Linux User Management-at the beginning, linux User Management --

Linux User Management-at the beginning, linux User Management --

 

Manage USER command Summary

Command	Note (special colors are required)
Useradd	The same as the adduser command. You can run this command to add users to the system. (Change 4 user files)
Delete userdel	Run this command to delete configurations or files of users and related users (change 4 user files)
Passwd	Run this command to set or change the password for the user. Change the/etc/shadow file
Chage	Modify user password attributes. Manage/etc/shadow files
Modify usermod	You can use usermod to modify the logon name, user's home directory, and so on.
Id Query	View UID, GID, and user group
Su	User Role Switching tool. Su-
Sudo	The sudo command is executed by another user, and the su command is used to switch the user and then the user to complete the corresponding task. However, the sudo command can be directly executed after the command, For example, sudo ls/root can execute corresponding commands or directory permissions that only root can execute without the root password; this permission must be implemented through the mongodo command or directly edit/etc/sudoers.
Mongodo	You can also use the visudo command to edit/etc/sudoers directly by using vi. However, we recommend that you use do to perform the operation (the syntax will be checked automatically)

 

Manage user group command Summary

Command	Note (special color labels need to be mastered)
Groupadd	Add User Group
Groupdel	Delete User Group

 

The/etc/skel directory is the directory used to store environment variable files for new users. When we add new users, all files under this directory will be automatically copied to the new user's home directory: by default, all files under the/etc/skel directory are hidden files (. by modifying, adding, and deleting files in the/etc/skel directory, we can provide a unified, standard, and initialized user environment for new users.

[root@chengliang ~]# cd /etc/skel[root@chengliang skel]# lsreadme[root@chengliang skel]# ls -altotal 20drwxr-xr-x.  2 root root 4096 May 12 22:14 .drwxr-xr-x. 79 root root 4096 May 16 17:07 ..-rw-r--r--.  1 root root   18 May 11  2016 .bash_logout-rw-r--r--.  1 root root  176 May 11  2016 .bash_profile-rw-r--r--.  1 root root  124 May 11  2016 .bashrc-rw-r--r--.  1 root root    0 May 12 22:14 readme[root@chengliang skel]# 

 

Command Description: create a file readme in the/etc/skel/directory, and then create a new user. It is found that there is also a readme in the user's home directory by default. Therefore, it is concluded that all files in the/etc/skel/directory will appear in the home directory of the new user by default.

[root@chengliang ~]# su - cheng[cheng@chengliang ~]$ ls -altotal 24drwx------. 2 cheng cheng 4096 May 13 01:23 .drwxr-xr-x. 7 root  root  4096 May 12 22:15 ..-rw-------. 1 cheng cheng  125 May 13 01:23 .bash_history-rw-r--r--. 1 cheng cheng   18 May 11  2016 .bash_logout-rw-r--r--. 1 cheng cheng  176 May 11  2016 .bash_profile-rw-r--r--. 1 cheng cheng  124 May 11  2016 .bashrc-rw-r--r--. 1 cheng cheng    0 May 12 22:14 readme[cheng@chengliang ~]$ 

 

Enterprise interview questions: What are the principles and solutions for Logon failures?

-bash-4.1$-bash-4.1$

Example: Command Description: this problem occurs when a common user forcibly deletes a variable file in the home directory.

[teacher@chengliang ~]$ ls -altotal 20drwx------. 2 teacher teacher 4096 May 30 23:32 .drwxr-xr-x. 7 root    root    4096 May 12 22:15 ..-rw-------. 1 teacher teacher  149 May 30 23:32 .bash_history-rw-r--r--. 1 teacher teacher  176 May 11  2016 .bash_profile-rw-r--r--. 1 teacher teacher  124 May 11  2016 .bashrc[teacher@chengliang ~]$ rm ./.bash*[teacher@chengliang ~]$ ls -altotal 8drwx------. 2 teacher teacher 4096 May 30 23:34 .drwxr-xr-x. 7 root    root    4096 May 12 22:15 ..[teacher@chengliang ~]$ exitlogout[root@chengliang ~]# su - teacher-bash-4.1$ 

Solution: copy the variable file in the/etc/skel/directory.

[root@chengliang ~]# su - teacher-bash-4.1$ -bash-4.1$ cp /etc/skel/.bash* ~-bash-4.1$ exitlogout[root@chengliang ~]# su - teacher[teacher@chengliang ~]$ ls -altotal 24drwx------. 2 teacher teacher 4096 May 30 23:36 .drwxr-xr-x. 7 root    root    4096 May 12 22:15 ..-rw-------. 1 teacher teacher   80 May 30 23:36 .bash_history-rw-r--r--. 1 teacher teacher   18 May 30 23:36 .bash_logout-rw-r--r--. 1 teacher teacher  176 May 30 23:36 .bash_profile-rw-r--r--. 1 teacher teacher  124 May 30 23:36 .bashrc[teacher@chengliang ~]$ 

Knowledge extension * And. * Problems

[root@chengliang etc]# cp /etc/skel/* /tmp/[root@chengliang etc]# cd /tmp/[root@chengliang tmp]# lsetc  mysql.sock  readme[root@chengliang tmp]# ls -altotal 16drwxrwxrwt.  4 root  root  4096 May 30 23:48 .dr-xr-xr-x. 24 root  root  4096 May 12 15:28 ..drwxrwxrwt.  2 root  root  4096 Nov 12  2016 .ICE-unixdrwxr-xr-x.  8 root  root  4096 Nov 20  2016 etcsrwxrwxrwx.  1 mysql mysql    0 May 10 21:08 mysql.sock-rw-r--r--.  1 root  root     0 May 30 23:48 readme[root@chengliang tmp]#

* Hidden files are not copied. Therefore, hidden files in the/etc/skel/directory are not copied to the/tmp/directory.

