Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

Introduction of user Management method in Linux system

2025-01-21 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Share

Shulou(Shulou.com)06/01 Report--

This article mainly explains "introduction of user management methods in Linux system". Interested friends may wish to have a look at it. The method introduced in this paper is simple, fast and practical. Next, let the editor take you to learn the introduction of user management methods in the Linux system.

User-managed profile

User information file: / etc/passwd

Password file: / etc/shadow

User group file: / etc/group

User group password file: / etc/gshadow

User profile:

/ etc/login.defs

/ etc/default/useradd

New user information file: / etc/ske1

Login Information: / etc/motd / etc/issue

/ etc/passwd file format

User Typ

There are three types of Linux users:

Super user (root UID=0)

Ordinary users (UID 500-60000)

Pseudo user (UID 1-499)

Note: root is not necessarily a superuser, but the user of UID=0 must be a superuser.

Pseudo user

Pseudo users are related to system and program services

Bin daemon shutdown halt, etc., any linux system has these pseudo users by default.

Mail news games apache ftp mysql and sshd are related to the process of linux system.

Pseudo users usually do not need or cannot log in to the system.

There can be no host directory

User group

Each user belongs to at least one user group

Each user group can include multiple users

Users of the same user group have the permissions shared by that group

/ etc/shadow file format

/ etc/group file format

Add users manually

Add a record to the / etc/passwd, / etc/group, and / etc/shadow files, respectively

Create a user host directory

Set the default profile in the user host directory

Set the user's initial password

SetUID

Think about it: why can ordinary users change their passwords?

Definition of SetUID: when an executable program has SetUID privileges, the user executes the program as the owner of the program.

Example: 1. Grant SetUID permission to the touch command

two。 When the vi command, grant SetUID permission

3. Find the SetUID program:

The code is as follows:

Find /-perm-4000-o-perm-2000

Add user

Useradd setting options user name-D View default parameters

U:UID

G: default user group GID

G: specify multiple groups to which the user belongs

D: host directory

S: command interpreter shell

C: description information

E: specify user failure time

The code is as follows:

# useradd ksharpdabu / / add ksharpdabu as an account

# passwd ksharpdabu / change the password of ksharpdabu

Or if you are familiar with system files, you can add users manually.

User group management command

Add user Group groupadd

The code is as follows:

Groupadd-g 888 webadmin

Create a user group webadmin with a GID of 888

Delete user group: groupdel group name

The code is as follows:

# groupdel webuser / / Delete the group webuser

Modify user group galaxies: groupmod

The code is as follows:

# groupmod-n apache webadmin

Modify the webadmin group name to apache

User group management command

Gpasswd sets group password and manages the members of the group

-an add users to user groups

-d remove a user from a user group

-A sets the user group administrator

-r Delete user group password

-R prevents users from switching to this group

Modify user information

Usermod

The code is as follows:

# usermod-G softgroup ksharpdabu

Add user ksharpdabu to the softgroup user group

The code is as follows:

# usermod-l ksharpdabu-d / home/samlee-g webadmin Tom

Change the login user name of user Tom to ksharpdabu, join the wenadmin group, and change the user directory to / home/ ksharpdabu

User management command

Pwk detection / etc/passwd file (locked file)

Vipw Editing / etc/passwd File

Id views user id and group information

Finger views user details

Su switch user (su-environment variable switch)

Passwd-S View user password status

Who, w to view the information of the currently logged in user

User group management command

Groups to see which user groups the user belongs to

Newgrp switch user group

Grpck user Group profile Detection

Chgrp modifies the group to which the file belongs

Vigr edit / etc/group file (lock file

User group authorization instance

Authorized users jack and mary have write access to the directory / software

The code is as follows:

# groupadd softadm

# usermod-G softadm jack

# gpasswd-a mary softadm

# chgrp softadm / software

# chmod Grouw / software

The code is as follows:

# ls-ld / software

Drwxrwxr-x 2 root softadm 512 Jul 14 06:17 / software

# grep softadm / etc/group

Softadm::100:jack,mary

Disable and restore users

Forbidden

The code is as follows:

# usermod-L username

# passwd-l username

Restore

The code is as follows:

# usermod-U username

# passwd-u username

Delete user

Userdel-r user name

-r: delete user directory

Delete manually:

Use the find command to find files that belong to a user or user group

Find options-user,-uid,-group,-gid

Move and back up the files that need to be kept

Delete unwanted files

Clear related table items in user files

Clear the user host directory

User management command

Change set password

-l View user password settings

-m password modification minimum number of days

Maximum number of days for M password modification

-d date the password was last modified

-l the number of days after the password expires to lock the account

-E sets the expiration date of the password. If 0, the password expires immediately; if-1, the password never expires.

-W sets the number of days to start warning before the password expires

Enable or deactivate the shadow feature

Pwconv/pwunconv

Grpconv/grpunconv

System-config-users

Authconfig / etc/sysconfig/authconfig

Add users in batch

The newusers command imports the user information file

The pwunconv command cancels the shadow password function

Chpasswd command imports password file (password file format: username: password)

The pwconv command writes the password to the shadow file

Example: add 10 users in batch

Limit the user su to root:

The code is as follows:

# groupadd sugroup

# chmod 4550 / bin/su

# chgrp sugroup / bin/su

# ls-l / bin/su

-RMursr Musi x-1 root sugroup 18360 Jan 15 2010 / bin/su

Once set, only users in the sugroup group can use su to switch to root

The code is as follows:

# useradd helen

# passwd helen

# usermod-G sugroup helen / / add su permissions to helen

Replace su with sudo:

Temporarily becomes root when executing the sudo command

The root password will not be disclosed

Only limited command permissions are provided to the user

Configuration file: / etc/sudoers, edit configuration file command visudo

The normal user uses the command sudo.

Format: user name (group name) host address = command (absolute path)

The usage of system weak password testing tool John the ripper

The code is as follows:

# tar-xzvf john-1.7.6.tar.gz

# cd john-1.7.6/run

# make

Crack the user's ksharpdabu password

The code is as follows:

# grep ksharpdabu / etc/passwd > / test/ksharpdabu.passwd

# grep ksharpdabu / etc/shadow > / test/ksharpdabu.shadow

# / test/john-1.6.6/run/unshadow / test/ksharpdabu.passwd

/ test/ksharpdabu.shadow > / test/ksharpdabu.john

# / test/john-1.6.6/run/john / test/ksharpdabu.john

At this point, I believe you have a deeper understanding of the "introduction of user management methods in the Linux system". You might as well do it in practice. Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 251

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Servers

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report