Shulou(Shulou.com)06/02 Report--

This article "Linux system how to view file properties" in addition to programmers, most people do not understand, today, in order to make you a better understanding of "Linux system how to view file properties", summed up the following content, with a certain reference value, the detailed steps are clear, details handled properly, I hope you can get something through this article, let's take a look at the specific content.

I. Management of user accounts in Linux system

The management of user accounts mainly involves the addition, modification and deletion of user accounts.

To add a user account is to create a new account in the system, and then assign resources such as user number, user group, home directory and login Shell to the new account. The account you just added is locked and cannot be used.

1. Use the useradd command to add a new user account. The syntax is as follows: useradd option user name

Parameter description:

Options:

-c comment specifies an annotative description.

The-d directory specifies the user's home directory, and if this directory does not exist, use the-m option at the same time to create a home directory.

-g user group specifies the user group to which the user belongs.

-G user group, which specifies the additional group to which the user belongs.

The-s Shell file specifies the user's login Shell.

The-u user number specifies the user number of the user, and if there is also the-o option, you can reuse the identification number of other users.

User name:

Specify the login name of the new account.

Example useradd-d / home/sam-m sam

This command creates a user sam where the-d and-m options are used to generate a home directory / home/sam for the login name sam (/ home is the parent directory where the default user home directory is located).

Example useradd-s / bin/sh-g group-G adm,root gem

This command creates a new user gem whose login Shell is / bin/sh, which belongs to the group user group, as well as to the adm and root user groups, where the group user group is its primary group.

New groups may be created here: # groupadd group and groupadd adm

To add a user account is to add a record to the new user in the / etc/passwd file, while updating other system files such as / etc/shadow, / etc/group, etc.

Linux provides an integrated system management tool userconf, which can be used to manage user accounts in a unified manner.

2. Delete the account

If a user's account is no longer in use, it can be deleted from the system. To delete a user account is to delete the user record in system files such as / etc/passwd and, if necessary, the user's home directory.

Delete an existing user account using the userdel command in the following format:

Userdel option user name

The common option is-r, which deletes the user's home directory together.

For example:

# userdel-r sam

This command deletes the records of the user sam in the system files (mainly / etc/passwd, / etc/shadow, / etc/group, etc.) and deletes the user's home directory.

3. Modify the account

To modify the user account is to change the relevant attributes of the user according to the actual situation, such as user number, home directory, user group, login Shell and so on.

Use the usermod command to modify the information of an existing user in the following format:

Usermod option user name

Common options include-c,-d,-m,-g,-G,-s,-u, and-o, which have the same meaning as the options in the useradd command and can specify new resource values for the user.

In addition, some systems can use the option:-l new user name

This option specifies a new account, changing the original user name to the new user name.

For example:

# usermod-s / bin/ksh-d / home/z-g developer sam

This command changes the login Shell of user sam to ksh, the home directory to / home/z, and the user group to developer.

4. Management of user password

One of the important contents of user management is the management of user password. The user account was created without a password, but it is locked by the system and cannot be used. It must be assigned a password before it can be used, even if an empty password is specified.

The Shell command to specify and modify a user password is passwd. Superusers can specify passwords for themselves and other users, and ordinary users can only use it to change their own passwords. The format of the command is:

Passwd option user name

Available options:

-l lock password, that is, disable the account.

The-u password is unlocked.

-d make the account without a password.

-f forces the user to change the password the next time he logs in.

If the default user name is used, the password of the current user is modified.

For example, assuming that the current user is sam, the following command modifies the user's own password:

$passwd Old password:* New password:* Re-enter new password:*

If you are a superuser, you can specify the password of any user in the following form:

# passwd sam New password:* Re-enter new password:*

When an ordinary user modifies his password, the passwd command asks the original password first, verifies it, and then asks the user to enter the new password twice. If the password entered twice is the same, the password is assigned to the user, while the superuser does not need to know the original password when assigning the password to the user.

For the sake of system security, users should choose more complex passwords, such as 8-digit long passwords, which contain uppercase, lowercase letters and numbers, and should be different from names, birthdays, and so on.

When you specify an empty password for the user, execute the following form of command:

# passwd-d sam

This command removes the password for user sam so that the next time user sam logs in, the system will no longer allow that user to log in.

