Detailed operation commands for CentOS user, group permissions, add delete user, etc.
The 1.Linux operating system is a multi-user multitasking operating system, including user accounts and group accounts, user accounts (ordinary user account, Super User account) in addition to the user account that the group account is the so-called group account is a collection of user accounts, the CentOS group has two types, private groups and standard groups, When you create a new user, if you do not specify the group to which he belongs, CentOS establishes the same private group as the user, which includes only the user himself. A standard group can hold multiple users, and if you want to use a standard group, when you create a new user, you should specify the group that he belongs to, and from the other hand, the same user can belong to multiple groups, such as a unit's lead group and technical team, and Lik is the technical director of the Unit, so he belongs to the leadership and technical groups. When a user belongs to more than one group, the group it belongs to is the primary group and the other group is an additional group.
The account system files in 2.Linux environment are mainly in/etc/passwd,/etc/shadow,/etc/group, and/etc/gshadow four files. The basic meaning is not much to say the point, the UID of root is 0, from 1-499 is the standard account of the system, the average user starts from UID 500.
3. Use command to manage accounts
Useradd option User name//Add new user
Usermod option User name//Modify existing User
Userdel-r User name//delete user indicates the deletion of the home directory together.
Groupadd option group name//Add new Group
GROUPMOD option group name//modify already existing group
Groupdel Group name//delete a specific group that already exists.
Example
Useradd zhh888//Add a user zh888
Groupadd Blog//Create a new blog group
Useradd-g blog en//means to create a new user en and join the blog attachment group.
useradd-d/var/ftp/pub-m ftpadmin//Create a new user ftpadmin, specify directory is/var/ftp/pub, do not create your own directory (-M)
USERMOD-G Blog zh888//means to add zh888 to the additional group blog.
Userdel ftpadmin//Express Delete ftpadmin user
Userdel-r zhh888//indicates deletion of directories in zh888 and/home.
Groupdel Blog//means delete blog group.
4. Password management and prescription
After you create a user, you add a password to the user, and the command for the password is set passwd
passwd User name Passwd-l username//prohibit user account password
Passwd-s username//Indicates view user account password status
Passwd-u username//means restore user account
passwd-d username//means delete user account password
The 5.chage command is the time limit for protecting a password so that other people can be prevented from guessing the password.
Chage option User Name
Parameters are-M days,-M days, D-Days, I-days, e-date,-W days,-l
Example: #chage-m 2-m 30-w zhh//means that the user zhh cannot change the password for two days, and the maximum lifetime of the password is 30 days, and the password expires 5 days notice ZHH
6. User and group Status query commands
WHOAMI//is used to display the current user name.
Groups user name//indicates the group to which the specified user belongs, or the group to which the current user belongs if no user is specified.
ID//Represents the UID GID for the current user and the list of groups to which the user belongs.
su– user//representations are converted to other users if Su represents switching to their current user.
NEWGRP Group name//represents the conversion of the current group of users to the specified additional group, and the user must belong to that group.
7. Change the owner and the same group
Sometimes you also need to change the owner of the file and the group to which it belongs. Only the owner of the document has the right to change other owners and members of the group, users can transfer their own documents to everyone. Change file owner with chown command
Chown [-R] < user name or group >< file or directory >
Chown zh888 files//to convert file files to zh888 users.
Chown zh888.zh888 files//Changes the owner and group of file files to zh888.
Chown-r zh888.zh888 files//changes all files or directories under all directories and subdirectories of files to zh888.
8. Set directory and directory generation masks for files
The user can use the umask command to set the file default build mask. The default build mask tells the system what permissions should not be given to create a file or directory. If the user places the Umask command in the environment file. Bash_profile, you can control access to all newly created files and directories.
Umask [A1A2A3]
A1 represents a permission that does not allow the owner, A2 represents permissions that do not allow the same group of people, and the A3 delegate does not allow permission from others.
Umask 022//indicates that the setting does not allow Write permissions for the same group of users and other users.
Umask//Displays the current default build mask.
9. Settings for special permissions
SUID SGID and Sticky-bit in addition to the general permissions and special permissions exist, some special permissions have special permissions, if the user does not need special permissions generally do not play
Open Special permissions to avoid security issues.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.