Shulou(Shulou.com)06/01 Report--

This article is about how to create, modify and delete users and groups in Linux. The editor thinks it is very practical, so share it with you as a reference and follow the editor to have a look.

Introduction

In the daily maintenance process to create the role of users will be relatively more, but the knowledge involved in this process is not only useradd, and then to learn more about account management related information.

User information

Start with the analysis of user information. You can query the / etc/password file. Each line represents one user information.

Root:x:0:0:root:/root:/bin/bashbin:x:1:1:bin:/bin:/sbin/nologindaemon:x:2:2:daemon:/sbin:/sbin/nologinmysql:x:496:501::/home/mysql:/bin/bash

Each colon separates a part, and the whole line is divided into seven parts.

1. User name

two。 User password, the early version of the account password is directly stored here, in order to be compatible, so also retain this part, with X instead.

3.UID: the user ID to which the file belongs. Each file is preceded by the user and group to which the file belongs. In fact, UID is simply saved by going to etc/password and / etc/shadow through UID to find the names of the corresponding UID and GID.

Uid=0 of the superuser

System users (1-499): 1-99 is created by the system, 100-499 is the system account created by the user, the system user cannot log in but can execute some commands of the system, which is related to the last specified shell; there is a special shell is / sbin/nologin

Ordinary users (500-65535)

4.GID: the user group ID to which the account belongs, which is associated with the / etc/group group file

5. User description

6. User's home directory: the default for creating a user's home directory is / home/ user /. When creating a user, you can specify the user's home directory. The system user's home directory is special, for example, the root user's home directory is / root.

7.shell:shell is the bridge between terminal and kernel (kernel), and the kernel interacts with lower-level hardware (including CPU, motherboard, hard disk, video card, optical drive, etc.). The default shell of linux is / bin/bash.

Password information

Each line in the user password file records the user's password information, which has a total of nine parts.

[root@localhost ~] # cat / etc/shadowroot:$1 $4Universe GZ1mEvqxyxy6and9UaTGI9YUT0V022VOV99999GUT0GZ1mEvqxyxy6and9UaTI9YUT0VOV7:

1. User name: corresponds to the user information in the / etc/password file

two。 Password: the password is stored in ciphertext

3. The date of the last password change: linux takes January 1, 1970 as 1, so the above 16862 is cumulative, not to mention the details

4. The number of days that the password cannot be changed: 0 means the password can be changed at any time, which can usually be used to set the number of days on which a user's password cannot be changed.

5. The number of days that the password needs to be changed: 99999 is 273 years, and the change time is added on the basis of part 3.

6. The number of warning days before the password needs to be changed: the number of days changed is calculated on the basis of No. 5, where the default is 7 days, that is, the password will be warned on the 7th day before it needs to be changed.

7. The number of days after the password expires: after the password exceeds the number of days that need to be changed, if the user still does not change the password, the password will expire. During these days, the password can still be logged in. When the user logs in to the system within the grace period, the user will be forced to change the password. If the user has not changed the password within the grace period, the password will expire permanently and cannot be logged in again. The account expires only after the number of days for which the password expires, so the total validity time of an account is 3-6-7.

8. User expiration date: the change date, like part 3, is a number calculated from January 1, 1970, after which the user can no longer use regardless of whether the user's password expires or not. the change date is usually used in a charging system that specifies that a user cannot use a user after a specified date.

9. Reserved part

Calculate the number of the current date converted by 1970

[root@localhost ~] # echo $($(date +'% s') / 864003.1)) 16927

Calculate the number converted by 1970 on a specified date

[root@localhost ~] # echo $($(date-- date= "2016-01-01" +'% s') / 86400)) 16802

Create a user

Once you understand the above concept, you can create a user. The command to create a user is useradd, and then look at a few main parameters.

