In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-01-21 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/01 Report--
This article mainly explains "introduction of user management methods in Linux system". Interested friends may wish to have a look at it. The method introduced in this paper is simple, fast and practical. Next, let the editor take you to learn the introduction of user management methods in the Linux system.
User-managed profile
User information file: / etc/passwd
Password file: / etc/shadow
User group file: / etc/group
User group password file: / etc/gshadow
User profile:
/ etc/login.defs
/ etc/default/useradd
New user information file: / etc/ske1
Login Information: / etc/motd / etc/issue
/ etc/passwd file format
User Typ
There are three types of Linux users:
Super user (root UID=0)
Ordinary users (UID 500-60000)
Pseudo user (UID 1-499)
Note: root is not necessarily a superuser, but the user of UID=0 must be a superuser.
Pseudo user
Pseudo users are related to system and program services
Bin daemon shutdown halt, etc., any linux system has these pseudo users by default.
Mail news games apache ftp mysql and sshd are related to the process of linux system.
Pseudo users usually do not need or cannot log in to the system.
There can be no host directory
User group
Each user belongs to at least one user group
Each user group can include multiple users
Users of the same user group have the permissions shared by that group
/ etc/shadow file format
/ etc/group file format
Add users manually
Add a record to the / etc/passwd, / etc/group, and / etc/shadow files, respectively
Create a user host directory
Set the default profile in the user host directory
Set the user's initial password
SetUID
Think about it: why can ordinary users change their passwords?
Definition of SetUID: when an executable program has SetUID privileges, the user executes the program as the owner of the program.
Example: 1. Grant SetUID permission to the touch command
two。 When the vi command, grant SetUID permission
3. Find the SetUID program:
The code is as follows:
Find /-perm-4000-o-perm-2000
Add user
Useradd setting options user name-D View default parameters
U:UID
G: default user group GID
G: specify multiple groups to which the user belongs
D: host directory
S: command interpreter shell
C: description information
E: specify user failure time
The code is as follows:
# useradd ksharpdabu / / add ksharpdabu as an account
# passwd ksharpdabu / change the password of ksharpdabu
Or if you are familiar with system files, you can add users manually.
User group management command
Add user Group groupadd
The code is as follows:
Groupadd-g 888 webadmin
Create a user group webadmin with a GID of 888
Delete user group: groupdel group name
The code is as follows:
# groupdel webuser / / Delete the group webuser
Modify user group galaxies: groupmod
The code is as follows:
# groupmod-n apache webadmin
Modify the webadmin group name to apache
User group management command
Gpasswd sets group password and manages the members of the group
-an add users to user groups
-d remove a user from a user group
-A sets the user group administrator
-r Delete user group password
-R prevents users from switching to this group
Modify user information
Usermod
The code is as follows:
# usermod-G softgroup ksharpdabu
Add user ksharpdabu to the softgroup user group
The code is as follows:
# usermod-l ksharpdabu-d / home/samlee-g webadmin Tom
Change the login user name of user Tom to ksharpdabu, join the wenadmin group, and change the user directory to / home/ ksharpdabu
User management command
Pwk detection / etc/passwd file (locked file)
Vipw Editing / etc/passwd File
Id views user id and group information
Finger views user details
Su switch user (su-environment variable switch)
Passwd-S View user password status
Who, w to view the information of the currently logged in user
User group management command
Groups to see which user groups the user belongs to
Newgrp switch user group
Grpck user Group profile Detection
Chgrp modifies the group to which the file belongs
Vigr edit / etc/group file (lock file
User group authorization instance
Authorized users jack and mary have write access to the directory / software
The code is as follows:
# groupadd softadm
# usermod-G softadm jack
# gpasswd-a mary softadm
# chgrp softadm / software
# chmod Grouw / software
The code is as follows:
# ls-ld / software
Drwxrwxr-x 2 root softadm 512 Jul 14 06:17 / software
# grep softadm / etc/group
Softadm::100:jack,mary
Disable and restore users
Forbidden
The code is as follows:
# usermod-L username
# passwd-l username
Restore
The code is as follows:
# usermod-U username
# passwd-u username
Delete user
Userdel-r user name
-r: delete user directory
Delete manually:
Use the find command to find files that belong to a user or user group
Find options-user,-uid,-group,-gid
Move and back up the files that need to be kept
Delete unwanted files
Clear related table items in user files
Clear the user host directory
User management command
Change set password
-l View user password settings
-m password modification minimum number of days
Maximum number of days for M password modification
-d date the password was last modified
-l the number of days after the password expires to lock the account
-E sets the expiration date of the password. If 0, the password expires immediately; if-1, the password never expires.
-W sets the number of days to start warning before the password expires
Enable or deactivate the shadow feature
Pwconv/pwunconv
Grpconv/grpunconv
System-config-users
Authconfig / etc/sysconfig/authconfig
Add users in batch
The newusers command imports the user information file
The pwunconv command cancels the shadow password function
Chpasswd command imports password file (password file format: username: password)
The pwconv command writes the password to the shadow file
Example: add 10 users in batch
Limit the user su to root:
The code is as follows:
# groupadd sugroup
# chmod 4550 / bin/su
# chgrp sugroup / bin/su
# ls-l / bin/su
-RMursr Musi x-1 root sugroup 18360 Jan 15 2010 / bin/su
Once set, only users in the sugroup group can use su to switch to root
The code is as follows:
# useradd helen
# passwd helen
# usermod-G sugroup helen / / add su permissions to helen
Replace su with sudo:
Temporarily becomes root when executing the sudo command
The root password will not be disclosed
Only limited command permissions are provided to the user
Configuration file: / etc/sudoers, edit configuration file command visudo
The normal user uses the command sudo.
Format: user name (group name) host address = command (absolute path)
The usage of system weak password testing tool John the ripper
The code is as follows:
# tar-xzvf john-1.7.6.tar.gz
# cd john-1.7.6/run
# make
Crack the user's ksharpdabu password
The code is as follows:
# grep ksharpdabu / etc/passwd > / test/ksharpdabu.passwd
# grep ksharpdabu / etc/shadow > / test/ksharpdabu.shadow
# / test/john-1.6.6/run/unshadow / test/ksharpdabu.passwd
/ test/ksharpdabu.shadow > / test/ksharpdabu.john
# / test/john-1.6.6/run/john / test/ksharpdabu.john
At this point, I believe you have a deeper understanding of the "introduction of user management methods in the Linux system". You might as well do it in practice. Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 251
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.