Shulou(Shulou.com)06/02 Report--

The account system files under 1.Linux environment are mainly / etc/passwd, / etc/shadow,/etc/group, and / etc/gshadow. Without saying much about the basic meaning, the uid of root is 0, which is the standard account of the system from 1 to 499, and the average user starts with uid 500.

The usermod option username / / modifies the existing user userdel-r username / / deletes the user means that the home directory is deleted. Groupadd option group name / / add a new group groupmod option group name / modify an existing group groupdel group name / delete an existing specific group.

two。 Examples

Add and remove user commands under CentOS:

Add user test:

Adduser test

Change the test password:

Passwd test

Delete user test:

Userdel test

Delete the user and the user directory:

Userdel-r test

Create a new sudo user group

Groupadd sudo

Create a new user test and join the suso additional group at the same time

Useradd-G sudo test

Create a new user ftpadmin, specify the directory as / var/ftp/pub, and do not create your own directory (- M)

Useradd-d / var/ftp/pub-M ftpadmin

Means to add zh888 to the additional group sudo group. Zh888 is a user that has been created and exists.

Usermod-G sudo zh888

Means to delete zh888 and delete the directory in / home together.

Userdel-r zhh888

Indicates deletion of sudo group

Groupdel sudo

3. Password management after creating a user in a timely manner, add a password to the user, set the password of the imperative passwd passwd option username

User name account name / / disable user account password

Passwd-l

User name / / indicates to view the password status of the user account

Passwd-S

User name / / indicates that the user account is restored

Passwd-u

User name / / indicates that the user account password is deleted

Passwd-d

The 4.chage command protects the validity of the password so as to prevent others from guessing the time of the password.

Chage option user name

The parameters are

-m days-M days-d days-I days-E date-W days-l

Example:

It is required that the user zhh cannot change the password within two days, and the maximum survival period of the password is 30 days, and the password expires 5 days to notify zhh

Chage-m 2-M 30-W zhh

5. Status query commands for users and groups

Used to display the current user name.

Whoami

Indicates the group to which the specified user belongs, or the group to which the current user belongs if no user is specified

Groups user name

Switch to another user if su means to switch to your current user.

Su-user

Convert a user's current group to a specified additional group, which the user must belong to before it can be carried out

Newgrp group name

6. Change the owner and the same group

Sometimes it is also necessary to change the owner and the group to which the file belongs. Only the owner of the document has the right to change other owners and groups to which they belong, and users can transfer their own files to everyone. Change file ownership active chown command

Chown [- R]

Examples

Change the file files owner to www user

Chown www files

Change the owner and group of the file files to www

Chown www.www file

Change the master and group of all files or directories under all directories and subdirectories of files to www

Chown-R www.www files/

7. Set the directory of the file and the directory generation mask

You can use the umask command to set the default build mask for the file. The default build mask tells the system what permissions should not be granted to create a file or directory. If the user puts the umask command in the environment file .bash _ profile, you can control access to all newly created files and directories.

Umask [a1a2a3] A1 means the permissions of owners are not allowed, a2 means that permissions of people in the same group are not allowed, and a3 means that permissions of others are not allowed.

Umask 022ax / indicates that the setting does not allow write permissions for users in the same group and other users. Umask / / displays the current default build mask.

8. Setting of special permissions

SUID SGID and sticky-bit

In addition to general permissions, there are special permissions, and some special permissions exist. If users do not need special permissions, generally do not open special permissions to avoid security problems.

The above is the whole content of this article, I hope it will be helpful to your study, and I also hope that you will support it.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.