Useradd [- u UID] [- g initial group] [- G secondary group] [- m\ M] [- c description] [- d home directory absolute path] [- s shell] account name

-c,-- comment COMMENT user description-- d,-- home-dir HOME_DIR user's home directory-D,-- defaults default user configuration-e,-- expiredate EXPIRE_DATE user expiration date. Here you need to specify a number calculated from January 1, 1970. For example, 16925 represents the expiration date on May 4, 2016. Corresponding to part 8 of the password file,-f,-inactive INACTIVE specifies the time when the password expires. Here, a number is specified. For example, 10 means the password can be logged in within 10 days of expiration, but the password needs to be forcibly changed after login. Corresponding to part 7 of the password file-- g,-- gid GROUP user's GID-G,-- groups GROUPS lists the groups and secondary groups that the user can add,-- help help information-k,-- skel SKEL_DIR use this alternative skeleton directory-K,-- key KEY=VALUE override / etc/login.defs defaults-l -- no-log-init do not add the user to the lastlog and faillog databases-m,-- create-home forces you to create a home directory-M,-- no-create-home forces you not to create a home directory-N,-- no-user-group does not create a user whose group name is the same as the user name-o,-- non-unique allows you to create the same user uid By default, the user's UID is unique. Add the-o parameter to create the same UID without the user-p, and-- password PASSWORD to specify the password of the created user. Here the password is stored in ciphertext. So you also need to know how much the plaintext password corresponding to the ciphertext is-r,-- system to create a system user-s,-- shell SHELL to specify the user's shell-u,-- uid UID to specify the user's uid-U,-- user-group to create a user group with the same user name, which is the default-Z,-- selinux-user SEUSER use a specific SEUSER for the SELinux user mapping.

1. Create user test

Creating a user without parameters will create a user group with the same name by default, and the password will be empty. The user's UID and GID will be automatically added on the basis of the existing UID and GID after 500. by default, a home directory with the same name will be created by default.

[root@localhost ~] # useradd test [root@localhost ~] # grep test / etc/passwd / etc/shadow / etcGroupUniv etc/passwd / etc/shadow / EtcGroupGroupGroupGroupGroupGroupGroupGroupPassTestdDVR 501GroupGroupTestVAND 501WART 502 HomeTestVANG HomeTestVIEBY bashBash Bash Bash, root@localhost shadowtestVOVER0999999FUDFUGREDUTERVERVERVERVERVERVER: [root@localhost ~] # ll-d / home/test drwx-. 4 test test 4096 May 4 16:25 / home/test

two。 Create a user new to note that the user is test, specify that the user UID is 600, the initial group of the user is test, and the secondary group of the user is mysql, specify the expiration date of the user (note that the expiration date here also needs to be converted through January 1, 1970), and specify the expiration days of the user.

3. Create system user old

Although the created system user has a specified home directory in the user file, the corresponding user's directory is not actually created under the home directory, and the user mail notification directory is not created.

4. Create users who are not allowed to log in

5. Specify the user's home directory

First create a user's home directory

[root@localhost ~] # mkdir-p / test/home [root@localhost ~] # mkdir / test/home/testuser

Create a user and specify a home directory

[root@localhost] # useradd-d / test/home/testuser testuseruseradd: warning: the home directory already exists.Not copying any file from skel directory into it.

Note: the home directory here is the absolute path, that is, you specify which directory home directory will not create again under the directory you specify. There will be a warning that users cannot copy files to the home directory. Because the permissions of the home directory are still the permissions of the user who created the directory before, you need to give the home directory the user owner.

[root@localhost] # chown testuser:testuser / test/home/testuser [root@localhost ~] # ll / test/hometotal 4drwxr-xr-x. 2 testuser testuser 4096 May 5 06:22 testuser [root@localhost ~] #

Delete user

Userdel [options] LOGIN

-f,-- force forces the deletion of a user, regardless of whether the user is in use or not

-h,-- help help information

-r,-- remove deletes users and groups and deletes the user's home directory and mail notification directory

-Z,-- selinux-user deletes SELinux users

1. Delete users without parameters

Userdel testuser

Deleting without parameters will only delete users, passwords and user groups, but will not delete users' home directories and users' mail directories.

two。 Delete the user while deleting the user's home directory and mail notification directory

Userdel-r test

Deleting a user using the-r parameter deletes both the user's home directory and the user's mail notification directory, and if the user's user group is a user group that uses another user, the other user groups will not be deleted.

User group

Create a user group

Groupadd groupname

Delete a user group

Groupdel groupname

Modify user group

-- modify user group name groupmod-h newname oldname-- modify user group IDgroupmod-g newgid oldgid

The operation of the user group alone will not be used much, just need to know it here.

Thank you for reading! This is the end of the article on "how to create, modify and delete users and groups in Linux". I hope the above content can be of some help to you, so that you can learn more knowledge. if you think the article is good, you can share it for more people to see!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.