Shulou(Shulou.com)06/01 Report--

This article mainly explains "what are users and user groups in CentOS system management". The explanation in this article is simple and clear, and it is easy to learn and understand. Please follow the editor's ideas to study and learn what users and user groups are in CentOS system management.

One: create new users and user groups: useradd and groupadd

1 parameters of useradd:

-u: specify the UID tag number

-d: specify the host directory, default to / home/ user name

-e: specify the expiration time of the account (this option is also available in usermod below)

-g: specify the basic group (group name or GID) to which you belong

-G: specify the additional group (group name or GID) to which you belong

-M: do not establish and initialize the host directory for the user,

-s: specify the login shell of the user (default is / bin/bash, which is generally not changed. You can specify it when creating a non-login user.

For / sbin/nologin)

Note: these parameters can be used separately, and those that do not conflict can be used together when creating users.

Example 1: add user stu01, specify UID as 520, host directory as / public/stu01, and basic group as users (Note: the system itself is

If users exists, the group GID is 100), and the additional group is tech:

[root@localhost] # useradd-u 520-d / public/stu04-g users-G tech stu01

[root@localhost ~] # id stu01

Uid=520 (stu01) gid=100 (users) groups=100 (users), 200 (tech)

Example 2: add a user stu02 without establishing a host directory for the user:

[root@localhost ~] # useradd-M-s / sbin/nologin stu02 / / create a non-logged-in user stu02

[root@localhost ~] # cat / etc/passwd | grep stu02

The stu02:x:1001:1001::/home/stu02:/sbin/nologin / /-s parameter specifies bash shell

2Parameters of minute groupadd:

Gourpadd [- g GID] group name

The-g parameter specifies the GID of the new user group

[root@localhost ~] # groupadd-g 600 stu / / add a group stu and specify its GID as 600

[root@localhost ~] # cat / etc/group | grep stu / / View the information of the stu group

Stu:x:600:

Two: delete users and user groups

1,userdel

-format: userdel [- r] user name

Add the-r option and delete the host directory / user mail as well

Example:

[root@localhost~] # useradd user1;useradd user2 / / add users user1 and user2

[root@localhost~] # ll-d / home/user1/ / var/mail/user1 / home/user2/ / var/mail/user2 / / check whether the host directory and mail file of user1 and user2 exist

Drwx- 3 user1 user1 4096 02-1809VOV 53 / home/user1/

Drwx- 3 user2 user2 4096 02-1809VOV 53 / home/user2/

-rw-rw---- 1 user1 mail 0 02-18 09:53 / var/mail/user1

-rw-rw---- 1 user2 mail 0 02-18 09:53 / var/mail/user2

[root@localhost~] # userdel user1; userdel-r user2 / / the difference between adding-r

[root@localhost~] # ll-d / home/user1/ / var/mail/user1 / home/user2/ / var/mail/user2

Ls:/home/user2/: does not have that file or directory / / add-r and delete the host directory

Ls:/var/mail/user2: do not have that file or directory / / delete mail files after adding-r

Drwx- 3 1002 1002 4096 02-1809 53 / home/user1/

-rw-rw---- 1 1002 mail 002-18 09:53 / var/mail/user1

[root@localhost~] #

2PowerGroupdel: delete a user group

-format: groupdel group name

-the deleted target group cannot be the user's basic group.

-when deleting a user group, if the group is a private group of a member, it cannot be deleted. The members of the group must be deleted before the group can be deleted successfully.

[root@localhost~] # id user1 / / View basic groups and additional groups of user1

Uid=1002 (user1) gid=1002 (user1) groups=1002 (user1), 600 (stu)

[root@localhost ~] # grep stu / etc/group

Stu:x:600:user1,user2

As you can see in the above operation, the basic group of user1 is user1, and the additional group is stu, so now you can only delete stu, but not the group user1 directly. Because user1 group is a basic group, if you want to delete user1, you must first delete user1 users, and then delete user1 group. While stu group is not a basic group, it is just an additional group of user1 and user2, so you can delete it directly.

[root@localhost~] # groupdel user1 / / try to delete the user1 user group. Because the user1 group is the basic group of user1, you need to delete the user1 user before deleting the user1 group.

Groupdel: you cannot delete a user's primary group.

[root@localhost~] # groupdel stu

[root@localhost~] # grep stu / etc/group / / after deleting the stu group, you can't see the information about the stu group in the / etc/group file.

