Detailed description of users and groups in Linux

Source: Internet
Author: User
Tags ftp access

Explanation of Linux users and groups 1. Linux User Classification Linux has three types of users: Super administrator root: with the highest permissions, UID = 0 GID = 0 System Account: it is mainly used for applications, maintenance System operation, and cannot log on. Common User (login-Account): both the logged-on user root and the common user are familiar with the System user. Typical system users: bin: x: 1: 1: bin:/sbin/nologindaemon: x: 2: daemon:/sbin/nologinadm: x: 3: 4: adm:/var/adm:/sbin/nologinshutdown: x: 6: 0: shutdown:/sbin/shutdownhalt: x: 7: 0: halt: /sbin:/sbin/haltmail: x: 8: 12: mail:/var/spool/mail:/sbin/nologinucp: x: 10: 14: uucp: /var/spool/uucp:/sbin/nologinoperator: x: 11: 0: operator:/root:/sbin/nologingames: x: 12: 100: games: /usr/games:/sbin/nologingopher: x: 13: 30: gopher:/var/g Opher:/sbin/nologinftp: x: 14: 50: FTP User:/var/ftp:/sbin/nologinnobody: x: 99: 99: Nobody :/: /sbin/nologin can't help asking why there are system users? In Linux, most of the permissions and Security Management depend on the management of file permissions (read, write, and execution). Users are a set of permissions that can be used to obtain system resources, the owner of the File Permission is the user. When the application needs to access/operate/own system resources, Linux uses the user to control/implement these users. These users are system users. Example: sys: The sys user owns the default mounting point for the Distributed File Service (DFS) cache, which must exist before you can install or configure DFS on a client. the/usr/sys directory can also store installation images. ftp: Used for anonymous FTP access. nobody: Owns no files and is sometimes used as a default user for unprivileged operations. ii. Linux group PS: All users here refer to normal users, that is, login users. Relationship between groups and users in Linux, users are managed in Group mode. The relationship between users and groups is many to many, that is, a user can join/belong to one or more groups, A group can have 0, 1, or more users. Groups are classified into the master group and affiliated group from the user's perspective. Master group: Also known as primary group, first group, or initial login group. The default group of the user, the group identified by the user's gid. Affiliated group: Also known as Secondary group or supplementary group. You can use the id command to view the current user's master group and affiliated group [root @ localhost ~] # Id rootuid = 0 (root) gid = 0 (root) groups = 0 (root), 1 (bin), 2 (daemon), 3 (sys ), 4 (adm), 6 (disk), 10 (wheel) [root @ localhost ~] # Id gguid = 503 (gg) gid = 503 (gg) groups = 503 (gg) [root @ localhost ~] # Id mmuid = 502 (mm) gid = 500 (jww) groups = 500 (jww) gid identifies the master group, and groups indicates all the groups to which the user belongs (Master group and affiliated group) 1. A user must have only one primary group, and can have 0, 1, or more affiliated groups. For example, we must have a house for home security (similar to the primary group ), there can also be n houses (affiliated groups) for investment or other purposes ). 2. the main group is also the default group. When a user's own file or directory is used, the group owner of this file or directory is the user's main group by default (of course, you can use chgrp to modify the group owner ). 3. In the/etc/passwd file, the fourth field in the record line is gid, that is, the user's master group id. 4. in the/etc/group file, the fourth field in the record row is a member of the group. This field is not displayed as a member of the main group, but only as a member of the affiliated group, therefore, the fourth field of the/etc/group record row does not fully list all members of the group. 5. when creating a new user using the useradd command, you can use the-g parameter to specify an existing group as its main group. If the-g parameter is not used, the system automatically creates a group with the same name and user name as the main group of the user (provided that the group is variable in/etc/login. defs's USERGROUPS_ENAB attribute value is yes), as shown in the-g parameter description of useradd in the Command Manual:-g, -- gid GROUP The group name or number of the user's initial login group. the group name must exist. A group number must refer to an already existing group. if not specified, the bahavior of useradd will depend on the USERGROUPS_ENAB var Iable in/etc/login. defs. if this variable is set to yes (or-U/-- user-group is specified on the command line), a group will be created for the user, with the same name as her loginname. if the variable is set to no (or-N/-- no-user-group is specified on the command line ), useradd will set the primary group of the new user to the value specified by the GROUP variable in/etc/default/useradd, or 10 0 by default. in addition, you can use usermod-g to set the master group/gid of a common user to any group (permanent) in the system ); you can also temporarily change the master group/gid of the current user through newgrp (only valid for the current login session, not permanent ). Set the affiliated group of a common user through usermod-G.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.