Detailed operation commands for centos users, group permissions, adding and Deleting Users

Source: Internet
Author: User

1. Linux is a multi-user, multi-task operating system, including user accounts and group accounts.
Subdivide user accounts (ordinary user accounts, super user accounts) in addition to the user accounts that think there are also group accounts. The so-called group accounts are the collection of user accounts. There are two types of centos groups: private group and standard group, when creating a new user, if the user's group is not specified, centos creates a private group that is the same as the user. This private group only includes the user. A standard group can accommodate multiple users. If you want to use a standard group, you should specify the group to which a new user belongs when creating a new user. On the other hand, A single user can belong to multiple groups. For example, a leader group and a technical group of a certain organization, lik is the technical director of the organization. Therefore, lik is a leader group and a technical group. When a user belongs to multiple groups, the group to which the user logs on is the primary group, and the other groups are the additional groups.

2. in Linux, the account system files are mainly in the/etc/passwd,/etc/shadow,/etc/group, and/etc/gshadow files. The basic meaning is not to mention. The root uid is 0, from 1 to 499 is the standard account of the system, and general users start from uid 500.

3. Use commands to manage accounts
Useradd option username // Add new user

Usermod option username // modify an existing user

Userdel-r username // indicates that the user's directory is deleted together.

Groupadd option group name // Add a new group

Groupmod option group name // modify an existing group

Groupdel group name // delete an existing group.

Example
Useradd zhh888 // Add a user zh888

Groupadd blog // create a blog Group

Useradd-G blog ZH // indicates creating a new user ZH and adding it to the additional blog group.

Useradd-D/var/FTP/pub-M ftpadmin // create a new user ftpadmin, specify the directory as/var/FTP/pub, do not create your own directory (-m)

Usermod-G blog zh888 // Add zh888 to the additional group blog.

Userdel ftpadmin // indicates deleting the ftpadmin user

Userdel-r zhh888 // indicates deleting the directory in zh888 and/home.

Groupdel blog // indicates deleting a blog group.

4. Password Management and Validity Period
After creating a user, you need to add a password to the user, and set the command type passwd for the password.
Passwd option User Name

Passwd-l user name account name // Disable User Account Password

Passwd-s user name // indicates viewing the user account password status

Passwd-u user name // indicates restoring the user account

Passwd-D username // indicates deleting the user account password

5. The chage command is used to protect the password's validity period. This prevents others from guessing the password's time.

Chage option User Name

Parameters include-M days,-M days,-D days,-I days,-e date,-W days,-l
Example: # chage-M 2-M 30-W zhh // indicates that the user cannot change the password within two days, and the maximum password retention period is 30 days, and the password expires for 5 days to notify zhh

6. user and group status query command

Whoami // displays the current user name.

Groups user name // indicates the group to which the specified user belongs. If no user is specified, the group to which the current user belongs is displayed.

Id // displays the UID gid of the current user and the list of groups to which the user belongs.

Su-user // indicates to convert to another user. If Su indicates to switch to its current user.

Newgrp group name // indicates to convert the current group of the user to the specified additional group, and the user must belong to this group.

7. Modify the owner and the same group

Sometimes you also need to change the owner and group of the file. Only the owner of a file has the right to change other owners and groups. Users can transfer their own files to everyone. Use the CHOWN command to change the file owner

Chown [-R] <user name or group> <file or directory>

Chown zh888 files // change the owner of the file files to the zh888 user.

Chown zh888.zh888 files // change the owner and group of file files to zh888.

Chown-r zh888.zh888 files // change the master and group of all files or directories in all directories and subdirectories of files to zh888.


8. Set the file directory and directory generation mask

You can use the umask command to set the default file generation mask. The default generated mask tells the system which permissions should not be granted to create a file or directory. If you place the umask command in the environment file. bash_profile, you can control access to all newly created files and directories.

Umask [a1a2a3]
A1 indicates that permissions of the owner are not allowed, A2 indicates that permissions of the same group are not allowed, and A3 indicates that permissions of others are not allowed.

Umask 022 // indicates that the write permission is not allowed for users in the same group and other users.

Umask // display the current default generated mask.

9. Special permission settings

Suid sgid and sticky-bit

In addition to general permissions, special permissions exist. Some special permissions have special permissions. If you do not need special permissions, do not open special permissions to avoid security issues.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.