5. User and User group management

<--Directory--

1. Theoretical knowledge

2. User and User group management

3. Source Package Installation

"Theoretical Knowledge"

I. User account Management

Aaa

A:authentication Certification-who are you?

A:authorization Authorization--What can you do?

A:audit Audit-What did you do?

Two. User Account UID Range command View ID root

0->root

1-499 System Users

>=500-General User

Four. passwd file format

Root:x:0:0:root:/root:/bin/bash

1 2 3 4 5 6 7

1. Name of the user account

2. Password-word or placeholder

3. UID number of user account

4. GID number of the basic group to which it belongs

5. User's full name

6. Host Directory

7. The path of the login shell program

Five. Shadow file format

Root:$1$8c2tu7sa$bdkquifwsz9ktvttn/etb0:16274:0:99999:7:::

1 2 3 4 5 6 7 8 9

1. Name of the user account

2. Encrypted password string

3. Last time the password was changed (number of days from January 1, 1940 to the most recent password Change day)

4. Minimum effective days of password, default 0 (using how many geniuses may change the password, 0 means you can change the password at any time)

5. Maximum valid number of days for passwords, default 99999 (valid for password use)

6. Number of warning days before password expires, default 7

7. Disable this user account for the number of days after the password expires

8. Account expiration time, default value is empty

9. Reserved fields (not used)

commands for viewing user-related password information

19. Group Management

Etc/group basic information for saving group accounts

-one row per group record: Split into 4 fields

Field 1 name of the group account

Field 2 Password placeholder x

GID number for Field 3 group accounts

Field 4 Member Users list for this group

Etc/gshadow Storage Group account management information

Field 1: Name of the group account

Field 2: Cipher string for encryption number

Field 3: List of administrators for this group

Field 4: List of member users for this group

Mail_dir/var/spool/mail

Pass_max_days 99999//password Maximum usage time

Pass_min_days 0//Minimum Password usage time

Pass_min_len 5//Minimum length of password

Pass_warn_age 7 //Password warning time

Uid_min 500

Uid_max 60000

Gid_min 500

Gid_max 60000

Create_home Yes

UMASK 077

Usergroups_enab Yes

Md5_crypt_enab Yes

Encrypt_method MD5

/etc/skel//New account template file

~/.bash_profile//execute on every login

~/BASHRC//Execute every time you enter a new bash environment

Global

/etc/bashrc

/etc/profile

"User and user group management"

Three. When creating a user, these files are affected by default

/ETC/PASSWD: Store user-related information

/etc/shadow: Store password-related information

/etc/group: Storage group membership related information

/etc/gshadow: Storage group password-related information

Chage-l root view Tom user password modification time or grep Root/etc/shadow

Chage ABC to modify the security settings of ABC

Useradd command

-Format useradd [options] ... User name

Common Command Options

-U Specify UID tag number

-D Specify the host directory, default to/home/user name

-e Specify the expiry time of the account

-g Specifies the base group (group name or GID) that belongs to

-g Specifies the attached group (group name or GID) attached

-M does not establish and initialize the Ruthenica home directory for the user

-S Specify user's login shell

VI, create a user

Create User Alice,uidj is 800, home directory is/home/sum, except in his own primary group, also in the Jack Group (additional group)

He does not have a usable shell (unable to log into the system)

Useradd-u 800-d/home/sum-g jack-s/sbin/nologin Alice

Vim Etc/logon. Press Tab

Nine. Set the password

1. Only root users can set passwords for other users

2. Ordinary users can only change their own password, and before changing their own password, to enter the old password

passwd Chitian

-Format: passwd [options] ... User Name Change Password: (passwd user name)

Common Command Options

-D: Clear the user's password so that it can log in without a password

-S: Check the status of the user account (whether locked)

-L: Lock user account

-U: Unlock user account

echo Password | passwd--stdin User Name

echo 111 | passwd--stdin Tom

Cases

Lock the Jack User

Passwd-l Jack.

View user Status

Passwd-s Jack.

Unlock Users

Passwd-u Jack.

