Shulou(Shulou.com)06/01 Report--

Commands related to user and group management:

Useradd 、 usermod 、 passwd 、 userdel

Groupadd 、 groupmod 、 gpasswd 、 groupdel

Chage,chsh, chfn

Id,w, who, whoami

Su

Useradd: creating user

-r: create a system user

-uUID: specify UID

-gGID: specifies the basic group to which the user belongs. This group must exist in advance.

-centering content:

-d/PATH/TO/SOMEWHERE: specify the home directory path of the user; this location cannot exist in advance, otherwise, its user-related configuration files will be copied; / etc/skel

-sSHELL: sets the user's default shell

Cat/etc/shells

-GGID,...: specifies the additional group to which it belongs

-M: do not create a home directory for users

Exercise: create a user Oracle with the additional group database and sql,ID number 3000 and the home directory / home/database

[root@localhost ~] # groupadd database-first create two additional groups [root@localhost ~] # groupadd sql [root@localhost ~] # useradd-G database Sql-u 3000-d / home/database Oracle [root@localhost ~] # tail / etc/group View the created user fuse:x:494:sshd:x:74:stapusr:x:156:stapsys:x:157:stapdev:x:158:tcpdump:x:72:slocate:x:21:database:x:500:Oraclesql:x:501:OracleOracle:x:3000: [root@localhost ~] # tail-1 / etc/groupOracle:x:3000: [root@localhost ~] # tail-1 / etc/passwdOracle:x:3000:3000::/home/database:/bin/bash [root@localhost ~] #

Groupadd: create group

Groupadd [OPTIONS] GROUPNAME

-gGID: specify the group ID

-r: create a system group

[root@localhost ~] # groupadd database-create two additional groups [root@localhost ~] # groupadd sql [root@localhost ~] # tail-3 / etc/groupdatabase:x:500:Oraclesql:x:501:OracleOracle:x:3000:

Su:switch user, switch users or execute commands as other users

Switching mode:

SuUSERNAME: incomplete handover; non-login handoff

Su- USERNAME or su- l USERNAME: full switch; login switch

Execute the specified command only as the specified user:

Su- USERNAME-c 'COMMAND'

Incomplete switching; non-login handoff:

[root@localhost ~] # su Oracle [Oracle@localhost root] $iduid=3000 (Oracle) gid=3000 (Oracle) groups=3000 (Oracle), 500 (database), 501 (sql) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 [Oracle@localhost root] $pwd/root [Oracle@localhost root] $exit

Complete handover

[root@localhost ~] # su-Oracle [Oracle@localhost ~] $iduid=3000 (Oracle) gid=3000 (Oracle) groups=3000 (Oracle), 500 (database), 501 (sql) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 [Oracle@localhost ~] $pwd/home/database [Oracle@localhost ~] $

Usermod: user attribute modification

Usermod[OPTION]... LOGIN

-uUID

-gGID

-GGID [, GID,...]: modify the additional group to which the user belongs; also use the-an option

-sSHELL

-centering content

-dHOME: when the user's home directory is changed to a new location, the user's original files will not be moved to the new home; the-m option enables it to be moved to the new home directory at the same time.

-lLOGIN:

-L:lock user

-U:unlock user

[root@localhost ~] # id Oracleuid=3000 (Oracle) gid=3000 (Oracle) groups=3000 (Oracle), 500 (database), 501 (sql) [root@localhost ~] # usermod-u 3001 Oracle [root@localhost ~] # id Oracleuid=3001 (Oracle) gid=3000 (Oracle) groups=3000 (Oracle), 500 (database), 501 (sql)

Passwd: add a password to the user

Passwd [OPTION] [UserName]

-l:lock user

-u:unlock user

-nmindays: the shortest useful life

-xmaxdays: default is 99999 days

-wwarndays:

-iinactivedays:

-- stdin: receives a user's password from standard output

[root@localhost ~] # passwd OracleChanging password for user Oracle.New password:BAD PASSWORD: it is based ona dictionarywordBAD PASSWORD: is too simpleRetype new password:passwd: all authentication tokens updatedsuccessfully. [root@localhost ~] # [root@localhost ~] # echo 'centos' | passwd--stdin OracleChanging password for user Oracle.passwd: all authentication tokens updatedsuccessfully. [root@localhost ~] #

Userdel: deleting a user

Userdel [- r] USERNAME

-r: delete the user's home directory at the same time

[root@localhost ~] # id Oracleuid=3000 (Oracle) gid=3000 (Oracle) groups=3000 (Oracle), 500 (database), 501 (sql) [root@localhost ~] # userdel-r Oracle [root@localhost ~] # id Oracleid: Oracle: No such user

Groupmod: group property modification

Groupmod [OPTION] GROUPNAME

-nGROUP_NAME

-gGID

[root@localhost ~] # cat / etc/group | tail-n 2database:x:500:sql:x:501: [root@localhost ~] # groupmod database-nssd-change the database group name to ssd [root@localhost ~] # cat / etc/group | tail-n 2sql:x:501:ssd:x:500: [root@localhost ~] # groupmod-g 505sql [root@localhost ~] # cat / etc/group | tail-n 2-change sql gid to 505sql:x: 505:ssd:x:500: [root@localhost ~] #

Gpasswd: setting group password

Parameter:-a: add user to group-d: remove user from group-A: specify administrator-M: specify group member and-A for similar purpose-r: delete password-R: restrict users from logging into the group Only members of the group can use newgrp to join the group [root@localhost ~] # gpasswd ssdChanging the password for group ssdNew Password:Re-enter new password: [root@localhost ~] # cat / etc/gshadow | tail-n 2sql gpasswd ssdChanging the password for group ssdNew Password:Re-enter new password / root@localhost 6$ group [root@localhost] #

Newgrp: switch the basic group to the specified group [root@localhost ~] # newgrp ssd

Groupdel: delete group [root@localhost ~] # cat / etc/group | tail-n 2sql:x:505:ssd:x:500: [root@localhost ~] # groupdel ssd [root@localhost ~] # cat / etc/group | tail-n 2slocate:x:21:sql:x:505: [root@localhost ~] #

Chage: modify the properties of user account and password chage [OPTION]. The LOGIN parameter means the minimum number of days that the-m password can be changed. 00:00 means you can change the password at any time. The maximum number of days that the-M password remains valid. -the number of days before the W user's password expires that the warning message is received in advance. -the date when the E account expires. After this day, this account will not be available. -d date of last change-I stagnation period. If a password has expired these days, then this account will not be available. -l exemplifies the current settings. It is up to unprivileged users to determine when their passwords or accounts expire. [root@localhost ~] # useradd oracle

[root@localhost ~] # cat / etc/passwd | tail-n 1

Oracle:x:500:500::/home/oracle:/bin/bash

[root@localhost ~] # chage-l oracle

Last password change: Aug 27,2015

Password expires: never

Password inactive: never

Account expires: never

Minimum number of days between passwordchange: 0

Maximum number of days between passwordchange: 99999

Number of days of warning before passwordexpires: 7

[root@localhost] # chage-M 90 oracle

[root@localhost] # chage-d 0-m 0-M 90murw 15 oracle

[root@localhost ~] # chage-l oracle

Last password change: passwordmust be changed

Password expires: password must be changed

Password inactive: password must be changed

Account expires: never

Minimum number of days between passwordchange: 0

Maximum number of days between passwordchange: 90

Number of days of warning before passwordexpires: 15

[root@localhost ~] #

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.