LINUX User Management

Linux users are divided into three types:

Root User: Super user, can be nothing but suicide ID 0 such as RM-RF + carriage return;

System User: ID 1-500 comes with different programs installed

Normal User: Created by root user, cannot commit suicide ID 500 or above

All of the user data is saved in/etc/passwd

vim/etc/passwd

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/73/EF/wKioL1YKULygVLstAAIeqRMEecM705.jpg "title=" 4.jpg " alt= "Wkiol1ykulygvlstaaieqrmeecm705.jpg" style= "padding:0px;margin:0px;vertical-align:top;border:none;"/>

Example: Dn123456:x:500:500::/home/dn123456:/bin/bash

dn123456: User Name

X: Password After encryption

500:uid

500:gid

/home/dn123456 User Home Directory

/bin/bash the shell executed after login

Shadow files: The so-called shadow is for the sake of security, put the encrypted things in the shadow, only the super user can view the shadow, for example,/etc/passwd only with an X for the encrypted password, so that even if the hacker can not decipher (the general situation), and in the shadow file: see

Cat/etc/shadow

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/73/EF/wKioL1YKUovSdWttAAHq7MUfGsM740.jpg "title=" 5.jpg " alt= "Wkiol1ykuovsdwttaahq7mufgsm740.jpg" width= "650" style= "Padding:0px;margin:0px;vertical-align:top;border: none; "/>

The format of the shadow file is:

Username:passwd:lastchg:min:max:warn:inactive:expire:flag

Root: User Name

$6$MUE3ELOFBG9EZP00$H27YITZJX1RUOCJDYIIQQQKZPPXLRJS9K0CKCO4QP8GCH00Q0/PFE5NQNZJGVLM7WDVHERKR1K1VRY79OXKRI1: Password after encryption

16695: Period of time from January 1, 1970 to last modified password 16,695 days

0: Indicates the number of days to pass between the two change passwords, and 0 means that they can be modified at any time

99999: The number of days that the password expires, 99999 means never expires

7: Indicates that the password expires 7 days before notifying the user, issue a warning

":" The number of days that the user name is not valid until logon is disabled, default is empty

":" The user is forbidden to log on the default time is empty

":" Reserved domain default is empty

User group account file/etc/group

Cat/etc/group

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/73/F3/wKiom1YKVR7iK9kbAABuLKNxry8316.jpg "title=" 8.jpg " alt= "Wkiom1ykvr7ik9kbaabulknxry8316.jpg" style= "Padding:0px;margin:0px;vertical-align:top;border:none;float: none; "/>

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/73/F0/wKioL1YKVSmhjWLFAABdmaz3_KM236.jpg "title=" 9.jpg " alt= "Wkiol1ykvsmhjwlfaabdmaz3_km236.jpg" style= "Padding:0px;margin:0px;vertical-align:top;border:none;float: none; "/>

Example: Daemon:x:2:bin,daemon

Daemon User Group name

2 Group ID

X indicates that it is encrypted

Bin,daemon represents a member within a group

Cat/etc/gshadow Group Shadow File

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/73/F3/wKiom1YKVsXSCDPLAADF5Ln7450580.jpg "title=" 11.jpg "alt=" wkiom1ykvsxscdplaadf5ln7450580.jpg "style=" Padding:0px;margin:0px;vertical-align:top;border:none;/>

Add user

Example: Useradd dingning

passwd dingning

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/73/F1/wKioL1YKWiqSxLYaAACxD_sHCUo606.jpg "title=" 12.jpg "alt=" Wkiol1ykwiqsxlyaaacxd_shcuo606.jpg "/>

Indicates that a success has been created;

More parameters

-C Description

-D Specify the home directory where the user resides

-E identifies the expiration date of the user account Mmddhhmmyy

-G identifies the user's primary group

-G Secondary Group

-S indicates the shell used after login

-U Specify User ID

Example: Useradd-c "Shuaige"-G dn123456-s/bin/bash-d/home/dingning dingning

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/73/F1/wKioL1YKXPGBTLdZAACISzGk16c926.jpg "title=" Qq20150929174140.jpg "style=" Float:none; "alt=" wkiol1ykxpgbtldzaaciszgk16c926.jpg "/>

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/73/F4/wKiom1YKXOGzoT9JAABLaId-B3M543.jpg "style=" float: none; "title=" qq20150929174158.jpg "alt=" Wkiom1ykxogzot9jaablaid-b3m543.jpg "/>

To delete a user:

Userdel dingning

Userdel-r dingning indicates that it is deleted along with the home directory of the account, the account files in the non-user home directory will not be deleted, as follows:

Userdel dingning

Find/-user dingning-exec rm {} \.

To modify user information:

Usermod

Usermod-l meinv-g superman-u 1200-c "dingxiaoning" dingning

To create a group:

Groupadd:

Groupadd dingning Create a new group,

GROUPADD-G 5400 dingning Create a new group with GID 5400

The group name must be unique and cannot create two identical group names

GROUPADD-G 5400 dingning

Groupadd-g 5400 Superman creation failed

Groupadd-g 5400-f Superman created successfully, but GID automatically increases to 5401

Groupadd-g 5400-f-O Supernan created successfully, GID is still 5400, and group dingning share a GID

Change group information:

Groupmod-g 5500-n Supergirl Superman means modifying GID and group names

To delete a group:

Groupdel Superman If there are users in the group that are used in the system, the deletion fails and the user must be deleted first.

To verify the user:

PWCK: (password Check)

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/73/F2/wKioL1YKZdiyzTkeAAFZL7MW2W0688.jpg "title=" 20.jpg "alt=" Wkiol1ykzdiyztkeaafzl7mw2w0688.jpg "/>

LINUX User Management