></span></p>
<p>
useradd 命令用于在 Linux 中创建新帐户。默认情况下,它不会添加用户创建日期,我们必须使用 “备注” 选项添加日期。</p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_104109">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
<div class="line number3 index2 alt2">
3</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash comments"># useradd -m prakash -c `date +%Y/%m/%d`</code>
</div>
<div class="line number2 index1 alt1">
<code class="bash comments"># grep prakash /etc/passwd</code>
</div>
<div class="line number3 index2 alt2">
<code class="bash plain">prakash:x:501:501:2018</code><code class="bash plain">/04/12</code><code class="bash plain">:</code><code class="bash plain">/home/prakash</code><code class="bash plain">:</code><code class="bash plain">/bin/bash</code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
<span><strong>方式 6:使用 passwd 命令</strong></span></p>
<p>
passwd 命令用于将密码分配给本地帐户或用户。如果用户在帐户创建后没有修改密码,那么可以使用 passwd 命令查看最后一次密码修改的日期。</p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_105168">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash comments"># passwd -S prakash</code>
</div>
<div class="line number2 index1 alt1">
<code class="bash plain">prakash PS 2018-04-11 0 99999 7 -1 (Password </code><code class="bash functions">set</code><code class="bash plain">, MD5 crypt.)</code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
<span><strong>方式 7:使用 last 命令</strong></span></p>
<p>
last 命令读取 /var/log/wtmp,并显示自该文件创建以来所有登录(和退出)用户的列表。</p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_291338">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash comments"># last | grep "prakash"</code>
</div>
<div class="line number2 index1 alt1">
<code class="bash plain">prakash pts</code><code class="bash plain">/2</code> <code class="bash plain">103.5.134.167 Thu Apr 12 04:08 still logged </code><code class="bash keyword">in</code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
via: https://www.2daygeek.com/how-to-check-user-created-date-on-linux/</p>
<p>
作者:Prakash Subramanian 选题:lujun9972 译者:geekpi 校对:wxy</p>
<p>
<span><strong>总结</strong></span></p>
<p>
以上就是这篇文章的全部内容了,希望本文的内容对大家的学习或者工作具有一定的参考学习价值,如果有疑问大家可以留言交流,谢谢大家对的支持。</p>
<p>
原文链接:https://linux.cn/article-9624-1.html</p>
頁:
[1]