1. user Management 2. user Group 3. permission Assignment 1. View user-related file commands: 1. cat2.more3. head/etc/passwd # view the top 10 lines of the file 4. head-2/etc/passwd # view the first two lines of the file. tail/etc/passwd # view the last 10 lines of the file. 6. tail-f/etc/passwd # the last 10 lines of the real-time tracking file 6.tai
1.User Management2.User Group 3.Permission allocation
1. View user-related file commands: 1. cat
2. more
3. head/etc/passwd # View the top 10 lines of a file
4. head-2/etc/passwd # view the first two lines of the file
5. tail/etc/passwd # View the last 10 lines of a file
6. tail-f/etc/passwd # the last 10 rows of files tracked in real time
6. tail-2/etc/passwd # view the last two lines of the file
7. wc-l/etc/passwd # Display the number of objects
8. nl/etc/passwd # Print the file content directly and display the row number
Root:X:0:0:Root:/Root:/bin/bash
User name: The user name should not be too long. Niejunzhong -"Njz
X: password reserved. The previous password stored in linux
Uid User identifier
Gid Default group ID The system creates a group with the same name by default.
Description Annotation description
Home directory Default directory after user login
Command interpreter Shell default bash
Password file shadow Etc/passwdEach user has the read permission. The earlier password is placed in the password bit. Man-5 shadow Login name: Encrypted password: last Modification time: Minimum Interval: maximum interval: Warning Time: account idle time: Expiration Time: flag.
Time: 1969Macon.Thomas developed unixPrototypeLinuxBirth 1970 1Month 1Day RootSuperuserBy default, you do not have the write permission, so you can modify or delete it.
PwconvPassword write-back The password is first written to passwd.Then convert to shadow.Medium
PasswdCommand Ls-l/Usr/bin/passwd Why can a common user change the password?
SetUIDDefinition: When an executable program has a SetUIDPermission. when a user executes this program, it will be executed as the owner of the program. PasswdThe owner of ISRootAll common users change the passwordRootThe owner to execute this command.
Modify user configuration file to add user (principle) Username /Etc/passwd Password /Etc/shadow 1,Vi/etc/passwd User nameUid gidDescriptionHome directory shell 2,MkdirCreate a home directory Grant permissionsChownUserDirectory 3,Vi/etc/shadow In this caseYesCommand prompt is different 4,Cd/etc/skelAll the files are hidden ls-. 5,Cp skelFileHome directory of the new user
User configuration file/etc/ Login. defsConfigure emailMaximum intervalMinimum time interval (rootNot Limited)Automatically create directory Umask Etc/default/useraddDefault directory of the home directoryWhether the account is disabledAccount expiration time
Logon information Before logon: etc/issue Avoid exposing system version information After logon:/etc/motd Internal Information Wall broadcast
User type: Linux users are divided into three types:
Super User root
Uid = 0 Common User
Uid 500-60000 Pseudo User:
Uid 1-499
UidIs0The user is called a super user, before the command prompt [] #Ls
Pseudo-user 1,Pseudo users are related to systems and program services. Bin, baemon, shutdown, halt, etc. by default, any linux system has these pseudo users
Mail, news, games, apache, ftp, mysql, and sshd are related to processes in linux.
2,Pseudo users generally do not need or cannot log on to the system 3,You can have no home directory
II. user management: 1.Create User Useradd user1
2.Delete a user Userdel-r user1
3.Change password 1) passwd user1
2) echo 123 | passwd -- stdin user1
4.View Users Id user1
III,Files affected by users If you useUserdelDelete: you can delete or create a new file by deleting the affected files. 1)/etc/passwd
2)/etc/shadow
3)/etc/group
4)/var/spool/mail
5)/home
1)/etc/passwdUser attributes User1: x: 500: 500:/home/user1:/bin/bash
1-1) User name
1-2) User password file/etc/shadow
1-3) User uid
1-4) the gid of the user group
1-5) user description
1-6) user's home directory
1-7) log on to the shell
User Category 1-1) superuser
1-2) system users
1-3) common users
2./etc/shadow 1)Encryption method:Grub-md5-crypt 2 )!!The user has no password. 3 )! $The user is locked.
3./etc/group User1: x: 500:
Group name: group password bit:
4./home 1) Home directory of user1
/Home/user1
2) delete a user
Userdel-r user1
# If userdel user1 is deleted, the user's home directory and user's email address will be left behind.
5.Manage user commands-Usermod 1) lock a user
Usermod-L user1
2) unlock a user
Usermod-U user1
3) after the user is locked,/etc/shadow
! $1 $ Ttyif4Oi $ piuprg8yV9. FGc4MzA4EP0
# One will appear before the password!
IV. group management: 1.Create Group Groupadd grp1
2.Delete Group Groupdel grp1
3.User and group management: 1. add users to the group
1). usermod-g grp1 user1
2). usermod-G grp1 user1
3). gpasswd-a user1 grp1 # Add user1 to the grp1 Group
2. delete a user from a group
1). gpasswd-d user1 grp1
# Delete user1 from the grp1 Group
Other user commands:
FingerUser The host logon time, logon time, emails, and scheduled tasks
SuUserSwitch User
Passwd-SUserView the user's password status.
Who and w view current user
Batch add user command loop + echo '000000' | passwd -- stdin user
Gpasswd-a user1 grap1
Gpasswd-d user1 grp1
V,Relationship between users and files-Permission:
1. chmodAuthorization method 1) chmod 755/mnt
2) chmod a + x file
3) umask file permission mask, which determines that the folder permission is 755, and the file permission is 644
4) view the permissions of a single directory
Ls-ld mnt/ 5) switch users on the current terminal
Su-user1
2. chownChange owner and group Chown user4 test
# Change owner to user4
Chown: user4 test
# Change the group to user4
Chown user4: user4 test
# Changing the owner and group at the same time
3. SetUID Operation object: Execution program
-Rwxr-xr-x Root file
-Rwsr-xr-x Root file
Find the setuid program Find/-perm-4000-o-perm-2000
Purpose: Once a command is executed with s-bit, all others execute the command as the owner.
How to add s bit:
1) chmod u + s/bin/touch
2) chmod 4755/bin/touch
4 2 1 setuid setgid t bit
4. setgid Operation object: folder
Purpose: set setgid for the directory. the subfolders under the Directory also inherit the gid of the parent folder. Permission
Chmod g + s test
Chmod 2755 test
5. tBitStick bitwise Operation object: The Directory permission is 777
Purpose: you can only delete your own items in a public folder.
Chmod o + t/tmp
Chmod 1777/tmp
6. sudoAuthorization 1) echo $ PATH
# This environment variable determines the path in which you can directly find the execution program
2) set sudo
2-1) replicate do
2-2) vi/etc/sudoers
# Method 2 not recommended
User1 Localhost =/usr/sbin/useradd user5,/usr/sbin/userdel-r user5,/sbin/service httpd restart
3 )! Str # execute the last command starting with str in history
7. aclAuthorization 1) set permissions
Setfacl-m u: user1: rwx/test
2) view permissions
Getfacl/test
3) delete the permissions of user1 on/test.
Setfacl-x u: user1/test
4) delete all acl permissions on/test
Setfacl-B/test
5) set the default acl permissions
Setfacl-m d: u: user1: rwx test
# Future subdirectories of the current directory will inherit the acl permission of the Directory
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.