Knowledge about Linux User management

Basic knowledge of Linux user management:

Linux Users:

UID Range: 0-65535

UID 0 corresponds to root

UID 1-499 (CentOS 6) or 1-999 (CentOS 7) for system users

UID is more than 500 (CentOS 6) or more than 1000 (CentOS) for logged-in users

GID Range: 0-65535

GID 0 corresponds to the Administrators group

GID for 1-499 (CentOS 6) or 1-999 (CentOS 7) for system user groups

GID is more than 500 (CentOS 6) or more than 1000 (CentOS) is a logged in user group

Groups of users are also divided into basic groups and additional groups

User Configuration file:

/ETC/PASSWD: User name, UID, basic group and other information

/etc/group: Group name, GID, user included in the group;

/etc/shadow: User password and related attributes;

/etc/gshadow: the password and related attributes of the group;

/ETC/PASSWD Analysis:

Name:password:UID:GID:GECOS:directory:shell

Login Name: X:uid:gid: User reviews: Home directory: User default Shell

Specific information can be viewed in man 5 passwd

/etc/shadow Analysis:

Login name:encrypted password:date of last password change:minimum password age:maximum password Age:password warning Peri Od:password Inactivity Period:account Expiration date:reserved field

Login user name: User encrypted password: The last password modification time ( This data is the number of days starting January 1, 1970, note the unit is days ): The number of days the password is not changed ( compared to the previous field, only the minimum password time period is met, User can change the password ): Maximum password period (maximum password period, to the maximum age, the user must change the password ): Password warning Time ( when the password fast expires before the time, send the user a password fast expiration warning message ): Password inactivity period ( when the password has expired, allow the user to re-modify the password period ): Account expiration period ( account expiration period, once expired, the account will not be allowed to login, and password expires only the account cannot use that password ): Tentative field

/etc/group Analysis:

Group_name:password:GID:user_list

Group name: group password ( usually do not need to configure, this configuration is usually used for "group manager", there is very little chance to configure the Group administrator!) Similarly, the password has been moved to/etc/gshadow, so there is only one "X" in this field : GID: The name of the account that this group supports ( we know that an account can be added to multiple groups, and an account that wants to join this group Fill in this field with the account number. For example, if I want to let Dmtsai also join the root of this group, then in the first line to add ", Dmtsai", note that there is no space, so that the "Root:x:0:root,dmtsai" can be ~)

/etc/gshadow Analysis:

Group_name:encrypted password:administrators:members

Group name: Encryption Password: Group Administrator ( can change group password, comma separated list ): Member ( Comma separated list of users )

Linux User Commands

Useradd

Options and Parameters:

-u uid: Specify UID number directly

-G GID: Specifies the user group (the user group needs to exist beforehand)

-r: Create a System user

-C ' COMMENT '

-d/path/to/somewhere: Specifies the user's home directory path; The location cannot exist beforehand, otherwise its user-related profile will be copied;/etc/skel

-S Shell: Sets the user's default shell

-G GID,... : Specify an additional group to which to belong

-M: Do not create home directory for users

Groupadd

Options and Parameters:

-r: Specify System Group

-G GID: Specify Group ID

Exercise: Create user Oracle, belong to additional group database and Sql,id number is 3000, home directory is/home/database;

Answer:

1.groupadd Database

2.groupadd MySQL

3.useradd-g database,sql-u 3000-d/home/database Oracle

ID: View user-related ID information

Options and Parameters:

-U: Show user ID only

-G: Show group ID only

-G: Show only group ID and additional group ID

Su:switch user, switch users or execute commands as other users

Switching mode:

Su USERNAME: Non-full switch, non-login switch (also using the environment variables of the previous user)

Su-username or su-l USERNAME: full switch, login switch

Usermod: User Property modification

Option parameters (basically consistent with useradd)

-u uid: Specify UID number directly

-G GID: Specifies the user group (the user group needs to exist beforehand)

-G Gid[,gid,...] : Modify the additional group to which the user belongs, and use the-a option with the previous attached group;

-S SHELL

-C ' COMMENT '

-D Home: When the user's home directory is modified to a new location, the user's original file is not moved to the new home; the-m option allows it to be moved to a new home directory at the same time;

-L LOGIN

-l:lock User (lock users)

-u:unlock User (unlocking users)

passwd: Add a password to the user

Option parameters:

-l:lock User

-u:unlock User

--stdin: Receive user password from standard output

Example: Echo ' CentOS ' | passwd--stdin CentOS

Userdel: Deleting users

Option parameters:

-r: Delete User's home directory while deleting

Groupmod: Group Property Modification

Option parameters:

-N group_name: Modify Group name

-G GID: Modify Group ID

GPASSWD: Set password for group

NEWGRP: Toggles the base group for the specified group

Chage: Modify the properties of user account and password

This article is from the "Wind Rhyme" blog, please be sure to keep this source http://chinalx1.blog.51cto.com/2334265/1690324

Knowledge about Linux User management