The passwd command can also lock a user out of login with the-l (lock) option, for example:

# passwd-l sam II. Management of Linux system user groups

Each user has a user group, and the system can centrally manage all users in a user group. Different Linux systems have different rules for user groups, for example, users under Linux belong to a user group with the same name, which is created at the same time as the user is created.

The management of user groups involves the addition, deletion and modification of user groups. Group additions, deletions, and modifications are actually updates to the / etc/group file.

1. Add a new user group to use the groupadd command. The format is as follows: groupadd option user group

The options you can use are:

-g GID specifies the group identification number (GID) of the new user group.

-o is generally used in conjunction with the-g option to indicate that the GID of a new user group can be the same as the GID of an existing user group on the system.

Example 1: VR # groupadd group1

This command adds a new group group1 to the system, and the group identification number of the new group is added 1 to the current largest group identification number.

Example 2: # groupadd-g 101 group2

This command adds a new group group2 to the system and specifies that the group identification number of the new group is 101.

2. If you want to delete an existing user group, use the groupdel command, which is in the following format: groupdel user group for example: # groupdel group1

This command removes the group group1 from the system.

3. Use the groupmod command to modify the attributes of a user group. The syntax is as follows: groupmod option user group

Common options are:

-g GID specifies a new group identification number for the user group.

Using the-o option with the-g option, the new GID of the user group can be the same as the GID of the existing user group of the system.

-n New user group changes the name of the user group to a new name

Example 1: # groupmod-g 102 group2

This command changes the group identification number of the group group2 to 102.

Example 2 groupmod # groupmod-g 10000-n group3 group2

This command changes the identification number of the group group2 to 10000 and the group name to group3.

4. If a user belongs to multiple user groups at the same time, the user can switch between user groups in order to have the permissions of other user groups.

After logging in, the user can switch to another user group using the command newgrp, whose parameter is the destination user group. For example:

$newgrp root

This command switches the current user to the root user group, provided that the root user group is indeed the primary or additional group of the user. Similar to the management of user accounts, the management of user groups can also be accomplished through integrated system management tools.

System files related to user accounts

There are many ways to accomplish user management, but each method actually modifies the relevant system files.

Information about users and user groups is stored in some system files, including / etc/passwd, / etc/shadow, / etc/group, and so on.

The contents of these files are described below.

1. / etc/passwd file is the most important file involved in user management.

Each user in the Linux system has a corresponding record line in the / etc/passwd file, which records some basic attributes of the user.

This file is readable to all users. Its content is similar to the following example:

# cat / etc/passwdroot:x:0:0:Superuser:/:daemon:x:1:1:System daemons:/etc:bin:x:2:2:Owner of system commands:/bin:sys:x:3:3:Owner of system files:/usr/sys:adm:x:4:4:System accounting:/usr/adm:uucp:x:5:5:UUCP administrator:/usr/lib/uucp:auth:x:7:21:Authentication administrator:/tcb/files/auth:cron:x : 9:16:Cron daemon:/usr/spool/cron:listen:x:37:4:Network daemon:/usr/net/nls:lp:x:71:18:Printer administrator:/usr/spool/lp:sam:x:200:50:Sam san:/home/sam:/bin/sh

From the above example, we can see that a row of records in / etc/passwd corresponds to a user, and each row of records is divided into seven fields by a colon (:). The format and specific meaning are as follows:

User name: password: user identification number: group identification number: annotative description: home directory: login Shell1) "user name" is a string that represents the user account.

It is usually no more than 8 characters long and consists of uppercase and lowercase letters and / or numbers. There cannot be a colon (:) in the login, because the colon is the delimiter here.

For compatibility, it is best not to include a dot character (.) in the login name and not to start with a hyphen (-) and a plus sign (+).

2) password in some systems, encrypted user passwords are stored.

Although this field holds only an encrypted string of user passwords, not clear text, this is still a security concern because the / etc/passwd file is readable to all users. Therefore, many Linux systems (such as SVR4) now use shadow technology to store the real encrypted user password in the / etc/shadow file, while only one special character, such as "x" or "*", is stored in the password field of the / etc/passwd file.

3) the "user identification number" is an integer that is used to identify the user within the system.

In general, it corresponds to the user name one by one. If several user names have the same user identification number, they will be treated as the same user internally, but they can have different passwords, different home directories, different login Shell, and so on.