10. Change user Information

Format: usermod [options] ... User name

Common Command Options

-L Change the login name of the user account

-u-d-g-g-S is the same as Useradd

Cases

1. Change Jack's login name to Slina

Usermod-l Slina Jack

4. Change the user's login shell

Usermod-s/sbin/nologin Slina (no login allowed)

Usermod-s/bin/bash Slina (login allowed)

11. Delete a user

1. Simply delete the user, Tom

Userdel Tom---just remove the user, the user's home directory still exists

2. Delete the user Tom at the same time, put Bob's home directory also deleted

Userdel-r Tom

Afternoon

Chage-m 1 Tom//Set Tom User password minimum usage time 1 days

Note (see Time with Chage-l)

CHAGE-M Tom//Set Tom User password up to 90 days maximum usage time

15. Set Password Policy

Grep-ve "^#|^$"/etc/login.defs (see the lines in the Login.defs file that do not start with a # number and are not blank lines)

Vim/etc/login.defs

16. Set user password expires on January 1, 2014

CHAGE-E 2019-1-1 Tom

17. Chage Syntax Format

Administrative Tools Chage Command

-Format chage [options] User name

Common Command Options

-l list Password expiration information

-e Specify the account expiration time Yyyy-mm-dd

-i specifies how many days to lock after a password expires

-m specifies the minimum number of days for a password

-m Specifies the maximum number of days for a password

Chage User Name change password directly

Force user account expires chage-d 0 username

18. ID command

1. Use the ID command directly to view information that is the current user

2.id User Name--View information for a specified user//id spaces

Id-u Tom Tom's UID

G GID

What groups are the G root root, and what are the ID numbers for those groups?

What groups the Gn root belongs to and what the group name is

Create a group

GROUPADD-G-HR//create Group ID number 1000

grep hr/etc/group//view Group

grep Hr/etc/gshadow

Usermod-ag hr Tom//a represents append, G for additional group

Gpasswd-a Bob HR//Add user Bob to the HR group

ID Bob

Go to vim Etc/group to find the appropriate group modification

gpasswd-d Bob HR//Remove Bob from the HR group

ID Bob

Gpasswd-m Bob,alice,jerry HR//Add multiple users to the HR group at once

grep HR Etc/group

Gpasswd-a Bob HR//Set up an HR group Administrator is Bob

Grep/hr/etc/gshadow

Usermod (-l-u-d-g-g-s) Property modification

Chage (-l-i-m-m-e) Security modification

passwd (-l-u-s-d) User

GPASSWD (-a-a-m-d) group

GPASSWD Market//Change Password

grep maket/etc/gshadow//view password

Gpasswd-r Market//Delete password

Market a directory has access rights, Tom users do not belong to the market group, you can not access this directory.

Tom can temporarily change his membership to the market to access the directory,

The group password is used to temporarily change the membership of the group

Su-tom

ID-GN See which group Tom belongs to

NEWGRP market temporarily add your own to the market group, you need to know the market password

ID-GN See which group you belong to again

exit from Market Group

Id-gn

Groupdel Tom Delete a group

Groups Tom See what groups users are in

Last. Related commands

Su-tom Switch to Tom User

LS ~ Current User home Directory

Ls-a ~tom or ls-a/home/tom Tom for the username this two command meaning for the designated home directory

Chsh-l view with what SH Linux with bash

"Source Package Installation"

Vim hello.c

#include <stdio.h>

int main (VIOD)

{

printf ("Hello world\n");

}

GCC hello.c//Generate a file a.out

./a.out//Execution a.out

Two. Install the relevant compilation environment

Yum install-y gcc gcc-c++

Three. Installing the Apache Web server

Tar jxf httpd.xxx.tar.bz

CD httpd-x.xx

Vim Install//view installation files

./configure--prefix=/usr/local/apache//Specify the installation directory

Make

Make Istall

Four. Start the Web server

Cd/usr/local/apache/bin

./apachectl Start

Firefox &//Open Firefox input into address 127.0.0.1

Web server's Web hosting directory is/usr/local/apache/htdocs

/configure the problem, install Gcc,gcc-c++,openssl-devel.

This article is from the "Wsyht blog" blog, make sure to keep this source http://wsyht2015.blog.51cto.com/9014030/1790246

5. User and User group management