Before Running cp/etc/skel/. *, let's take a look at what is in? [Root @ chensiqi1 ~] # Ls/etc/skel /. */etc/skel /. bash_logout/etc/skel /. bash_profile/etc/skel /. bashrc/etc/skel /.: readme/etc/skel /..: ConsoleKit inputrc quotatabDIR_COLORS iproute2 rcDIR_COLORS.256color issue rc. dDIR_COLORS.lightbgcolor issue. bak rc. localNetworkManager issue.net rc. sysinitX11 issue.net. bak rc0.dabrt kdump-adv-conf rc1.dacpi kdump. conf rc2.dadjtime krb5.conf rc3.daliases latrace. conf rc4.daliases. db latrace. d rc5.dalsa ld. so. cache rc6.d too many things ....

. * Everything under etc is copied. Why? Don't forget, there is something in the directory, and ..

. Indicates the current directory, and... indicates the upper-level directory. Therefore, * copies all the files in the parent directory. Therefore, when copying hidden files, we cannot use. * to represent all objects.

 

User management command details add USER command useradd

• Commands for adding users include useradd and adduser. These two commands have the same effect. Of course, in addition to the useradd and adduser commands, we can also directly add users by modifying the user configuration file/etc/passwd and/etc/group and manually creating files, however, this is not recommended. We recommend that you use the useradd command in a unified manner. This article will only give an example of the useradd command.
• When the useradd command is used without the parameter option, the system will first read the configuration file/etc/login. the parameters or rules defined in defs and/etc/default/useradd Add add users according to the set rules, the new user and user group records are added to the/etc/passwd and/etc/group files.
• Of course, the/etc/passwd and/etc/group encrypted information files/etc/shadows and/etc/gshadow will also generate records simultaneously, at the same time, the system will create a home directory for the user based on the information configured in the/etc/default/useradd file, and copy all the files in/etc/skel (including hidden environment configuration files) to the Home Directory of the new user.

Useradd Syntax:

[Root @ chensiqi ~] # Man useradd # the following content is the result of the help of this command. In some cases, the tool Syntax of useradd-Account creation or updating new user information is modified: useradd [-c comment] [-d home_dir] [-e expire_date] [-f inactive_time] [-g initial_group] [-G group [,...] [-m [-k skeleton_dir] |-M] [-s shell] [-u uid [-o] [-n] [-r] login] useradd-D [- g default_group] [-B default_home] [-f default_inactive] [-e default_expire_date] [-s default_shell] Description: when a new account is created without the-D parameter, the useradd command uses the command column to specify the new account Number and the default value on the system (referring to the configuration files such as/etc/login. defs and/etc/default/useradd mentioned earlier ). New User Accounts will generate some system files, such as creating user directories and copying start files, which can be specified using the command column option. This version is provided for Red Hat Linux and can help new users create a group with the same name as the user. To achieve this purpose, the-n option cannot be added.

To facilitate viewing, we use tables to display the Parameter options available for useradd as follows:
| Useradd parameter option | description (special colors must be mastered) |
| -- |
|-C comment | description column of the new account password file |
|-D home_dir | the home_dir used by the new account for each login. The default value is the login name in default_home, which is used as the directory name during login. |
|-E expire_date |End date of the account. The specified format of date is MM/DD/YY or YYYY-MM-DD|
|-F inactive_day | permanent suspension after the account expires several days. When the value is 0, the account is immediately suspended. If the value is-1, this function is disabled. The default value is-1. |
|-G initial_group |The group name uses numbers as the start user group for logon ). The user group name must be an existing name of the system. The user group number must also be an existing user group. The preset user group number is 1.|
|-G group, [...] | defines a user as multiple members of different groups. Each user group is separated by commas. The user group name is limited by the-g option. The default value is the user's start user group. |
|-M | the user directory is automatically created if it does not exist. |
|-M |If the user's home directory is not created, the setting of the/etc/login. defs file is preferred. Generally, you do not create a home directory when creating a virtual user. You must create a virtual user when deploying a service.|
|-N | by default, the user group and user name are the same. If the-n parameter is added to the command, a user group with the same name as the user is not generated. |
|-R | this parameter is used to create a system account. |
|-S shell |The shell name used after the user logs on. If the default value is left blank, the system will help you specify the default logon shell (based on the default value of/etc/default/useradd ). Shell supported by cat/etc/shells System|
|-U uid |User ID. This value must be unique unless the-o option is used. The number cannot be negative.|

 

Example 1: useradd-c,-u,-G,-s,-d,-m parameter combination example to customize the user's home directory.

Example 2: default account termination date of the New User

Example 3: Change the default shell type/bin/bash to/bin/sh when adding a user.

[Root @ chensiqi1 ~] # Cat/etc/shells # view the shell types supported by the current system/bin/sh/bin/bash/sbin/nologin/bin/dash/bin/tcsh/bin/csh [root @ chensiqi1 ~] # Grep SHELL/etc/default/useradd # view the current default shell configuration SHELL =/bin/bash [root @ chensiqi1 ~] # Useradd-D-s/bin/sh # change to/bin/sh [root @ chensiqi1 ~] # Grep SHELL/etc/default/useradd # view Modification result SHELL =/bin/sh # modification successfulView Code

Note: Only the default value of the configuration file is changed here. It takes effect only for new users created later and is irrelevant to old users.

Note: After I change the shell type, the following logon failure occurs when useradd adds a user!

-bash-4.1$-bash-4.1$