Several special directories for accounts in Linux

Several special directories for accounts in Linux

Some of the special directories described below are special directories that operate on file permissions. I'll introduce the file permissions in the next article, which describes these several directories about user accounts and group accounts.

Files related to user accounts and group accounts:
/ETC/PASSWD (user account Resolution Library)
/etc/group (group account Analysis Library)
/etc/shadow (user name Authentication library)
/etc/gshadow (Group account Certification library)
/etc/default/useradd (create user's properties)
/etc/login.defs (login definition attribute)
/etc/skel (Directory) (skeleton of user account)

1./etc/passwd (user account Analysis Library)

Root:x:0:0:root:/root:/bin/bash
1 2 3 4 5 6 7

1: User account login name;
2: Use "x" to indicate password placeholder;
3: Uid of user account;
4: The GID of the user account, which is the ID of the basic group of the user account;
5: Note information, such as user position, user's full name, etc.;
6: Absolute path to the home directory of the user account;
7: User's default login shell;

2./etc/group (group account Analysis Library)

root:x:0:
1 2 3 4

1: Group account name;
2: group password placeholder;
3: GID of group accounts;
4: To reorganize the list of users to the additional group, use "," to separate multiple user names;

3./etc/shadow (user name authentication library)

Root:$6$ehogwwosrvgxvney$8f38tkknd3zsq6c/yun0smixgu5jou40f6nrvgwudanlfe6vhamyz2rmj2ogqjzzrlwfu4oopdve1tjef/bva /::0:99999:7:::

1: User account login name;
2: Password encryption algorithm +salt+ password encryption results;
3: The last time the password was modified: its representation is the number of days from January 1, 1970 to the date indicated by the current system time;
4: The minimum age of user password, it can be understood how long the password cannot be changed, 0 means that the password can be changed at any time;
5: The user password for the longest period of use, it can be understood how long you need not change the password, you can log in normally;
6: The user password of the use of the time before the expiration of the number of days before the user log on to the system to send a warning message;
7: The grace period after the user password expires, it can be understood that the password expires in the number of days after the login system can still prompt to change the password;
8: The absolute expiration time of the user's password; the representation is the number of days represented from January 1, 1970 to the specified date time; usermod-e
9: reserved, not used;

4. /etc/gshadow (group account Certification library)

1. group account name;
2. Encryption password for group account;
3. Group administrator, now obsolete;
4. List of user accounts with this group as additional groups;

Introduce a command in this:

GPASSWD: Sets the password for the group and the members of the management group:
Format: gpasswd [options] Group
-A USERNAME: Add the user to the specified group with the-a option;
-D USERNAME: Removes the user pointed to by the-D option from the specified group;

[[email protected] ~]# ID xiaoqiang uid=5002 (xiaoqiang) gid=5003 (Xiaoqiang) group =5003 (Xiaoqiang), 5002 (Qiuxiang) [email Protected] ~]# gpasswd-a Xiaoqiang Wangcai is adding user "Xiaoqiang" to the "Wangcai" group [[email protected] ~]# ID xiaoqianguid=5002 ( Xiaoqiang) gid=5003 (Xiaoqiang) group =5003 (Xiaoqiang), 5002 (Qiuxian

g), 5004 (WANGCAI) [[email protected] ~]# gpasswd-d Xiaoqiang Wangcai is removing the user "Xiaoqiang" from the "Wangcai" group [[email protected] ~] # ID xiaoqianguid=5002 (Xiaoqiang) gid=5003 (Xiaoqiang) group =5003 (Xiaoqiang), 5002 (Qiuxiang)

NEWGRP: Temporarily re-login to the system with a new group, need to have the correct password settings for the specified group;
Format: NEWGRP [-] [group]

[Email protected] ~]# gpasswd Xiaoqiang is modifying the password for the Xiaoqiang group New password: Please re-enter the new password: [[email protected] ~]# Su-tangbohu last Login: 411 months 9 16:19:07 CST 2017pts/0 on [[email protected] ~]$ iduid=5004 (Tangbohu) gid=5005 (Tangbohu) group =5005 (Tangbohu), 5002 (Qiuxiang) Environment =unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023[[email protected] ~]$ newgrp xiaoqiang Password: [email protected ] ~]$ iduid=5004 (Tangbohu) gid=5003 (Xiaoqiang) group =5003 (Xiaoqiang), 5002 (Qiuxiang), 5005 (Tangbohu) environment =unconfined_u: unconfined_r:unconfined_t:s0-s0:c0.c1023

5./etc/default/useradd(Create user's properties)

   //define user properties when creating a user
    group=100
        // When you create a user, if you do not specify a basic group for the user, the system assigns the user a group with the same user name as its base group;
    home=/home
         //When you create a user, if you do not specify a home directory for the user, you will break into a directory with the same name as the user's home directory;
    inactive=-1
         //When creating a user, set a grace period after the user's password expires, which, by default, is 1, which means the ability to turn off the user password expiration grace period, that is, the grace period is forever;
     expire=
        //When creating a user, set the absolute expiration date of the user's password, which is not enabled by default;
    shell=/bin/ Bash
        //Set the user's default login shell when creating a user, the default value is/bin/bash;
    skel=/etc/skel
        //The default file template that is provided for the user's home directory when the user is created;
     create_mail_spool=yes
        //Whether to create a mailbox file directly for the user when the user is created;

[Email protected] ~]# cat/etc/default/useradd# useradd defaults filegroup=100home=/homeinactive=-1expire=shell=/bin /bashskel=/etc/skelcreate_mail_spool=yes

6./etc/login.defs (Definitions definition)

Function: Define shadow_utils related properties, including user mailbox path, password time parameter, UID and GID range, delete user account commands, set private group (contains only one
User and as the user's primary group), the permission bitmask directory to create a switch, password encryption algorithm
Mail_dir/var/spool/mail
Specifies the path to specify the mailbox file for the user when the user is created;

Pass_max_days 99999
Pass_min_days 0
Pass_min_len 5
Pass_warn_age 7
Settings related to the time parameters of the password;

Uid_min 1000
Uid_max 60000
# System Accounts
Sys_uid_min 201
Sys_uid_max 999

Gid_min 1000
Gid_max 60000
# System Accounts
Sys_gid_min 201
Sys_gid_max 999
Specifies the default ID selection range;

Userdel_cmd/usr/sbin/userdel_local
Specifies the command to use when deleting a user;

Create_home Yes
Whether to create a home directory switch for the user when creating the user;

UMASK 077
A mask that specifies the default permissions for the user home directory;

Usergroups_enab Yes
Whether to turn on the private group switch;

Encrypt_method SHA512
What algorithm is used to encrypt the password;

7./etc/skel (Directory)
Function: provides the default [Shell configuration] file for the newly created user's home directory;

Several special directories for accounts in Linux