CentOS user, group permissions, add delete user issues summary

Source: Internet
Author: User
1.Linux operating system is multi-user multitasking operating system, including user accounts and group accounts of two
Segment user account (ordinary user account, Super User account) in addition to the user account for a group account is a set of user accounts, there are two types of CentOS group, private groups and standard groups, when creating a new user, if you do not specify the group he belongs to, CentOS builds a private group that is the same as the user, and this private group includes only the users themselves. A standard group can hold multiple users, and if you want to use a standard group, you should specify the group that he belongs to when you create a new user, and on the other hand, the same user can belong to more than one group, such as the leader and Technical Group of a unit, and Lik is the technical director of the Unit, so he belongs to the leadership group and When a user belongs to more than one group, the group to which they are logged on is the primary group, and the other groups are additional groups.
Account system files in 2.Linux environment are mainly in/etc/passwd,/etc/shadow,/etc/group, and/etc/gshadow four files

The basic meaning is not much to say, the key point is that root uid is 0, from 1-499 is the standard account of the system, the average user starts from UID 500.

3. Manage accounts with commands
Useradd option User name//Add new user
USERMOD option username//Modify a user that already exists
Userdel-r User name//delete user indicates that the home directory is deleted together.
Groupadd option group name//Add new Group
GROUPMOD option group name//modify a group that already exists
Groupdel Group name//delete a specific group that already exists.
Example
Useradd zhh888//Add a user zh888
Groupadd Blog//Create a new blog group
Useradd-g blog en//means to create a new user zh while adding a blog to the attached group.
useradd-d/var/ftp/pub-m ftpadmin//Create a new user ftpadmin, specify directory is/var/ftp/pub, do not create home directory (-M)
USERMOD-G Blog zh888//means to add zh888 to the additional group blog.
Userdel ftpadmin//means delete ftpadmin user
Userdel-r zhh888//indicates deletion of directories in zh888 and/home together.
Groupdel Blog//indicates deleting a blog group.
4. Password management and timeliness
Create a user after the user will be added to the password, set the password of the command-style passwd
passwd option User Name
PASSWD-L Username account name//prohibit user account password
Passwd-s username//Indicates view user account password status
Passwd-u user name//means restore user account
PASSWD-D user name//means delete user account password
The 5.chage command is the time to protect the password, which prevents other people from guessing the password.
Chage option User Name
Parameters are-M days,-M days,-D days,-I days,-e date,-W days,-l
Example: #chage-m 2-m 30-w zhh//means that the user will not be able to change the password for two days, and the maximum lifetime of the password is 30 days, and the password expires 5 days notice ZHH
6. Status query commands for users and groups
WHOAMI//is used to display the current user name.
Groups user name//indicates the group to which the specified user belongs, or the group to which the current user belongs if no user is specified.
ID//Indicates the current user's UID GID and the list of groups to which the user belongs.
Su-the user//represents the transition to another user if Su represents a switch to its current user.
NEWGRP Group name//represents the conversion of the user's current group to the specified additional group, which the user must belong to.
7. Change of owner and group
Sometimes you also need to change the owner and group of the file. Only the owner of the file has the right to change other owners and groups, the user can transfer their own documents to everyone. Change file owner Chown command
Chown [-R] < user name or group >< file or directory >
Chown zh888 files//the files are converted to zh888 users.
Chown zh888.zh888 files//The owners and groups of files are changed to zh888.
Chown-r zh888.zh888 files//changes all files or directories under all directories and subdirectories to zh888.

8. Setting directory and directory generation masks for files
The user can use the umask command to set the file's default build mask. The default build mask tells the system what permissions should not be given to create a file or directory. If the user places the Umask command in the environment file. Bash_profile, you can control access to all newly created files and directories.
Umask [A1A2A3]
A1 represents a permission that is not allowed to be owned by the owner, A2 represents a permission that does not allow the same group of people, and A3 represents a permission that does not allow others.
Umask 022//indicates that the setting does not allow Write permissions for the same group of users and other users.
Umask//Displays the current default build mask.
9. Settings for special permissions
SUID SGID and Sticky-bit
In addition to the general permissions and special permissions exist, some special permissions have special permissions, if the user does not need special permissions generally do not open special permissions, to avoid security problems. Specific usage can be Baidu and Google a bit.
Hope that their own knowledge can help users better understand the CentOS user & Group permissions & Add delete users and other issues.

  • Related Article

    Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.