Usually the value range of the user identification number is 0-65-535. 0 is the identification number of the super user root, and 1x 99 is reserved by the system. As an administrative account, the identification number of the ordinary user starts from 100. In Linux systems, the limit is 500.

4) the Group Identification number field records the user group to which the user belongs.

It corresponds to a record in the / etc/group file.

5) the annotative description field records some personal information of the user.

For example, the user's real name, phone number, address, etc., this field has no practical use. The format of this field is not uniform in different Linux systems. In many Linux systems, this field holds an arbitrary annotative description text that is used as the output of the finger command.

6) "home directory", that is, the user's starting working directory.

It is the directory where the user is located after logging in to the system. In most systems, each user's home directory is organized under the same specific directory, and the name of the user's home directory is the user's login name. Each user has read, write, and execute (search) rights to his home directory, and other users' access to this directory is set on a case-by-case basis.

7) after the user logs in, it starts a process, which is responsible for passing the user's operation to the kernel. This process is the command interpreter or a specific program, namely Shell, that the user runs after logging in to the system.

Shell is the interface between the user and the Linux system. There are many kinds of Shell for Linux, each of which has its own characteristics. The commonly used ones are sh (Bourne Shell), csh (C Shell), ksh (Korn Shell), tcsh (TENEX/TOPS-20 type C Shell), bash (Bourne Again Shell) and so on.

The system administrator can specify a Shell for the user according to the system condition and the user's habit. If Shell is not specified, the system uses sh as the default login Shell, that is, the value of this field is / bin/sh.

The user's login Shell can also be specified as a specific program (this program is not a command interpreter).

Taking advantage of this feature, we can restrict the user to run only the specified application, and when the application is finished, the user automatically exits the system. Some Linux systems require that only those programs that are registered in the system appear in this field.

8) there is a class of users in the system called pseudo users (pseudo users).

These users also have a record in the / etc/passwd file, but cannot log in because their login Shell is empty. Their existence is mainly to facilitate system management and meet the requirements of the corresponding system processes for file owners.

Common pseudo-users are as follows:

Pseudo user implied bin has executable user command file sys owns system file adm owns account file uucp UUCP uses lp lp or lpd subsystem uses nobody NFS to own account file

1. In addition to the pseudo-users listed above, there are many standard pseudo-users, such as audit, cron, mail, usenet, etc., all of which are required by related processes and files.

Because the / etc/passwd file is readable by all users, if the user's password is too simple or the law is obvious, an ordinary computer can easily crack it, so the Linux system with higher security requirements separates the encrypted passwords and stores them separately in a file, which is / etc/shadow file. Only a super user has read access to the file, which ensures the security of the user's password.

2. The record line in / etc/shadow corresponds to the one-to-one in / etc/passwd, which is automatically generated by the pwconv command according to the data in / etc/passwd

Its file format is similar to / etc/passwd and consists of several fields separated by ":". These fields are:

Login name: encrypted password: last modified time: minimum time interval: maximum time interval: warning time: inactivity time: failure time: flag

Login name is a user account that matches the login name in the / etc/passwd file

The password field stores the encrypted user password, which is 13 characters long. If empty, the corresponding user does not have a password and does not need a password to log in; if it contains characters that do not belong to the collection {. / 0-9A-Za-z}, the corresponding user cannot log in.

"Last modified time" represents the number of days from a certain time to the time when the user last changed the password. The time starting point may be different for different systems. In SCO Linux, for example, the time starting point is January 1, 1970.

The "minimum time interval" refers to the minimum number of days between password changes.

The "maximum time interval" refers to the maximum number of days that the password remains valid.

The warning time field represents the number of days between the time the system warns the user and the time the user's password officially expires.

"inactive time" represents the maximum number of days that the user has no login activity but the account can remain valid.

The "expiration time" field gives an absolute number of days, and if this field is used, the lifetime of the corresponding account is given. After the expiration of the period, the account is no longer a legitimate account and can no longer be used to log in.

Here is an example of / etc/shadow:

# cat / etc/shadowroot:Dnakfw28zf38w:8764:0:168:7:::daemon:*::0:0::::bin:*::0:0::::sys:*::0:0::::adm:*::0:0::::uucp:*::0:0::::nuucp:*::0:0::::auth:*::0:0::::cron:*::0:0::::listen:*:: 0:0::::lp:*::0:0::::sam:EkdiSECLWPdSa:9740:0:0::::3 、 All the information about the user group is stored in the / etc/group file.

