CentOS command for viewing user-Related Files

CentOS command for viewing user-Related Files
1.User Management 2. User Group
3. Permission assignment

1. view User-related file commands:
1. cat
2. more
3. head/etc/passwd # View the top 10 lines of a file
4. head-2/etc/passwd # view the first two lines of the file
5. tail/etc/passwd # View the last 10 lines of a file
6. tail-f/etc/passwd # the last 10 rows of files tracked in real time
6. tail-2/etc/passwd # view the last two lines of the file
7. wc-l/etc/passwd # Display the number of objects
8. nl/etc/passwd # Print the file content directly and display the row number


Root: X: 0: 0: root:/bin/bash

User name: the user name must not be too long. Niejunzhong-"Njz
X: Password reserved. The previous password stored in linux
UidUser Identifier
GidDefault group IDThe system creates a group with the same name by default.
DescriptionAnnotation description
Home Directory Default directory after User Login
Command Interpreter Shell default bash

Password File shadow
Etc/passwd each user has the read permission. The earlier password is placed in the password bit.
Man-5 shadow

Login Name: encrypted password: last modification time: minimum interval: maximum interval: warning time: account idle time: expiration time: flag.

Time: In October 1970, Ken Thomas developed a unix prototype. The industry believes that linux was born in October.
Root super users do not have the write permission by default, so they can modify or delete it.

Pwconv password write-back The password is first written to passwd and then converted to shadow.

Passwd command Ls-l/Usr/bin/passwd
Why can a common user change the password?



SetUID definition: When an executable program has the SetUID permission, the user executes the program as the owner of the program.
The owner of Passwd is the root owner of all common users who change the password to execute this command.

Modify user configuration file to add user (principle)
Username /Etc/passwd
Password /Etc/shadow
1. vi/etc/passwd Username and password uid gid description local directory shell

2. MkdirCreate a Home Directory Grant PermissionsChown userDirectory

3. Vi/etc/shadow

At this time, you can log on to the command prompt.

4. All files in cd/etc/skel are hidden ls-.

5. File in Cp skel to the Home Directory of the new user








User configuration file/etc/
Login. defsConfigure emailMax time interval min time interval (not limited to root) automatically create directory Umask
Etc/default/useraddWhether the default directory account of the home directory is disabled or not

Logon Information
Before Logon: etc/issue Avoid exposing System Version Information

After Logon:/etc/motdInternal Information Wall Broadcast

User Type:
Linux users are divided into three types:
Super User root Uid = 0
Common User Uid 500-60000
Pseudo User: Uid 1-499

A user with a Uid of 0 is called a Super User.[] #Ls



Pseudo-user
1. Pseudo-users are related to systems and program services
Bin, baemon, shutdown, halt, etc. By default, any linux system has these pseudo users
Mail, news, games, apache, ftp, mysql, and sshd are related to processes in linux.
2. Pseudo-users generally do not need or cannot log on to the system
3. No home directory is available.

Ii. User Management:
1. Create a user
Useradd user1
2. delete a user
Userdel-r user1
3. Change the password
1) passwd user1
2) echo 123 | passwd -- stdin user1
4. View users
Id user1

Iii. Files affected by users
If you use userdel to delete a file, you can delete and create a new one by deleting the affected files.
1)/etc/passwd
2)/etc/shadow
3)/etc/group
4)/var/spool/mail
5)/home

1)/etc/passwd user attributes
User1: x: 500: 500:/home/user1:/bin/bash
1-1) User Name
1-2) user password file/etc/shadow
1-3) User uid
1-4) the gid of the user group
1-5) User description
1-6) user's home directory
1-7) log on to the shell
User category
1-1) superuser
1-2) system users
1-3) common users
2./etc/shadow
1) encryption method: grub-md5-crypt
2 )!! The user has no password.
3 )! $ This user is locked

3./etc/group
User1: x: 500:
Group Name: group password bit:

4./home
1) Home Directory of user1
/Home/user1
2) delete a user
Userdel-r user1
# If userdel user1 is deleted, the user's home directory and user's email address will be left behind.

5. Manage USER commands-usermod
1) Lock a user
Usermod-L user1
2) unlock a user
Usermod-U user1
3) after the user is locked,/etc/shadow
! $1 $ Ttyif4Oi $ piuprg8yV9. FGc4MzA4EP0
# One will appear before the password!


Iv. Group Management:
1. Create a group
Groupadd grp1
2. delete a group
Groupdel grp1
3. user and group management:
1. Add users to the group
1). usermod-g grp1 user1
2). usermod-G grp1 user1
3). gpasswd-a user1 grp1
# Add user1 to the grp1 Group
2. delete a user from a group
1). gpasswd-d user1 grp1
# Delete user1 from the grp1 Group


Other USER commands:
Finger user The Host Logon Time, Logon Time, emails, and scheduled tasks
Su User Switching user
Passwd-S user to view the user's password status.
Who and w view current user
Batch add user command loop + echo '000000' | passwd -- stdin user
Gpasswd-a user1 grap1
Gpasswd-d user1 grp1

V. Relationship between users and files-permission:

1. chmod
2. chown
3. setuid
4. setgid
5. sudo
6. acl


1. chmod authorization method
1) chmod 755/mnt
2) chmod a + x file
3) umask File Permission mask, which determines that the folder permission is 755, And the File Permission is 644
4) view the permissions of a single directory
Ls-ld mnt/
5) Switch users on the current terminal
Su-user1

2. chown changed the owner and group
Chown user4 test
# Change owner to user4
Chown: user4 test
# Change the group to user4
Chown user4: user4 test
# Changing the owner and group at the same time

3. SetUID
Operation object: Execution Program
-Rwxr-xr-xRoot file
-Rwsr-xr-xRoot file
Find the setuid ProgramFind/-perm-4000-o-perm-2000
Purpose: Once a command is executed with s-bit, all others execute the command as the owner.
How to add s bit:
1) chmod u + s/bin/touch
2) chmod 4755/bin/touch
4 2 1 setuid setgid t bit

4. setgid
Operation object: folder
Purpose: Set setgid for the directory. The subfolders under the directory also inherit the gid of the parent folder. Permission
Chmod g + s test
Chmod 2755 test

5. t-bit stick as bit
Operation object: The directory permission is 777
Purpose: You can only delete your own items in a public folder.
Chmod o + t/tmp
Chmod 1777/tmp

6. sudo authorization
1) echo $ PATH
# This environment variable determines the path in which you can directly find the execution Program
2) Set sudo
2-1) replicate do
2-2) vi/etc/sudoers
# Method 2 not recommended
User1 Localhost =/usr/sbin/useradd user5,/usr/sbin/userdel-r user5,/sbin/service httpd restart
3 )! Str # execute the last command starting with str in history

7. acl authorization
1) Set permissions
Setfacl-m u: user1: rwx/test
2) view Permissions
Getfacl/test
3) Delete the permissions of user1 on/test.
Setfacl-x u: user1/test
4) Delete All acl permissions on/test
Setfacl-B/test
5) set the default acl Permissions
Setfacl-m d: u: user1: rwx test
# Future subdirectories of the current directory will inherit the acl permission of the Directory