Shulou(Shulou.com)06/02 Report--

This article mainly introduces the relevant knowledge of linux user management operation, the content is detailed and easy to understand, the operation is simple and fast, and has a certain reference value. I believe you will gain something after reading this linux user management operation. Let's take a look at it.

1.linux user account classification

Superuser: root has the highest administrative authority on the system, UID=0.

Ordinary user: system user UID: > = 500,

UID: that is, the identity of each user, similar to everyone's ID number.

Virtual users: pseudo users are generally not used to log in to the system, it is mainly used to maintain the normal operation of a service. Such as: ftp,apache

User-group relationship:

One to one: a user can exist in one group; one to many: a user can exist in multiple groups

Many to one: multiple users can exist in one group; many to many: multiple users can exist in multiple groups

two。 User management commands commonly used to add users: useradd-d-u "UID"-g "initial group"-G "additional group"-s "logged in shell" user

Example:

Useradd-d / home/ # add user useradd-d / home/-G rna,dna-g rna # specify user group passwd # add password to user use command userdel delete user account userdel delete user and delete his working directory userdel-r Common commands add group groupaddgroupadd [- g gid [- o]] [- r] [- f] group

Parameter description:

-g: specify the id of the new workgroup

-r: create a system workgroup whose group ID is less than 500

-K: overwrite the configuration file "/ ect/login.defs"

-o: allows you to add workgroups whose group ID number is not unique.

-fmaine Murphy force: if the specified group already exists, this option will be blind and exit only in a successful state. When used with-g and the specified GID_MIN already exists, select another unique GID (that is,-g off).

# groupadd-g 344 rna # create a new group and add the group ID. Add or change the password to the user: passwd # Interactive echo 123456 | passwd-- stdin # No interactive user switching su

The su command actually means to switch users.

Example:

Su # switches to the root user by default, then enters the root password to switch the root user, and finally executes the exit command to switch to the original user. Su- # switches to root user and can change the current directory to root's user home directory / root. Su # switching users

Description: under root users, you can switch to any user owned by the system and do not need to enter their user password.

Add sudo members to easily manage servers

Giving sudo permission to some members allows you to skip root login and execute commands that only root has permission to execute. For example, change someone else's password: sudo passwd user1. Of course, the premise is that the currently logged-in user has permission to execute the command.

You can configure the / etc/sudoers file to grant sudo permissions to other members.

The content of the file is increased (part):

Root ALL= (ALL) ALL

# add the content of the previous line and change the meaning of the command whose user name is omicgene. Omicgene users can execute any sudo command. You need to enter the password of the omicsgene user at the same time.

3. User's profile

Adding users to the linux system is actually modifying the following three files, so you can also directly modify the following files to add users:

Name

Account information

State clearly

User Profil

/ etc/passwd

Some basic attributes of each user are recorded and readable to all users, each row of records corresponds to one user, and each row of records are separated by colons

User group file

/ etc/group

All the information of the user group is stored, and the group name cannot be repeated.

Password information corresponding to the user

/ etc/shadow

Because the passwd file is readable to all users, for security reasons, separate the password from the passwd and put it into this separate file, which only the root user has read permission to ensure password security.

3.1. / etc/passwd file stores user information file

The data is separated by a colon:

Tail-1 / etc/passwd:x:1001:1001::/home/:/bin/bash username x password placeholder 1001 UID of the user, which is the GID of the group to which the 1001 user belongs It is the user description information expressed in numbers to give a brief description of the user's function or otherwise / home/ user's home directory (the one represented by "~" in the shell prompt) / bin/bash users use shell3.2 / etc/shadow to store user password files after logging in to the system.

The data is separated by a colon:

Tail-1 / etc/shadow:$6$ YMszQvnu$U//qYqHjvQvKsADGnP7b9HLfBmmoO7BVJo0JdAQ.D1L97atkdQQZ2uo57Ro27mcheXFIaW.Vb4w0tv5MWflwo1:18315:0:99999:7:::

Name

Login name, which must be a valid account name in the system

Password

The encrypted password is divided into three parts. The first part indicates which hash algorithm is used; the second part is the salt; used to encrypt the hash. The third part is the encrypted hash.

Hash algorithm: $1 for MD5; $6 for SHA-512; $5 SHA-256

View help instructions:

Man 5 passwd

Man 5 shadow

Man 5 group

Man 3 crypt

Lastchange

The date of the last password change, expressed in days from 1970-1-1

Min-age

The minimum number of days that the password cannot be changed, which can only be changed a few days after the most recent change; if 0 means "minimum period requirement"

Maxage

Password expiration time, the maximum number of days before the password must be changed

Warning

The warning period for which the password is about to expire, expressed in days, and 0 means "No warning"

Inactive

Number of days of grace, after the password expires

Expire

Account expiration time, calculated on the basis of days from 1970-1-1 (millennium bug)

Blank

Reserved field

3.3./etc/group user group information file

The data is separated by colons. If a group has multiple members, we can see it in the last field in the / etc/group file.

[root@centos7 ~] # tail / etc/groupslocate:x:21:avahi:x:70:postdrop:x:90:postfix:x:89:ntp:x:38:tcpdump:x:72:wang:x:1000:wangvboxsf:x:982:dna:x:1101:rna:x:1100: user group name: password: user group ID: user list

The user group password is basically out of use now.'x' means there is no password. 3.4 Environment variable template file when adding user

These files are automatically copied to the user's home directory when you add the user. Therefore, some environment settings can be set in advance in the template to avoid errors caused by beginner users themselves and save the trouble of administrators. [root@centos7] # ll-a / etc/skel/total 24drwxr-xr-x. 3 root root 78 Feb 22 09:26. Drwxr-xr-x. 141 root root 8192 Feb 22 22:06.-rw-r--r--. 1 root root 18 Aug 8 2019 .bash _ logout-rw-r--r--. 1 root root 193 Aug 8 2019 .bash _ profile-rw-r--r--. 1 root root 231 Aug 8 2019. Bashrcdrwxr-xr-x. 4 root root 39 Feb 22 09:25 .mozilla

For example, the following is set in the template:

# Shortcut command alias e = "less-S" alias ee= "less-SN" alias l = "ls-lhtr" alias ll= "ls-lh" # Terminal displays the current directory export PS1= "\ [\ e [32m\]\ u\ [\ e [35m\] @\ [\ e [36m\]\ h\ [31m\]\ t\ w\ [\ e [32m\]]\ [\ e [36m\] $\ [\ e [m\]"

4. Other user-related commands:

Information about id users and groups

Whoami # View current valid user name

Who # displays the user information that is currently logged in to the system.

The w # w command is used to display a list of users who have logged in to the system

Users # is used to display a list of all users currently logged in to the system

Chage # requires users to change their passwords regularly

-m: the minimum number of days that the password can be changed. A value of 0 means you can change the password at any time

-M: the maximum number of days that the password remains valid

-W: number of days before the user's password expires to receive a warning message in advance

-E: date on which the account expires. After this day, this account will not be available

-d: date of the last change. 0 means that the password is forced to be updated at the next login chage-d 0 # to modify the user's password information: the user must change his or her password when logging in to the system for the first time

Usermod modifies user information

Syntax: usermod [parameter] user name

Common parameters:

-u UID

-d host directory

-g starting group # there can be only one

-G additional group # can have more than one

-s log in to shell

-L Lock usermod-u 1111 oracle # modify a user's uid about "what are the operations managed by linux users" this article ends here, thank you for reading! I believe that everyone has a certain understanding of "what is the operation of linux user management". If you want to learn more knowledge, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.