Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

Linux account and rights management (details + illustration)

2025-04-04 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Share

Shulou(Shulou.com)06/02 Report--

I. Management of users and groups

-types of users in Linux:

Root: administrator, with supreme authority, unrestricted, UID of 0

Ordinary user: a user created by an administrator. Subject to permission restrictions, the UID is generally 5000060000 and can log in to the system.

Program users: install the application, created by the system, UID is generally 1x500, generally can not log in to the system, shell is generally / sbin/nologin

-types of groups in Linux:

Basic group (private group) A user has only one private group. When a user creates directories and files, the default subordinate group for directories and files is the basic group.

Additional groups (public groups) users can have multiple additional groups

-user management:

/ etc/passwd # stores the user's information

Root: user account

X: password placeholder

0:uid

0:gid

Root: descriptive information

Root: home directory

/ bin/bash: log in to shell

/ etc/shadow # stores the user's password information, etc. (corresponds to each line of / etc/passwd user information)

The red part after root: ciphertext, usually generated by HASH algorithm

14374: time from January 1, 1970 to the present (in days)

0: minimum password life

99999: the longest valid period of password

7: password expiration reminder 7 days in advance

... How long will the account expire and the items will be retained

-add user account

Useradd command

Useradd [options]... User name

-u: specify the UID tag number

-d: specify the host directory, default to / home/ user name (the specified directory will be created on its own, and the initial configuration file will not be copied when the specified directory exists)

-e: specify the expiration time of the account

-g: specify the basic group name (or UID number) of the user

-G: specify the additional group name (or GID number) of the user (cannot create the user when the specified additional group does not exist)

-M: do not create and initialize host directories for users

-s: specifies the login Shell of the user

-set / change user password

Passwd command

Passwd [options]... User name

-d: clear the user's password so that it can log in without a password

-l: lock the user account

-S: check the status of the user account (whether it is locked)

-u: unlock user account

Supplement: standard input:

Echo "123456" | passwd-- stdin test02

Set the password 123456 to the test02 account

-exit

You can return the account from the last time you switched it.

-modify the attributes of a user's account

Usermod command

Usermod [options]... User name

-l: change the login name of the user account

-L: lock user account

-U: unlock user account

-u: specify the UID tag number

-d: specify the host directory, default to / home/ user name

-e: specify the expiration time of the account

-g: specify the basic group name (or UID number) of the user

-G: specify the user's additional group name (or GID number)

-M: do not create and initialize host directories for users

-s: specifies the login Shell of the user

-Delete user account

Userdel command

Userdel [- r] username (when the-r option is added, the user's host directory is deleted)

-initial configuration file of user account:

File source: copied from / etc/skel directory

Main user initial profile:

Execute each time the user logs in

Execute each time you enter a new bash environment

Execute each time the user logs out

Group account file

-add a group account

Groupadd command

Groupadd [- g GID] group account name

Both basic groups and additional groups are in / etc/group

-add / remove group members

Gpasswd command

Purpose: set group account password (rarely used), add / remove group members

Gpasswd [options]... Group account name

-a: add a user to the group

-d: removes a user member from the group

-M: define a list of group members separated by commas (will overwrite the original group members)

-Delete a group account

Groupdel command

Groupdel group account name

-query account information:

Id command

Purpose: query user identity

Format: id [user name]

Groups command

Purpose: query the group to which the user belongs

Format: groups [user name]

Finger command

Purpose: to query the details of user accounts

Format: finger [user name]

Users, w, who commands

Purpose: query user information that has logged in to the host

Two. attributes of files and directories: owners, groups, permissions

-permissions and attribution of files / directories

a. Access permission

Read r: allows you to view file contents and display directory lists

Write w: allows file contents to be modified, new files or subdirectories to be created, moved, or deleted in the directory

Executable x: allows you to run programs and change directories

b. Ownership (ownership)

Owner: the user account that owns the file or directory

Group: the group account that owns the file or directory

Ls-l gets the result analysis after executing the command

Example:

The first character: indicates the type of file or directory:

D (table of contents)

B (block device file)

C (character device file)

"-" (ordinary document)

"l" (linked file)

2-4 characters: indicates the authority of the owner

5-7 characters: indicates permissions that belong to a group

8-10 characters: indicates the permissions of others

34298: file size in bytes

04-02 00:23: file creation time

Install.log: file name

The basic permissions in Linux are divided into r (4), w (2), x (1).

View permissions and attribution of files / directories

-set permissions for files and directories

Chmod command

Format 1:chmod [ugoa] [+-=] [rwx] file or directory.

Format 2:chmod nnn file or directory. (recommended)

Common command options

-R: recursively modify the brand new of all subitems under the specified directory

-set the attribution of files and directories

Chown command

Format: chown master file or directory

Chown: a group file or directory

Chown owner: group file or directory

Common command options

-R: recursively modify the attribution of all files and subdirectories under the specified directory

-setting of the file permission mask

Umask can set the default permissions when creating new files and directories (default permissions = existing default permissions-permission mask)

Umask to view the current permission mask

Umask [permission mask]

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Servers

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report