Grouping users is a means to manage users and control access rights in Linux system.

Each user belongs to a user group; there can be multiple users in a group, or a user can belong to a different group.

When a user is a member of multiple groups at the same time, the primary group to which the user belongs is recorded in the / etc/passwd file, that is, the default group to which the user is logged in, while the other groups are called additional groups.

When users want to access files that belong to an additional group, they must first use the newgrp command to make themselves a member of the group they want to access.

All the information about the user group is stored in the / etc/group file. The format of this file is also similar to the / etc/passwd file, with several fields separated by a colon (:), which are:

Group name: password: group identification number: list of users in the group

Group name is the name of the user group, consisting of letters or numbers. Like the login in / etc/passwd, the group name should not be duplicated.

The password field stores the encrypted password of the user group. In general, the user group of a Linux system does not have a password, that is, this field is usually blank or *.

The group identification number, similar to the user identification number, is also an integer that is used internally by the system to identify the group.

The "list of users in a group" is a list of all users belonging to this group / b], separated by commas (,). This user group may be the user's primary group or an additional group.

An example of the / etc/group file is as follows:

Root::0:rootbin::2:root,binsys::3:root,uucpadm::4:root,admdaemon::5:root,daemonlp::7:root,lpusers::20:root,sam IV. Add batch users

Adding and removing users is easy for every Linux system administrator, but the tricky thing is that if we want to add dozens, hundreds, or even thousands of users, we are unlikely to add useradd one by one, so we have to find an easy way to create a large number of users. The Linux system provides tools to create a large number of users, which allows you to create a large number of users immediately, as follows:

(1) first edit a text user file.

Each column is written in the format of the / etc/passwd password file. Note that each user's user name, UID, and host directory can not be the same, in which the password field can be left blank or enter the x number. A sample file, user.txt, contains the following:

User001::600:100:user:/home/user001:/bin/bashuser002::601:100:user:/home/user002:/bin/bashuser003::602:100:user:/home/user003:/bin/bashuser004::603:100:user:/home/user004:/bin/bashuser005::604:100:user:/home/user005:/bin/bashuser006::605:100:user:/home/user006:/bin/bash (2) executes the command / usr/sbin/newusers as root Import data from the newly created user file user.txt, create users: # newusers can then execute the command vipw or vi / etc/passwd to check whether the data for these users has already appeared in the / etc/passwd file, and whether the user's host directory has been created. (3) execute command / usr/sbin/pwunconv. Decode the shadow password generated by / etc/shadow, then write back to / etc/passwd, and delete the shadow password field of / etc/shadow. This is to facilitate the next step of password conversion, that is, to cancel the shadow password function first. # pwunconv (4) Edit the password comparison file for each user. The format is: user name: password instance file passwd.txt content is as follows: user001:123456user002:123456user003:123456user004:123456user005:123456user006:123456 (5) execute command / usr/sbin/chpasswd as root. Create a user password, and chpasswd writes the password encoded by the / usr/bin/passwd command to the password field of / etc/passwd. # chpasswd (6) determines that the password is encoded into the password field of / etc/passwd. Execute the command / usr/sbin/pwconv to encode the password as shadow password and write the result to / etc/shadow. # pwconv so far, the tutorial on viewing file types in Linux system has been shared with you. Friends are welcome to leave comments in the comments area. The above is the Linux system-related content shared by Liangxu tutorial Network for all friends. If you want to know more about Linux, remember to follow the official account "good Linux", or scan the QR code below to follow, more practical information is waiting for you! What are the versions of Linux? the versions of Linux are Deepin, UbuntuKylin, Manjaro, LinuxMint, Ubuntu and so on. Among them, Deepin is one of the best-developed Linux distributions in China; UbuntuKylin is a derivative release based on Ubuntu; Manjaro is a Linux release based on Arch; LinuxMint's default Cinnamon desktop is similar to Windows XP's easy-to-use; Ubuntu is the Linux operating system based on desktop applications.

Thank you for your reading. I hope you have a certain understanding of the key issue of "how to view file properties in the Linux system". The specific usage still needs to be understood through hands-on experiments. Try it quickly. If you want to read more articles about relevant knowledge points, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.