Consumer identifiers: UID (User ID), GID (group ID) User ID information is stored in the ETC/PASSWD group ID information stored in the Etc/group password table stored in Etc/shadow when the user logs in, actually not directly through the input account to read, But by uid/gid/shadow the corresponding ID login process is as follows: 1. First look for the/etc/passwd inside whether you enter the account, if not, if not, if any, then the account corresponding to the UID and GID (in/etc/group) read out, in addition, The home directory of the account and the shell configuration also read 2. Then it is check the password table, then Linux will enter the/etc/shadow inside to find the corresponding account and UID, and then check the password you just entered and the password in the match 3. If everything is right, you can enter Shell stage/ETC/PASSWD file Structure root:x:0:0:root:root:/bin/bashbin:x:1:1:bin:/bin:/sbin/nologinlin3615:x:500:500:lin3615 :/home/lin3615:/bin/bashapache:x:48:48:apache:/var/www:/sbin/nologinmysql:x:27:27:mysql Server:/var/lib/mysql:/ Bin/bash ..... ......... Each of the above represents an account, a few lines on behalf of a few accounts in this system, there are many accounts are necessary for the normal operation of the system, we simply referred to as the system account, such as: Bin Root of the line is the system administrator, you can see is used ":" to separate into seven parts, This is explained as follows: Root (1 account name): X (2 password): 0 (3uid): 0 (4GID): root (5 user information): root (6 directories):/bin/bash (7Shell) 1. Account name: Is the account number used to match the UID, such as root The UID corresponds to 0 (third field) 2. Password early UNIX system password is placed in this field, but because this file is the characteristics of all programs can be read, for security, so later on this field password data into the/etc/shadow, so see here is " X "3.UID This is the identifier of the user is the ID of the range has its special ID: 0 o'clock, indicating that the system administrator when (1-499) is the system account, when in (-...) For general users and/etC/PASSWD file related 4. GID this is related to/etc/group, in fact, and/etc/passwd almost, but the name is different 5. User Information Description Bar This field is basically used to explain the meaning of this account 6. Home Directory This is the user's home directory, the default user home directory in/home/ User name 7.shell: This is a shell command, and specify the default Bash/etc/shadow file structure This holds the user password, such as information, the previous password is saved in/etc/passwd in the second field, but for security, so in/etc/ The second field value in passwd is set to "X", then the contents of the file, such as password, etc., are stored in the file as follows: Root:$1$9asfdsfsdfsdfsfsdffa:16543:0:9999999:7:::
root (1 account name): $1$9asfdsfsdfsdfsfsdffa (2 password): 16543 (3 last changed password date)
: 0 (4 number of days for which password is not changeable): 9999999 (number of days for which the password needs to be re-modified): 5 ( 6 The number of warning days before the change limit is required)
:(7 password Expires):(8 account expiration date):(9 reserved field) is divided into nine segments with ': ', each of which is as follows: 1. account name This field name must be associated with/etc/passwd Same thing. 2. Password This is the encrypted password field value, when the length of the field changes, the password will be invalidated, so a lot of software through this function, before this field Plus! or * change the password field length, It will cause the password to expire temporarily. 3. Date of recent password change this field records the date of the change of the password, the algorithm is from 1970/01/ 01 Days of the day to update the password 4. Number of days that the password cannot be changed This field value indicates that the password cannot be modified within the set number of days, and if 0, there is no limit of 5. The number of days the password needs to be changed indicates that the password must change after the specified number of days to use 6 When A warning is given to change the password based on this setting value 7. Password Expiration time (password expiration date) when the password expires, in fact, you can log in, but must be in this specified number of days, or failure, unable to log on 8. Account expiration date set How many days later, this account expires, cannot use 9. Reserved Fields/ Etc/group file structure This file is the correspondence between the GID and the group name is as follows: root:x:0:lin3615:x:500: Separated by ":", divided into four columns As:root (1 group name): X (2 group password): 0 (3 Group ID): [ 4root Nullable] (account supported by this group) 1. Group name is the group name 2. Group password is usually not configured, this is for the group administrator, rarely necessary configuration, the same, the password has been moved/etc/gshadow, so this field will only exist an "X" 3.gid is the group ID, We/etc/passwd the group name of the GID corresponding to the fourth field, which is the corresponding 4. Account name supported by this group an account can be added to multiple groups, an account that wants to join the group and fill in the field with that account. such as: I want to add lin3615 also to the root of this group, then in the first line of the end with ", lin3615", do not have a space to make it root:x:0:root,lin3615, this field can be empty, if it is empty, it means that the previous group name to see the group name of the user: Groups
Account management and groups