Shulou(Shulou.com)06/02 Report--

User and group management

1. Basic user / group concepts

Users and groups:

. Every process (running program) on the system runs as a particular user.

. Every file is owned by a particular user.

. Access to files and directories are restricted by user.

. The user associated with a running process determines the files and directories accessible to that process.

The role of users

(1) View the information of the currently logged in user:

[root@192 ~] # id

(2) View the owner of the file:

[root@192 ~] # ls-l / home

(3) check the username of the running process:

[root@192 ~] # ps axu

Files stored in user group information

(1) user basic information file:

[root@192 ~] # cat / etc/passwd

/ etc/passwd (colon is divided into 7 columns of fields)

Root: x: 0: 0: root: / root: / bin/bash

User name: X: uid: gid: description: HOME: shell

System convention: RHEL7

Uid: 0 privileged user

Uid: 1x 499 system users

Uid: 1000 + ordinary users

The root user

Meaning:

. Uid is 0

. All power

. This user has the power to override normal privileges on the file system

. Installing or removing software and to manage system files and directorie

. Most devices can only be controlled by root

(2) user password information file:

[root@192 ~] # cat / etc/shadow

/ etc/shadow (colon is divided into 9 columns of fields)

Root: $6$ FSPVbNE... :: 0: 99999: 7:

1) "login name" is a user account that is consistent with the login name in the / etc/passwd file

2) the "password" field stores the encrypted user password. If it is empty, the corresponding user does not have a password and does not need a password when logging in.

The asterisk indicates that the account is locked.

A double exclamation mark indicates that the password has expired.

Starting with $6, indicating that it is encrypted with SHA-512

$1$ indicates that it is encrypted with MD5

$2$ is encrypted with Blowfish

$5$ is encrypted with SHA-256

3) "Last modification time" represents the number of days from a certain time to the last time the user changed the password. The time starting point may be different for different systems. In SCOLinux, for example, the time starting point is January 1, 1970.

4) "minimum time interval" refers to the minimum number of days between password changes.

5) the "maximum time interval" refers to the maximum number of days for which the password remains valid.

6) the "warning time" field represents the number of days between the time the system warns the user and the time the user's password officially expires.

7) "inactive time" refers to the maximum number of days that the user has no login activity but the account can remain valid. (soft limit. You can't use your account for a few days after it expires. )

8) the "expiration time" field gives an absolute number of days, and if this field is used, the lifetime of the corresponding account is given. After the expiration of the period, the account is no longer a legitimate account and can no longer be used to log in. (hard limit. )

9) retention

(3) Group information file:

[root@192 ~] # cat / etc/group

/ etc/group (colon is divided into 4 columns of fields)

Root: x: 0:

Group name: group password: group ID: group member (group member is empty by default)

2. User / group management

User

(1) the option for creating a user is not specified:

[root@192 ~] # useradd user01

Summary:

If no options are specified when creating a user, a group with the same user name is created as the user's Primary Group.

(2) create user-specified options:

[root@192 ~] # useradd user02-u 1503 / / create a user user02, specify uid [root @ 1992 ~] # useradd user03-d / aaa / / create a user user03 specified home directory

(3) Delete a user:

[root@192] # userdel-r user02

(4) user password:

Method 1: root modifies the password of other users (user03).

[root@192 ~] # passwd user03

Method 2: the user (user03) logs in and changes the password by himself.

[user03@192 ~] $passwd

(5) Group member management:

Note: usermode-G group name user name

[root@192] # usermod-G hr user03

(6) Management of other options:

[root@192] # usermod-s / sbin/nologin user03

Modify login SHELL to restrict user03 login

User group

(1) No option is specified for creating a group:

[root@192 ~] # groupadd db

(2) create a group to specify options:

[root@192 ~] # groupadd net01-g 2000 / / add group net01 and specify gid 2000

(3) View group information:

[root@192 ~] # grep 'net01' / etc/group / / View the group net01 information in / etc/group

(4) Delete a group

[root@192 ~] # groupdel net01 / / Delete group net01

Because it has been deleted, it is not displayed in the view.

classification

(1) basic group / primary group

Groups with the same name that are created automatically with the user

The basic group of the user, shown in / etc/passwd

(2) additional groups

Other groups that the user joined.

Command summary

1 useradd is the command to create the user.

2 usermod is the command to modify the user.

3 groupadd is the command to create a group.

4-u define the user's UID.

5-g define the basic group of users.

6-G formulates additional groups for users.

7 / etc/passwd can view the user's basic group.

8 / etc/group can view the user's additional groups.

So far, this is the end of this article on the summary of user management commands in Linux system. For more information about user management commands in Linux system, please search the previous articles or continue to browse the relevant articles below. I hope you will support me in the future!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.