"Linux is the stylish-read Note 2" In the heart of the table row

The identity of the user

The user level under Linux is actually very simple, with two levels of root and non-root. The root user has the supremacy right under Linux, which means it can misbehave. But fortunately, only one user is root, and its username is called Root. The rights of the non-root user are strictly limited and only the files specified by the root can be accessed.

Bathhouse Sub-model

We liken the user management of Linux to a bathhouse sub-model because it is very graphic. All non-root users are just the customers of this bathhouse: the root user is the waiter of the bathhouse, and the Linux system is the big bathhouse.

People who have been to the bathhouse know that there will be a waiter at the door to receive you, to register and send you a key with a plate. This process is a good idea for the root user to assign accounts to other users. Registration is to add the user to the system, the key is to give you login system password, and the number on the license plate is your user name.

When you get the key, you can go into the locker room. The locker room usually has several large cabinets. Each large cabinet and more than n small cabinets, which have a small cabinet belongs to you. How do you find the locker that belongs to you? Look at the number above the cupboard! This number is the same as the number on your key plate.

This process is very similar to the process we have logged into the Linux system. After the correct landing, we will have a directory of their own files, this directory is generally /home/[username], the following [username] the same as your user name. This directory is generally called "home directory". Locker room is your home directory, which can be put into some of your personal belongings, you can ensure that others do not steal away.

Just leave your home directory and enter the public zone. are generally read-only, but there are a few places where data can be written, such as the /temp directory. In the process of using Linux, if you forget your password, you can change the new password by simply applying to the root user.

Understanding User Roles

In the Linux system, there are some users who are used to accomplish certain tasks, such as nobody, admin, ftp and so on. It is important to note that in Linux, no matter how much the user name looks, as long as it is not root, it must be an ordinary user, the power is the same size. Many of the information on the so-called user role concept, especially that the role of different and then different rights of view is not very accurate, it is easy to create a Linux user has the impression of the size of permissions. In fact, the so-called permissions, it is different users can access the file is a false appearance. And this illusion is not a single user concept can be determined, but also to use the concept of user groups.

What is a user group? It can be understood as a user's profession. A user can belong to more than one user group, and also note that a user should belong to at least one user group.

Although user roles cannot be related to permissions, there are times when different roles are treated differently and the so-called treatment is the ability to have passwords, home directories, and shell resources. Some users ' primary task is to run some service programs to ensure security, such as nobody users can be used in Nginx(a high-performance HTTP and reverse proxy server) work process. For such users, the password and shell are generally not assigned (the shell is allocated strictly, but only the /sbin/nologin is assigned to this particular shell.) Not even the home directory. Why did you do it?

First of all, there may be many service programs default to use this user, if the password is set, the program will not be automatically used, and secondly, because no one will use this user login system, there is no need to assign a shell to it, but the private home directory is also a bit redundant.

/etc/passwd File View User

/etc/passwd file, which is used to store basic user information. Part of this file is as follows:

[[email protected] lixin]#more/etc/passwdroot:x:0:0:root:/root:/bin/bashbin:x:1:1:bin:/bin:/sbin/nologindaemon:x:2:2:daemon:/sbin:/sbin/nologinadm:x:3:4:adm:/var/adm:/sbin/nologinlp:x:4:7:lp:/var/spool/lpd:/sbin/nologinsync:x:5:0:sync:/sbin:/bin/syncshutdown:x:6:0:shutdown:/sbin:/sbin/shutdownhalt:x:7:0:halt:/sbin:/sbin/haltmail:x:8:12:mail:/var/spool/mail:/sbin/nologinuucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologinoperator:x:11:0:operator:/root:/sbin/nologingames:x:12:100:games:/usr/games:/sbin/nologingopher:x:13:30:gopher:/var/gopher:/sbin/nologinftp:x:14:50:ftp user:/var/ftp:/sbin/nologinnobody:x:99:99:nobody:/:/sbin/nologin......pulse:x:496:494:pulseaudio System daemon:/var/run/pulse:/sbin/nologinwebalizer:x:67:67:webalizer:/var/www/usage:/sbin/nologinpiranha:x:60:60::/etc/sysconfig/ha:/sbin/nologinsshd:x:74:74:privilege-separated ssh:/var/empty/sshd:/sbin/nologinpostgres:x:26:26:postgresql server:/var/lib/pgsql:/bin/bashluci:x:141:141:luci High Availability Management application:/var/lib/luci:/sbin/nologinmysql:x:27:27:mysql server:/var/lib/mysql:/bin/bashdovecot:x:97:97:dovecot IMAP server:/usr/libexec/dovecot:/sbin/nologindovenull:x:495:491:dovecot ' s unauthorized user:/usr/libexec/dovecot:/sbin/nologintcpdump:x:72:72::/:/sbin/nologinjason:x:500:500:jason Yang:/home/jason:/bin/bash

Each line of the file represents a user. In other words, this file has several lines in your system with a few users. Each line is separated by a colon ":" Into 7 fields, and its structure is as follows:

User name: Password: uid:gid: User's full Name: Home directory: Shell

The important thing in this file is the UID (user ID) and GID (group ID), which are identified by Linux only on the user or user group. So the UID and GID are just a number. In order to differentiate between different users or groups of users, it is necessary to maintain their own uniqueness in the system. UID and GID can be the same, because they represent different concepts (they can be understood as the primary key values in two database tables), both UID and GID are special in the Linux system, they are assigned to the root user and the root user group. UID and GID can be obtained through the program, so you can use this special value to determine whether you can misbehave.

Although the system only distinguishes between 0 and non-zero UID and GID, there are some segments (similar to our usual allocation port number) that are used in the usage. 0 Naturally needless to say, is to root; 1~499 belong to the system users, such as those mentioned earlier treatment than the poor and some even occupy the pit belongs to this category; 500~4294967295 is allocated to ordinary users. So you will find that the UID and GID of the first user added to your system is 500.

Not finished, to be continued ...

"Linux is the stylish-read Note 2" In the heart of the table row