Shulou(Shulou.com)06/03 Report--

This paper briefly introduces how to add, delete and change accounts and groups under the Linux system.

1. Groupadd

Groupadd [options] group_name

-g GID: specifies that GID; defaults to the GID+1 of the previous group

-r: create a system group

II. Groupmod command: modify group properties

Groupmod [options] GROUP

-g GID: modify GID

-n new_name: modify the group name

3. Groupdel command: delete group groupdel [option] GROUP 4. Useradd command: create user

Useradd [option] login

-u,-- uid UID: specify UID

-g,-- gid GROUP: specify the basic group ID, which must exist in advance

-G,-- groups GROUP1 [, GROUP2,... [, GROUPN]]: indicates the additional group to which the user belongs. Groups are separated by commas.

-c,-- comment COMMENT: indicates the comment information

-d,-- home HOME_DIR: take the specified path as the user's home directory; this is achieved by copying / etc/skel this directory and renaming it; if the specified home directory path exists in advance, the environment configuration file will not be copied for the user

-s,-- shell SHELL: specifies the default shell of the user, and all available shell lists are stored in the / etc/shells file

-r,-- system: create a system user

Note: many default configuration files when creating a user are / etc/login.defs useradd-D: display the default configuration for creating the user; useradd-D option: modify the value of the default option; the modified results are saved in the / etc/default/useradd file; 5. Usermod command: modify user attributes

Usermod command: modifying user attribut

Usermod [option] login

-u,-- uid UID: modify the user's ID to the new UID specified here

-g,-- gid GROUP: modify the basic group to which the user belongs

-G,-- groups GROUP1 [, GROUP2,... [, GROUPN]]: modify the additional group to which the user belongs; the original additional group will be overwritten

-a,-- append: used with-G to append new additional groups to the user

-c,-- comment COMMENT: modify comment information

-d,-- home HOME_DIR: modify the user's home directory; the original files of the user will not be transferred to the new location

-m,-- move-home: can only be used with the-d option to move the original home directory to a new home directory

-l,-- login NEW_LOGIN: modify the user name

-s,-- shell SHELL: modify the user's default shell

-L,-- lock: lock the user's password; that is, add a "!" before the user's original password string;-U,-unlock: unlock the user's password; 6. Userdel command: delete the user's userdel [option] login-r: delete the user's home directory when you delete the user; 7. Chage command: change the user's password expiration information

Change [option] login

-d: the last time the password was changed, formatted in days from January 1, 1970.

-E: account expiration time. The format can be the number of days from January 1, 1970, or YYYY-MM-DD format.

-I: modify the password prohibition period, and how many days can you log in with the password after it expires?

-m: the minimum number of days to use the password

-M: maximum number of days to use the password

-W: password alarm days

-d,-- lastday recent date sets the last password setting time to "recent date"

-E,-- expiredate expiration date sets the account expiration time to the expiration date

-h,-- help displays this help and launches

-I,-- set the password to invalid after the inactive INACITVE expires INACTIVE days

-l,-- list displays account age information

-m,-- mindays minimum number of days sets the minimum number of days between two password changes to "minimum days"

-M,-- maximum number of days for maxdays sets the maximum number of days between two password changes to "maximum days"

-R,-- the directory to which root CHROOT_DIR chroot went

-W,-- warndays warning days set the overdue warning days to "warning days"

8. Practice

Exercise 1: create a user whose gentoo,UID is 4001, basic group is gentoo, additional group is distro (GID is 5000) and peguin (GID is 5001)

[root@liuqing ~] # groupadd-g 5000 distro

[root@liuqing ~] # groupadd-g 5001 peguin

[root@liuqing] # useradd-u 4001-G distro,peguin gentoo

[root@liuqing] # tail-3 / etc/group

Distro:x:5000:gentoo

Peguin:x:5001:gentoo

Gentoo:x:4001:

Exercise 2: create a user fedora with a comment message of "Fedora Core" and a default shell of / bin/tcsh

[root@liuqing ~] # useradd-c "Fedora Core"-s / bin/tcsh fedora

[root@liuqing] # tail-1 / etc/passwd

Fedora:x:4002:4002:Fedora Core:/home/fedora:/bin/tcsh

Exercise 3: change the home directory of gentoo users to / var/tmp/gentoo; to require that their original files can still be accessed by users; exercise 4: add an additional group netadmin for gentoo

[root@liuqing] # usermod-a-G netadmin gentoo

[root@liuqing] # tail-5 / etc/group

Distro:x:5000:gentoo

Peguin:x:5001:gentoo

Gentoo:x:4001:

Fedora:x:4002:

Netadmin:x:5002:gentoo

Exercise 5: chage Command practice

[root@liuqing gentoo] # useradd LYF

[root@liuqing gentoo] # tail / etc/shadow

LYF:!!:18192:0:99999:7:::

[root@liuqing gentoo] # chage-m 3 LYF

[root@liuqing gentoo] # chage-M 100 LYF

[root@liuqing gentoo] # chage-W 9 LYF

[root@liuqing gentoo] # chage-E 18900 LYF

[root@liuqing gentoo] # chage-I 15 LYF

LYF:$6 $stFDb1uW$GeXjAEdHsPD9j4jeKa8l.../:18192:3:100:9:15:18900:

Today is October 23rd, 2019. I changed my password today. The last time I changed my password was 18192 days. According to the password, the minimum use of the password is 3 days, the longest is 100 days, the advance alarm days are 9 days, the ban period is 15 days, and the account expiration time is 18900 days.

Lab 1: advance the time of the last password change by 50 days, you should be able to log in normally

[root@liuqing gentoo] # chage-d 18142 LYF

Experiment 2: if the time of the last password change is pushed forward 95 days on the basis of 18192, there should be an alarm.

[root@liuqing gentoo] # chage-d 18097 LYF

Warning: your password will expire in 5 days

Experiment 3: push forward the time of the last password change from 18192 to 105 days. You should change the password before you can log in.

[root@liuqing gentoo] # chage-d 18087 LYF

WARNING: Your password has expired.

You must change your password now and login again!

Changing password for user LYF.

Changing password for LYF.

(current) UNIX password:

Experiment 4: push forward the time of the last password change on the basis of 18192, and you should not be able to log in with your password.

[root@liuqing gentoo] # chage-d 18072 LYF

Your account has expired; please contact your system administrator

Connection closing...Socket close.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.