CentOS command for viewing user-related files

1. user Management 2. user Group 3. permission Assignment 1. View user-related file commands: 1. cat2.more3. head/etc/passwd # view the top 10 lines of the file 4. head-2/etc/passwd # view the first two lines of the file. tail/etc/passwd # view the last 10 lines of the file. 6. tail-f/etc/passwd # the last 10 lines of the real-time tracking file 6.tai 1. User Management 2. User Group
3. Permission allocation

1. View user-related file commands :
1. cat
2. more
3. head/etc/passwd # View the top 10 lines of a file
4. head-2/etc/passwd # view the first two lines of the file
5. tail/etc/passwd # View the last 10 lines of a file
6. tail-f/etc/passwd # the last 10 rows of files tracked in real time
6. tail-2/etc/passwd # view the last two lines of the file
7. wc-l/etc/passwd # Display the number of objects
8. nl/etc/passwd # Print the file content directly and display the row number

Root : X : 0 : 0 : Root : /Root:/bin/bash

User name: The user name should not be too long. Niejunzhong -"Njz
X: password reserved. The previous password stored in linux
Uid User identifier
Gid Default group ID The system creates a group with the same name by default.
Description Annotation description
Home directory Default directory after user login
Command interpreter Shell default bash

Password file shadow
Etc/passwd Each user has the read permission. The earlier password is placed in the password bit.
Man-5 shadow
Login name: Encrypted password: last Modification time: Minimum Interval: maximum interval: Warning Time: account idle time: Expiration Time: flag.

Time: 1969 Macon. Thomas developed unix Prototype Linux Birth 1970 1 Month 1 Day
Root Superuser By default, you do not have the write permission, so you can modify or delete it.

Pwconv Password write-back The password is first written to passwd. Then convert to shadow. Medium

Passwd Command Ls-l/Usr/bin/passwd
Why can a common user change the password?

SetUID Definition: When an executable program has a SetUID Permission. when a user executes this program, it will be executed as the owner of the program.
Passwd The owner of IS Root All common users change the password Root The owner to execute this command.

Modify user configuration file to add user (principle)
Username /Etc/passwd
Password /Etc/shadow
1, Vi/etc/passwd User name Uid gid Description Home directory shell
2, Mkdir Create a home directory Grant permissionsChown User Directory
3, Vi/etc/shadow
In this case Yes Command prompt is different
4, Cd/etc/skel All the files are hidden ls-.
5, Cp skel File Home directory of the new user






User configuration file/etc/
Login. defs Configure email Maximum interval Minimum time interval (root Not Limited) Automatically create directory Umask
Etc/default/useradd Default directory of the home directory Whether the account is disabled Account expiration time

Logon information
Before logon: etc/issue Avoid exposing system version information
After logon:/etc/motd Internal Information Wall broadcast

User type:
Linux users are divided into three types:
Super User root Uid = 0
Common User Uid 500-60000
Pseudo User: Uid 1-499

Uid Is 0 The user is called a super user, before the command prompt [] #Ls


Pseudo-user
1, Pseudo users are related to systems and program services.
Bin, baemon, shutdown, halt, etc. by default, any linux system has these pseudo users
Mail, news, games, apache, ftp, mysql, and sshd are related to processes in linux.
2, Pseudo users generally do not need or cannot log on to the system
3, You can have no home directory

II. user management :
1. Create User
Useradd user1
2. Delete a user
Userdel-r user1
3. Change password
1) passwd user1
2) echo 123 | passwd -- stdin user1
4. View Users
Id user1

III, Files affected by users
If you use Userdel Delete: you can delete or create a new file by deleting the affected files.
1)/etc/passwd
2)/etc/shadow
3)/etc/group
4)/var/spool/mail
5)/home

1)/etc/passwd User attributes
User1: x: 500: 500:/home/user1:/bin/bash
1-1) User name
1-2) User password file/etc/shadow
1-3) User uid
1-4) the gid of the user group
1-5) user description
1-6) user's home directory
1-7) log on to the shell
User Category
1-1) superuser
1-2) system users
1-3) common users
2./etc/shadow
1) Encryption method: Grub-md5-crypt
2 )!! The user has no password.
3 )! $ The user is locked.

3./etc/group
User1: x: 500:
Group name: group password bit:

4./home
1) Home directory of user1
/Home/user1
2) delete a user
Userdel-r user1
# If userdel user1 is deleted, the user's home directory and user's email address will be left behind.

5. Manage user commands -Usermod
1) lock a user
Usermod-L user1
2) unlock a user
Usermod-U user1
3) after the user is locked,/etc/shadow
! $1 $ Ttyif4Oi $ piuprg8yV9. FGc4MzA4EP0
# One will appear before the password!


IV. group management :
1. Create Group
Groupadd grp1
2. Delete Group
Groupdel grp1
3. User and group management :
1. add users to the group
1). usermod-g grp1 user1
2). usermod-G grp1 user1
3). gpasswd-a user1 grp1
# Add user1 to the grp1 Group
2. delete a user from a group
1). gpasswd-d user1 grp1
# Delete user1 from the grp1 Group


Other user commands:
Finger User The host logon time, logon time, emails, and scheduled tasks
Su UserSwitch User
Passwd-S UserView the user's password status.
Who and w view current user
Batch add user command loop + echo '000000' | passwd -- stdin user
Gpasswd-a user1 grap1
Gpasswd-d user1 grp1

V, Relationship between users and files - Permission :

1. chmod
2. chown
3. setuid
4. setgid
5. sudo
6. acl


1. chmod Authorization method
1) chmod 755/mnt
2) chmod a + x file
3) umask file permission mask, which determines that the folder permission is 755, and the file permission is 644
4) view the permissions of a single directory
Ls-ld mnt/
5) switch users on the current terminal
Su-user1

2. chown Change owner and group
Chown user4 test
# Change owner to user4
Chown: user4 test
# Change the group to user4
Chown user4: user4 test
# Changing the owner and group at the same time

3. SetUID
Operation object: Execution program
-Rwxr-xr-x Root file
-Rwsr-xr-x Root file
Find the setuid program Find/-perm-4000-o-perm-2000
Purpose: Once a command is executed with s-bit, all others execute the command as the owner.
How to add s bit:
1) chmod u + s/bin/touch
2) chmod 4755/bin/touch
4 2 1 setuid setgid t bit

4. setgid
Operation object: folder
Purpose: set setgid for the directory. the subfolders under the Directory also inherit the gid of the parent folder. Permission
Chmod g + s test
Chmod 2755 test

5. t Bit Stick bitwise
Operation object: The Directory permission is 777
Purpose: you can only delete your own items in a public folder.
Chmod o + t/tmp
Chmod 1777/tmp

6. sudo Authorization
1) echo $ PATH
# This environment variable determines the path in which you can directly find the execution program
2) set sudo
2-1) replicate do
2-2) vi/etc/sudoers
# Method 2 not recommended
User1 Localhost =/usr/sbin/useradd user5,/usr/sbin/userdel-r user5,/sbin/service httpd restart
3 )! Str # execute the last command starting with str in history

7. acl Authorization
1) set permissions
Setfacl-m u: user1: rwx/test
2) view permissions
Getfacl/test
3) delete the permissions of user1 on/test.
Setfacl-x u: user1/test
4) delete all acl permissions on/test
Setfacl-B/test
5) set the default acl permissions
Setfacl-m d: u: user1: rwx test
# Future subdirectories of the current directory will inherit the acl permission of the Directory