Linux user configuration file (version 2) and linux configuration file

Source: Internet
Author: User

Linux user configuration file (version 2) and linux configuration file
/Etc/passwd file profiling

File Format:

Root: x: 0: 0: root:/bin/bash

Username: Password: UID: GID [default group ID]: annotation Description: Home Directory: shell [Part 7]

 

Linux user category:

Super User (root, UID = 0)

Normal user (UID = 500 ~ 60000) # The maximum value can be changed.

Pseudo user/special user (UID = 1 ~ 499)

 

# Therefore, after a user's UID is changed to 0, it becomes a Super User

 

Pseudo-user features

 

1. Pseudo-users are related to systems and program services

For example, bin, daemon, shutdown, and halt. By default, any Linux system contains these pseudo users.

Such as mail, news, games, apache, ftp, mysql, and sshd. pseudo users related to Linux Processes

For example, MySQL is automatically added to the configuration file during installation.

2. Pseudo-users generally do not need to or cannot log on to the system. Therefore, the pseudo-user mechanism ensures system security.

3. No home directory is available.

 

User Group

 

1. Each user belongs to at least one user group.

[In the management system, every user should belong to his/her own group. In this way, each user will "perform his/her own duties" and have his/her own unique permissions, so as not to be "messy "]

2. Each user group can contain multiple users. A single user can belong to multiple groups at the same time.

3. users in the same group have the permissions shared by this group.

4. If no user group is specified during user creation, the system creates a group with the same user name and adds the user to the group.

 

Other Instructions

Annotation description # For example, storing the full name of the user and the department to which the user belongs. if you add a user, you 'd better write this description to differentiate the role of the user in the future.

Home Directory # default directory after the user logs on to the system

Command Interpreter # The Shell used by the user. The default value is bash.

 

 

/Etc/shadow file profiling

 

File Format:

Root: $1 $0 HZuNsCv $ URJuS1MRpjafAVcmYO0bI1: 15957: 0: 99999: 7 :::

User name: encrypted password: last modification time: minimum interval [0 indicates unlimited]: maximum interval: warning time: account idle time: expiration time: sign [not used generally]

 

Other information:

If the password bit is cleared, the user no longer needs the password.

Minimum interval: minimum number of days between two password changes

Maximum time interval: the maximum number of days for the password to be valid, which can force the user to change the password

[View the help information of the/etc/shadow file: man 5 shadow]

 

/Etc/shadow file permission

 


Linux Password Mechanism

Write the password back: pwunconv # this tool is not provided for commercial UNIX

The/etc/shadow file does not exist.

 


Password conversion: pwconv

Now/etc/shadow is back

 

That is, the password is automatically converted whenever the system creates a password.

 

Verify the/etc/passwd file when verifying the user name and the password:/etc/shadow]

[View root password information grep root/etc/passwd/etc/shadow]

 

 

/Etc/login. defs Brief Analysis

Default User Logon Information

CREATE_HOMEyes # create a home directory while creating a user

UMASK 077 # permissions for creating files or directories by default

[All options are described in detail in the statement]

 

 

/Etc/default/useradd Brief Analysis

Default Configuration when adding a user

INACTIVE =-1 # indicates that the user is not disabled by default during creation, and 0 indicates that the user is disabled by default.

EXPIRE = # account expiration time

SHELL =/bin/shell # Default User shell. If it is/sbin/nologin, new users cannot log on by default.

SKEL =/etc/skel # the original location of the new user's default configuration file

CREATE_MAIL_SPOOL = yes # whether to create a file for saving user emails when adding a user

 


Logon Information configuration file

The information displayed after/etc/motd user logon can be used for internal staff notification information [today's message]. As long as you log on, you will receive

The information displayed before logon by the/etc/issue user. However, the original content is not recommended and can be used to display public information.

 

Instance: manually add users

1. Edit the/etc/passwd file and add

Xiaofang: 502: 502: test user:/home/xiaofang:/bin/bash

2. Create the home Directory of xiaofang: mkdir/home/xiaofang

3. Change the owner of the Directory: chown tom/home/xiaofang

4. edit/etc/shadow and add

Xiaofang: 16023: 0: 99999: 7 :::

4. cp-rf/ect/skel/. */home/xiaofang

# New User information file:/etc/skel. Some configuration files of the new user are saved here, as long as they are all copied to/home/xiaofang, the user is no different from the user in useradd.

5. passwd xiaofang # generate the xiaofang Password

In this case


OK!

 

 

Appendix-generate encrypted ciphertext

Echo "123456" | md5sum

 


Storage location and directory of Linux User Name and related configuration files

Vi/etc/samba/smb. conf
Vi/etc/sysconfig/network

Enter usermod-l bb aa in the root directory

User and Group configuration files are one of the most basic system files that the system administrator should understand and master, understanding these files is also an important part of system security management. As a qualified system administrator, you should have a thorough understanding of the user and user group configuration files. There are not many words below.

What file is the default configuration file for linux users?

/Etc/passwd/etc/shadow
Disable account edit/etc/passwd add #
You can also use passwd-l username to lock the linux account and password.
Usermod-L username: locking a linux Account

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.