Shulou(Shulou.com)06/02 Report--

1. Commonly used command line management tools:

(1) useradd: add a user name after useradd to create a new user. By default, the useradd command without the-m parameter does not establish a home directory for new users. In this case, the user can log in to the shell of the system, but not the graphical interface (this is because the desktop environment, whether KDE or GNOME, requires some configuration files in the user's home directory). When logging in to shell, the system guides the user to the root directory because there is no home directory.

For example:

Useradd nox # creates a user named nox but does not assign a home directory to it

Passwd nox # set the password of the nox user

Common options:

-m: specify the user's home directory. Example: useradd-m / home/nox nox # creates a user named nox and assigns its home directory to / home/nox

-g: specifies the group to which the user belongs. Example: useradd-g nox nox # creates a user named nox, but does not assign a home directory to it, and specifies that its group is nox

Note: useradd without-g by default creates a user group with the same name for the user when creating a new user, and then classifies the user into this group, which is the case in the above example.

-s: used to specify the shell that the user will use after logging in. Commonly used are BASH, TCSH, ZSH (Z-Shell), SH (Bourne Shell) and so on. If you do not specify the-s parameter, the default is to log in to the system using sh (BASH).

(2) groupadd: used to add a group to the system.

Example: sudo groupadd newgroup # adds a group named newgroup to the system

(3) userdel: used to delete user accounts. By default, userdel does not delete the user's home directory. Unless the-r option is used.

Example: sudo userdel mike # deletes the user mike without deleting its home directory.

Sudo userdel-r mike # removes the user mike and deletes its home directory.

(4) usermod: modify existing user accounts.

Common options:

-d: modify the user's home directory.

-e: modify the validity period of the account. Expressed as a month / day / year (MM/DD/YY).

-g: modify the group to which the user belongs.

-l: modify the user's account name.

-s: modify the shell used by the user after logging in.

Example: sudo usermod-l mike-d / home/mike-e 12-31-13 john # renamed john to mike, changed the home directory to / home/mike, and set the account to be valid until December 31, 2013.

(5) history: view the operation record of the current user. These records are stored in the hidden file. Bash_history in the user's home directory. Root can read actions made by other users through this file.

Example: history # View all action records made by the current user

History 10 # View the last 10 action records made by the current user

(6) id: check the user's UID, GID and the group to which they belong. The usage is to connect the user to be queried directly after the id.

For example: id nobody # View the information of user nobody

(7) su: the su command without any operation promotes the user to root permissions. Permissions obtained through root will continue until you exit using the exit command.

Note: try to use the su command through the absolute path, which is usually saved in the / bin directory, which will, to some extent, prevent a program named su under the search path from stealing the user's master password.

Example: su # switch to root user

/ bin/su # switch to root user

2. Configuration file / etc/sudoers:

Have readers ever wondered why we can use sudo to temporarily gain access to root? This is configured in the configuration file / etc/sudoers.

Let's take a look at this file.

Taking the phrase "root ALL = (ALL) ALL" as an example, this configuration specifies that root users can use sudo to execute any command (third ALL) on any machine (the first ALL) under any identity (the second ALL). "% admin" replaces all users who belong to the admin group, and the user we created at the time of installation (Ubuntu) is automatically added to the admin group. This is why we can use sudo to temporarily get root permissions.

In general, each line of permission description in sudoer contains the following:

A: the user used by this permission

B: on which hosts does this line configuration apply

C: commands that the user can run

D: as which user should the command be executed

For example, users of the admin group can execute sudo-u peter touch new_file to create a file new_file as peter.

It may be that the newly created user peter does not have enough privileges.

3. Configuration file / etc/passwd:

Basic information about the user is stored in this configuration file. Each line represents a user. The contents are roughly as follows:

Each row consists of seven fields, separated by colons. The meanings of each field are as follows:

A: login name.

B: password placeholder.

C: user id. (UID)

D: default group id. (GID)

E: user's private information.

F: user home directory.

G: the shell used for login.

4. / etc/shadow file:

This file holds the user's password, which is visible in encrypted form and is readable only to root.

The meanings of each field are as follows:

A: login name.

B: encrypted password.

C: the date when the password was last modified. It is calculated as an absolute date, starting with 1970.01.01.

D: the minimum number of days to change the password twice.

E: the maximum number of days to change the password twice.

F: how many days in advance remind the user to change the password.

G: disable the password after how many days it expires.

H: date on which the account expires.

I: reserved.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.