Shulou(Shulou.com)06/03 Report--

Account and authority management one. Overview of user and group accounts 1. User account number

Super user: root

Normal users: custom user

Program user: unable to log in

There is also an anonymous user: nobody

two。 Group account

Basic group (private group): created with the same name as the user

Additional group (public group): an additional group creates an empty group directly. You can add existing users and set permissions to the group.

All users in the group have this permission

3.UID and GID

UID user identification number

GID group identification number

two。 The meaning of each paragraph of the user account file

1./etc/passwd example: root:x:0:0:root: / root: / bin/bash

The first paragraph: user account (root)

Second paragraph: password placeholder (x)

The third paragraph: user account (0)

Paragraph 4: group account (0)

Paragraph 5: user description (root)

Paragraph 6: host directory (/ root)

Paragraph 7: log in to shell (/ bin/bash)

2./etc/shadow

According to this picture,

14374: days from 1970.1.1

0: minimum password period

99999: maximum password duration

7: password expiration reminder 7 days in advance

three。 Command useradd: add account

-u: specify UID

-d: specifies the user's home (host) directory, which does not take effect when used with-M

-M: do not establish a host directory

-e: specify the expiration time of the account

-s: specifies that the user logs in to shell

Passwd: setting to change user password

-l lock the account

-u unlock the account

-d clear the specified user password

-s to view user account status

UID 0 root 1 million 999 program users 1000 million 60 000 ordinary users

/ sbin/nologin users cannot log in directly and be switched to login

The passwd-l user is locked out and cannot log in directly, but the login can be switched from the root user

When passwd does not specify a user name, it changes the password of the current user

Usermod

-L lock

-U unlock

Others are the same as useradd

Userdel

-r delete host directory at the same time

The initial configuration file of the user account

~ / .bash_profile

~ / .bashrc

~ / .bash_logout

Groupadd add Group gpasswd add / remove Group members

-an add only one user

-d delete a user in the group

-M defines a list of group members, separated by commas

When-M is used, it is equivalent to redefining the team member and emptying the previous team member. Use with caution

Groups query the user's group id query the user ID finger: query the details of the user account w _ who _ _ users: query the user information that has logged in to the host 4. Authority and attribution of documents

Access includes three basic types: read, write, and executable.

Attribution

Owner: the user account that owns the file or directory

Group: the group account that owns the file or directory

Chmd: setting file permissions and attribution

-R: recursively modify the permissions of all subitems under the specified directory

Character combination

Ugoa

U: on behalf of the owner

G: represents a subordinate group

O: other users

A: all users

+: add permissions

-: reduce permissions

=: set permissions

Permission mask umask (inverse code)

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.