Configuration Management Guide for users and groups under the Linux operating system _unix Linux
Source: Internet
Author: User
User management, the main task is to establish a legitimate user account, set up and manage the user's password, modify the properties of the user account and, if necessary, delete the user account that has been discarded.
1. Add a new user
In a Linux system, only the root user can create a new user, as the following command creates a new user with a login name of user1.
# Useradd User1
However, the user is not able to log in because it has not been set to the initial password, and the user without the password is not able to log on to the system. By default, a user's home directory with the same user name will be created in the/home directory. If you need to specify a separate household directory, you can use the following command:
# useradd-d/HOME/XF User1
At the same time, the user will get a shell program when logged in:/bin/bash, and if you do not want the user to log in, you can specify that the user's shell program is:/bin/false, so that the user even log in, can not execute Linux commands:
# useradd-s/bin/false User1
In Linux, adding a user creates a new group that has the same name as the user who is a member of the group. If you want new users to belong to a group that already exists, you can use the following command:
# useradd-g User User1
This allows the user to be part of the Users group. And if you just want it to belong to a group again, you should use:
# useradd-g User User1
Once you have done this, you should also use the passwd command to set an initial password for it.
2. Delete a user
To remove a user, simply use a simple command "Userdel user name". However, it is best to delete the files it left on the system, and you can use the "Userdel-r username" to do this.
3. Modify User Properties
In the front we saw how to specify its user home directory when creating a new user, how to specify its shell, how to set the group it belongs to ... Wait a minute. A command is provided in Linux to implement:
USERMOD-G Group name-G group name-D user home directory-S user shell
There is also a direct way to modify the/etc/passwd file, in which each user occupies one row, and its contents are:
User name: Password: User id: Group ID: User full Name: User-headed directory: Users Shell
It's worth noting, however, that the password is usually replaced with a * number, which you can't see.
4. Add a group
Remember that Linux files can set different access rights for people who are in the same group, or for people who are not in the same group? We can create groups of users according to their needs:
Groupadd Group Name
5. Delete a group
Similarly, we sometimes need to delete a group whose command is the Groupdel group name.
6. Modify Group members
If we need to add a user to a group, simply edit the/etc/group file and write the user name to the back of the group name. For example, to add a newuser user to the Softdevelop group, just find the Softdevelop line:
Softdevelop:x:506:user1,user2
Then add NewUser in the back, forming:
Softdevelop:x:506:user1,user2,newuser
In addition, Red Hat Linux also provides a graphical user management tool: userconf, which enables more direct user management.
Two important documents: passwd and Group
In the Linux security mechanism,/etc/passwd and/etc/group these two files occupy a very important position. They control some important settings for Linux users and groups.
/etc/passwd file description (for setting the user's properties)
Available VI/ETC/PASSWD View
In the passwd file, each row is divided into 7 sections by a colon (":"), respectively:
[UID] Although the system is used to flag file ownership, determine the various permissions of the flag, but the content of this area does not require unique. A more common and security-related example is a user account with multiple UID and GID 0. Note that a user imnotroot with a UID and GID of 0 on the last line of the file, although it claims to be not root, has exactly the same permissions as root because the system is not based on the [user name] but on the UID and GID to divide the user's power. So, this situation is no doubt the system buried a safe bomb. However, when imnorroot do a lock screen, and so on, if its password is not the same as root, it will not unlock, because the system only found the first UID 0 (naturally, root) after the user is not looking down-it is the UID is unique.
[GID] User default group ID, which can be found in the file/etc/group the corresponding group name.
< note >:[uid] and [GID] less than 500 are generally reserved by the system themselves, do not make the identity of ordinary users and groups, so the new additions to users and groups are generally UID and GID greater than 500.
/etc/group File Description
Vi/etc/group View its contents
It is divided into four parts:
[Group name]:[password domain]:[gid]:[member Case table]
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.