Three: add passwords for users and user groups

1. Add a password for the user:

Passwd command:

The options are:

-d: clear the user's password so that it can log in without a password

-l: lock the user account

-S: check the status of the user account (whether it is locked)

-u: unlock user account

-- stdin: standard input (such as pipes) to get passwords

Note: delete password with passwd-d instead of echo "" | passwd-- stdin user name

Example:

[root@localhosthome] # cat / etc/shadow | grep user3 / / check whether user3 has a password

User3:$1 $4vGPvNrTuring xrFPE9XQhl.w1jchu10woram purge 16119sweep 0pur999997vex:

[root@localhosthome] # passwd-d user3 / / use the-d option to delete the password

Removing passwordfor user user3.

Passwd: Success

[root@localhosthome] # cat / etc/shadow | grep user3 / / check again. The password is cancelled.

User3::16119:0:99999:7:::

[root@localhosthome] #

Example:

If you change a user's password, you can enter the passwd user name directly, then enter the interactive password to go to others, use-- stdin to set the password using non-interactive, and import the password directly.

[root@localhost/] # echo "123" | passwd-- stdin user3 / / set the password of user3 to 123, and use-- stdin to import the password interactively.

Changing password for user user3.

Passwd: all authentication tokensupdated successfully.

[root@localhost/] # passwd-l user3 / / Lock user3 account

Locking password for user user3.

Passwd: Success

[root@localhost/] # grep user3 / etc/shadow / / View the password information of the locked account. There are two "!"

User3rigNrTrunxrFPE9XQhl.w1jchu10woleman 16119VOV 99999PUR 7:

[root@localhost/] # passwd-S user3 / / use-S to see if it is locked

User3 LK 2014-02-180 99999 7-1 (Password locked.)

[root@localhost/] # passwd-u user3 / /-u parameter is unlocked

Unlocking password for user user3.

Passwd: Success.

[root@localhost/] # grep user3 / etc/shadow / / after unlocking, the password field of the account does not have "!"

User3:$1 $4vGPvNrTuring xrFPE9XQhl.w1jchu10woram purge 16119sweep 0pur999997vex:

[root@localhost/] #

2, the password of the user group gpasswd

Gpasswd group name: enter the interactive password input confirmation.

Gpasswd-r group name:-r option is to remove password, gpasswd-r group name is to clear the group password

The purpose of the group password: mainly because some users want to join the group, then they need to use the password of the group account, and this user joins temporarily, and you can exit the group by using exit.

IV: addition and deletion of user group members

Application of 1pr gpasswd in user group

-A: define a list of group administrators (you can view group administrators and group members in the / etc/gshadow file)

-a: add group members, only one at a time

-d: delete group members, only one at a time

-M: define a list of group members, multiple of which can be set (for override operations, users in the previous group will be deleted after the definition; note that when writing multiple member lists, separate them with commas)

Example:

[root@localhost ~] # grep user / etc/gshadow

User:!::

[root@localhost ~] # gpasswd-a user1 user / / add account user1 to user group

Adding user "user1" to "user" group

[root@localhost ~] # gpasswd-a user2 user / / add user2 to the user group

Adding user "user2" to "user" group

[root@localhost ~] # grep user / etc/gshadow | tail-1 / / View members of user user group

User:!::user1,user2

[root@localhost ~] # gpasswd-M stu01,stu02 user / /-M parameter overrides adding multiple users

[root@localhost ~] # cat / etc/gshadow | tail-1 / / check again, user1 and user2 are overwritten

User:!::stu01,stu02

[root@localhost ~] # gpasswd-d stu01 user / / remove stu01 from the user group

Removing user "stu01" from "user" group

[root@localhost ~] # cat / etc/gshadow | tail-1

Stu02 users are the only users left after deletion

[root@localhost ~] # gpasswd-A stu02 user / / set stu02 as administrator

[root@localhost ~] # grep user / etc/gshadow | tail-1

The third field in the gshadow file is the administrator account of the group, which is stu02

[root@localhost ~] #

2Pol usermod mainly changes the attributes of users, which can increase the additional groups to which user members belong.

Just use usermod's-a murg option (- a means add,-G specify group,-a Mel G is a new additional group)

Command: usermod-a-G user group username

[root@localhost~] # usermod-a-G tech stu02 / / add an additional group tech to stu02

[root@localhost~] # id stu02

Uid=501 (stu02) gid=1201 (nsd) groups=1201 (nsd), 200 (tech), 1204 (user)

Thank you for reading, the above is the content of "what are users and user groups in CentOS system management". After the study of this article, I believe you have a deeper understanding of what users and user groups are in CentOS system management, and the specific use needs to be verified in practice. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.