Shulou(Shulou.com)06/01 Report--

I. users

Commands: useradd, userdel, usermod, getent, figner, passwd newusers chpasswd id

Associated files: / etc/passwd, / etc/shadow, / etc/skel, / etc/login.defs

Users are divided into three categories and are divided according to their id:

Id is 0: administrator

Id is 1-500: system user (centos5,6)

1-1000: system user (centos7)

Id greater than 500: ordinary user (centos5,6)

Greater than 1000: ordinary user (centos7)

Ps: the system user does not need to log in, and some processes above the system need to run as an identity, usually the system user, and the shell type of the system user is / sbin/nologin

Detailed description of the command:

Useradd: adding user

-u: indicates the user uid

-g: indicates the user's group

-G: indicates the additional group of the user

-d: indicates the user's home directory

Indicates that the parent directory of the home directory must have, and the subdirectory must not

-s: indicates the shell type of the user

-c: indicates the user's comment information

-r: create a system user, which can be used with-s / sbin/nologin

When you create a system user, the home directory and mailbox directory will not be generated automatically. The cd / home/user prompt does not exist. When you log in, you will be prompted:

Su: warning: cannot change to / home/new2 directory: there is no such file or directory

-bash-4.2 $

Reason: no home directory is caused, recreate the home directory, and set the

Cp-r / etc/skel/. [^.] * / home/new2

-N: do not create a group with the same name as the owner. The default setting is users group with id of 100.

-o: allows the use of duplicate uid to create users without verification

-m: create the user's home directory

-M: do not create the user's home directory

-U: create a group with the same name as the user name

-D: display or change the default settin

[root@localhost] # useradd-D

GROUP=100

HOME=/home

INACTIVE=-1

EXPIRE=

SHELL=/bin/bash

SKEL=/etc/skel (.bash _ logout .bash _ profile .bashrc .Mozilla)

CREATE_MAIL_SPOOL=yes

Userdel: deleting a user

-r: delete the user and delete both the home directory and the mailbox directory

Usermod: modify the user's related attributes

-u: modify the user's uid

-g: modify the user's primary group

-G: modify the user's additional group. The default is override. If you need to add it, you need to use it with-a.

Usermod-G "" wang removes additional groups for wang users

-d: modify the user's home directory and use the data in the mobile home directory with-m

-c: modify the user's comment information

Chfn user adds comment information to user users

-b: modify the user's shell

Chsh-s / bin/csh user change shell type

-l: modify the user name

-f: set the number of days after the account password expires

-e: set password expiration time

-L: lock the account

-U: unlock the account

Passwd: changing a user's password

-l: the password for locking the account

-u: the password for unlocking the account

-d: delete existing passwords

-e: users will be forced to change their passwords after logging in

-x: the maximum validity period of the password (only the root user can do this operation)

-n: the minimum validity period of the password (only the root user can do this operation)

-w: how many days before the password expires to remind the user (only the root user can do this operation)

-I: how many days after the password expires, the account will be disabled (only the root user can do this operation

Id: displays information about users and groups

-u: displays the user uid, and displays the user name with-n

-g: display user gid, with-n display user group

Getent: view the user's account and password information

Getent passwd/shadow username

Finger: view users' information

Finger username

Newusers: create users in batch

First edit a document and edit N users in the document in / etc/passwd format

Multiple users can be added by newusers useradd.txt

Chpasswd: add passwords to users in batch

First edit a document, edit it in the document, and then username:passwd

| cat passwd.txt | API chpasswd to add documents to multiple users |

Detailed description of the document:

/ etc/passwed: save the information about the user

Root:x:0:0:root:/root:/bin/bash

1. User name 2. Password placeholder 3. Count master 4. Array 5. Note message 6. Home directory 7.shell

/ etc/shadow: save the user's password information

Root:$6 $bsudKYD7 $6fhHWBe.pd78cnSdKk0m0Z6FpTrlcC.F.uGAhZxTKX1szFrgKqGQQMHCluS8adDsJ2lHmgEui8EZx3IJEudo.1701009997gargar.99997means:

1. User name

two。 Password information, $1:md5 encryption, encryption length of 128bits, $6:sha6 encryption, encryption length of 512bit

3. The time from January 1, 1970 to the last time the password was changed

4. Minimum password usage time: cannot change password chage-m 2-M 4 user less than N days

5. Maximum password duration: if M is smaller than m, the user cannot change the password

6. How many days in advance to remind you to change your password?

7. How many days after the password expires, the account is locked.

8. The account is valid from January 1, 1970. How many days after the account expires?

Ps:md5 and sha512 belong to hash one-way encryption algorithm, which is irreversible, and md5 has been cracked.

Openssl rand-base64 20: create a 20-bit random password

Authconfig-- passalgo=sha512-- update: change the encryption mechanism to sha512. The password will be updated automatically next time, and the previously created password will not be changed.

/ etc/login.defs: define information in passwd and shadow

II. Group

Commands: groupadd, groupdel, groups, groupmems, gpasswd, newgrp

Associated files: / etc/group, / etc/gshadow

Detailed description of the command:

Groupadd: add group

-o: create a group id duplicate group

-g: specify the group id

-r: indicates the system user

Groupdel: deleting a group

Groupmems:

-l-g tom: check which members are in the tom group

-p-g tom: delete group members of tom

-d harry-g tom: delete harry members from the tom group

-a harry-g tom: add harry users to the tom group

Groups tom: indicates the group in which the tom user belongs

Gpasswd:

-a: add user1 users to the root group

Gpasswd-a user1 root

Groupmems-l-g root to see which members are in the root group

-d: remove user1 users from root

Gpasswd-d user1 root

Groupmems-l-g root

-r: remove group password

-M: sets the list of members of the group

Gpasswd-M user1,user2,user3 root

Groupmems-l-g root

Newgrp: temporarily specify the primary group, and exit will revert to the current login user

After newgrp user, the default grouping of files created is user.

Associated file:

/ etc/group

Admins:x:1004:natasha,harry

1. Group name 2. Password placeholder 3. Group id 4. Group list

/ etc/gshadow

Admins:!::natasha,harry

1. Group name 2. Password 3. List of group administrators 4. Group list

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.