AIX user management

User management is an important part of the system. Every user logged on to the system has a user account, and a password is usually stored in a secure system, A valid user must have a password ). If the password is correct, the user can log on to the account to obtain various privileges of the account. The user's password is stored in the/etc/passwd and/etc/security/passwd files.

A user group is a collection of users who share access permissions to protected resources. A user group contains an identifier consisting of members and administrators. The creator of the group is usually the first administrator of the user group. There are three types of user groups:

User-defined group: this user group is used to share files in the system, for example, persons working in the same department or under the same project. Generally, do not create too many users.

SYSTEM Administrator Group: This user group corresponds to the SYSTEM user group. SYSTEM User Group members are allowed to perform SYSTEM maintenance tasks by administrators who do not have super user permissions.

System definition group: Some user groups are defined by the operating system. The default user group created by the System for Non-administrator users is STAFF. The SECURITY user group has the privilege to perform SECURITY management.

1. User management commands

The following are some important commands for system management:

Mkuser creates a new user.

Passwd creates or modifies user passwords.

The chuser modifies the user attributes except the user password.

Lsuser displays user attributes.

Rmuser deletes a user.

Log On As a login user.

Chfn modifies the user's description. You can enter the address, full name, alias, and other information at will.

The Finger command displays the user's description.

Chsh modifies the user's Shell.

Who displays the currently logged-on users.

2./etc/passwd file

The/etc/passwd file stores the basic information of the user. This ASCII file contains the entries of all users. Each entry defines the basic attributes of a user. When you use the mkuser command to add a user, the/etc/passwd file is automatically updated.

In the/etc/passwd file, each entry uses a colon :) to separate different attributes. The format is as follows:

Name: Password: UserID: PrincipleGroup: Gecos: HomeDirectory: Shell

If the value of the Password field is asterisk *), the Password is invalid. If it is an exclamation point !) Indicates that the password is in the shadow file/etc/security/passwd. In general, this field is an exclamation point !). If the password field is asterisk (*) and the user authentication is required, the user cannot log on to the system.

The Shell field specifies the initial program or shell that the user executes when calling the login or su command. The Korn shell is the standard Logon shell of the AIX operating system and is backward compatible with the Bourne shell. If not defined,/usr/bin/shBourne shell is used by default ). The Bourne shell is a subset of the Korn shell.

When a user is created using mkuser, the password field is always initialized as asterisk *) -- indicates an invalid password. Use the passwd or pwdadm command to set the password. Once the password is set, an exclamation point is displayed !) Enter the/etc/passwd file, indicating that there is an encrypted password in the/etc/security/passwd file.

3./etc/environment file

The/etc/environment file contains the basic environment variables used by all processes. Each time a new process is started, the exec function generates a string in the Name = Value format called "Environment". The Name on the left of each string is called an environment variable or a shell variable. Each Command checks the environment variables before it starts running. At login, the system reads the user's login script. Before configuring the profile, you must set the environment variables according to the environment File.

The following are some variables that constitute the basic environment:

HOME: The complete logon path or main directory. The Login program sets this value based on the corresponding fields in the/etc/passwd file.

LANG: The International region where the user is located. During system installation, this variable is set in the/etc/environment file.

PATH: If the command is not executed in the complete PATH, the command is searched in a series of Directories specified by PATH. Different directory names in PATH are separated by colons.

TZ: Time Zone information. TZ environment variables are set in/etc/environment.

4. Create and modify user passwords

The passwd command creates an encrypted passwd entry in the/etc/security/passwd file, and then changes the corresponding Password field in the/etc/passwd file from asterisk *) to an exclamation point !). The following example shows

This command shows how to change the user password:

Passwd

If the old password is not a superuser, the passwd command First prompts you to enter the old password, and then the command twice prompts you to enter the new password for confirmation ).

5. display the current Login User

The who command displays all online user information in the current local system, including the logon name, logon terminal name, logon date, and time. Enter whoami or who am I to display the name, terminal name, date, and time of your logon. If you log on from a remote user, the remote host name is displayed. Who command can also display the time elapsed since the previous keyboard activity and command interpreter shell), login process, and other process numbers generated during initialization.

The following example shows the usage of the who command:

1) display information of all users currently logged on to the system:

# Who

Root pts/0 Nov 17 10: 20sv1166a. itsc. aus)

Root pts/2 Nov 23 10: 45sv1121c. itsc. aus)

Root pts/3 Nov 23 10: 48sv1121c)

2) display your Username:

# Who am I

Root pts/3 Nov 23 10: 48sv1121c)

3) display the running level of the current system:

# Who-r

. Run-level 2 Nov 17 10:19 2 0 S

4) display the processes generated by init and currently active

# Who-p

Rc. Nov 17 2896 id = rc

Fbcheck. Nov 17 2898 id = fbcheck

Srcmstr. Nov 17 2900 id = srcmstr

Rctcpip. Nov 17 4648 id = rctcpip

Rcnfs. Nov 17 4650 id = rcnfs

Cron. Nov 17 4652 id = cron

Piobe. Nov 17 4984 id = piobe

Qdaemon. Nov 17 4986 id = qdaemon

Writesrv. Nov 17 4988 id = writesr

Uprintfd. Nov 17 4990 id = uprintf

Pmd. Nov 17 8772 id = pmd

Dt. Nov 17 9034 id = dt

The id command can also display the user's current logon information

6. Modify the user's logon Shell

The chsh command modifies the logon shell attribute, which defines the initial program that the user runs after logon. This attribute is specified in the/etc/passwd file. By default, the chsh command modifies the logon shell of the caller. The chsh command is interactive. When running, the system lists the available shell and the Current shell attributes of the user, and then prompts to modify the shell. The input must contain the complete path of the available shell. As long as you have the executable permission for the chuser command, you can modify the logon shell of another user.

7. Modify the SHELL prompt

Shell uses the following three prompt variables:

PS1: a normal system prompt.

PS2: prompt when shell is waiting for input.

PS3: the prompt when running the select Sub-command.

Modifications to these shell variables always apply to user exit. In. Setting these variables in the env file permanently makes changes to the prompt valid.

The following command displays the value of the current PS1 variable:

# Echo "prompt is $ PS1 ":

Prompt is $

Run the following command to change the current prompt to Ready>:

Export PS1 = "Ready>"

Run the following command to change the prompt to Enter more->:

Export PS2 = "Enter more->"

Run the following command to change the select subcommand prompt to Root->:

Export PS3 = "Root->"

Oracle video tutorial follow: http://u.youku.com/user_video/id_UMzAzMjkxMjE2.html