Linux User Management

Add user

Useradd or AddUser. Actually AddUser is a soft connection of useradd. Take Useradd as an example, with the usage of useradd [option] USERNAME

1 [[email protected] ~]# ll 'which  adduser '217 May  26  £/usr/sbin/adduser -Useradd

-u Specifies the UID of the newly added user, but as a rule, the UID of the ordinary user must be greater than 499 and cannot be duplicated with the existing UID.

1 1010 User1 2 Tail -1 /etc/passwd3 user1:x:1010:1010::/home/user1:/bin/ Bash

-g Specifies the base group for the newly added user, which can also be used to indicate the base group with the group name (you can use the ID command to view the user information)

1 [[email protected] ~]# Useradd-g root User22ID  user23 uid=  1011(user2) gid=0(root) group =0(Root)

-g Specifies additional groups for newly added users, additional groups can have multiple, and multiple additional groups are separated by commas.

1 [[email protected] ~]# useradd-G user1,root user32ID  user33 uid=1012(User3) gid=1012(user3) group =1012(user3),0(Root),1010(user1)

-d Specifies the home directory for newly added users, which is the directory with the same name as the user name under/House, by default.

-M does not create a home directory for new users.

-s Specifies the default shell for newly added users. (There is a nologin shell in the system that can prohibit an account from logging in)

1 [[email protected] ~]# useradd-s/sbin/nologin user42su  user43 This account was currently not available.

You can use the Echo $SHELL to view the SHELL of the current user

-R Add a new user as a system user, the UID of the system user is between 1-499, generally cannot log in, no home directory.

Note: The command adds some default parameters for the user (such as the user's default shell) in the/etc/default/useradd file.

View user Information

Use the ID command to view the user information, usage: ID [option] [USERNAME], the default user is the current user when the user name is not specified.

-U View UID

-G view GID for basic group

-G view gio for all groups

-N is used in combination with the above options for displaying names instead of ID numbers

 1  [[email protected] ~]# id -< Span style= "COLOR: #000000" >u user1  2  1010  3  [[email protected] ~]# id -< Span style= "COLOR: #000000" >un user1  4   User1  5  [[email protected] ~]# id -g user3  6  1012  0  1010  7  [[email protected] ~]# id -< Span style= "COLOR: #000000" >gn user3  8  user3 Root user1 

Finger command can also view user-related information

1 [[email protected] ~]# finger user12login:user1                      3 Directory:/Home /user1                  Shell:/bin/bash4in. 5 No Mail. 6 No Plan.

Delete User

Use the Userdel command to remove users, but it is worth noting that the Userdel command does not delete the user's home directory by default.

Userdel usage: userdel [option] USERNAME

-R Deletes the user's home directory at the same time.

1 ls /home2 boost  compute  easydrcom  libpcap  lost+found  user1  user2  user3  user43 [[email protected] ~]# userdel user14  Userdel: The group "user1" is not removed because it contains other members.  5 [[email protected] ~]# Userdel-R user26ls /home7 boost  Compute  easydrcom  libpcap  lost+found  user1  user3  user4

Fix the user information

Use Usermod to modify the user's account information, using the same useradd. The concrete examples are as follows:

1[Email protected] ~]#IDUser32Uid=1012(User3) gid=1012(user3) group =1012(User3),0(Root),1010(user1)3[Email protected] ~]# usermod-u505User34[Email protected] ~]#IDUser35Uid=505(User3) gid=1012(user3) group =1012(User3),0(Root),1010(user1)6[[Email protected] ~]# Finger User37 Login:user3 Name:8Directory:/home/user3 Shell:/bin/Bash9Never loggedinch.Ten No Mail. One No Plan. A[Email protected] ~]# usermod-g0-s/bin/tcsh User3 #这里该的基本组必须事先存在 -[[email protected] ~]#!ID - IDUser3 theUid=505(User3) gid=0(root) group =0(Root),1010(user1) -[[email protected] ~]#!fing - Finger User3 - Login:user3 Name: +Directory:/home/user3 Shell:/bin/tcsh -Never loggedinch. + No Mail. ANo Plan.

The-l parameter is used to modify the user name

1 [[email protected] ~]# Usermod-l U3 user32ID  U33 uid=505
     (U3) gid=0(root) group =0(Root),1010(user1)

Note: If you use-G to modify additional groups for the user, the existing additional groups are overwritten by default, and if you only want to append new additional groups you can use-ag where a is appended. When using the-D to modify the user's home directory, it is best to use the "-M", which means to modify the home directory at the same time the original home directory files copied to the destination home directory.

You can also use the CHSH (change shell) command to modify the user's login shell. Its usage is CHSH USERNAME

You can use PWCK to check the integrity of your user account.

Modify User Password

Use the passwd command to modify the user's password, usage: passwd [USERNAME]

For a normal user, you can only use the passwd command to modify your password. For administrators, not only can you use passwd to modify your password, but you can also use the passwd USERNAME command to modify someone else's password.

passwd can use the--stdin parameter to indicate that a password is obtained from standard input.

1[Email protected] ~]#passwdUser32 change the password for the user User3. 3 New Password:4Invalid Password: password not checked by dictionary-too simplistic/systematized5 re-enter the new password:6 passwd: All the authentication tokens have been successfully updated. 7[Email protected] ~]#Echo "123456789"|passwdUser3--stdin8 change the password for the user User3. 9 passwd: All the authentication tokens have been successfully updated.

The-d parameter can remove the user's password.

Creation of groups

Group creation using the Groupadd command, you can use-G to specify gid,-r to indicate that the reorganization is a system group. Similar to Useradd, the following usage of the action commands for groups can refer to the use of commands for user actions.

Group Information Modification

The GROUPMOD command modifies group information,-G modifies gid,-n to modify the group name.

Deletion of groups

Groupdel command to delete a group

Group Add password

Use the GPASSWD command to modify the group password. The group password is primarily used to temporarily change the group to which the user belongs.

For example, in the following code, the User3 user temporarily used the USER4 group to create a b.txt file

1[Email protected] ~]# Usermod-l User3 U32[[Email protected] ~]# gpasswd user43 modifying password for user4 group4 New Password:5 Please re-enter the new password:6[email protected] ~]# Su-User37Last Login: 57 months -  .: in: -CST 2017pts/1on8[[Email protected] ~]$ Touch A.txt9[[Email protected] ~]$ IDTenUid=505(User3) gid=0(root) group =0(Root),1010(User1) Environment =unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 One[[Email protected] ~]$ ll ATotal dosage0 --rw-r--r--.1User3 Root0July -  .: -a.txt -[[Email protected] ~]$ newgrp user4 the Password: -[[Email protected] ~]$ Touch B.txt -[[Email protected] ~]$ ID -Uid=505(User3) gid=1013(user4) group =1013(USER4),0(Root),1010(User1) Environment =unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 +[[Email protected] ~]$ ll -Total dosage0 +-rw-r--r--.1User3 Root0July -  .: -a.txt A-rw-r--r--.1User3 User40July -  .: toB.txt at[[Email protected] ~]$ Exit - Exit -[[Email protected] ~]$ ID -Uid=505(User3) gid=0(root) group =0(Root),1010(User1) Environment =unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 -[[Email protected] ~]$ Exit - Logout in[Email protected] ~]#

Note: The above newgrp is used to temporarily switch the base group and use the Exit command when the temporary group is exhausted to exit.

Linux User Management