I. Frequently dealing with folders/etc/passwd,/etc/shadow,/etc/group,/etc/gshadow,
1./etc/passwd
User name: X:uid:gid: Some properties of the User: Home directory: Default shell (usually/bin/bash)
/sbin/nologin is a special shell that is forbidden to log on.
2./etc/shadow
User name: Password after encryption: Last Change Password time (1970.1.1): How long the password cannot be changed: How long does the password expire: Warning time before expiration: Expiry time: Expiration date (1970.1.1): Reserved field
3,/etc/group
Group name: Group Password: GID: Group member (if the group is the user's initial group, the user is not shown here)
4./etc/gshadow---> Maximum function is to set up a group master administrator,
Group Name: password (start with!) , which means no legal password, so no group master Administrator): Group Administrator account: Group members
5. Uncommon Catalogue ———— >/etc/skel
- The directory used to store the new user profile
- When we create a new user, all files in this directory are automatically copied from the newly created user's home directory
- By default, all files under the/etc/skel directory are hidden files, and by modifying, adding, and deleting files in the/etc/skel directory, you can provide a unified, standard, and initialized user environment for newly created users.
Two. command
<1> Users
1, Userradd + user name (System to help us process)
- Create unique UID
- Add a unique gid that is the same as the user name, adding the user to the reorganization
- Create a directory with the same name as the user under/home
- Set the Shell to/bin/bash
- Finally, manually enter passwd to set the password
1, Userdel Delete the user
- Userdel's "-r" option, plus the deletion of the user's home directory.
2.usermod
- Usermod can be used to modify the settings of the user account.
- Parameters
-c< Notes > Modify the Notes text for the user account.
-D Login Directory > Modify user login directory.
-e< Expiration date > Modify the expiration date of the account.
-f< Buffer days > Modify the number of days after the password expires to close the account.
-g< Group > Modify the group to which the user belongs.
-g< Group > Modify the additional groups to which the user belongs.
-l< Account name > Modify user account name.
-L LOCKS the user password to invalidate the password.
-s<shell> modifies the shell used by the user when they log in.
-u<uid> Modify the User ID.
-U unlocks the password.
Usermod does not allow you to change the user account name on the line. When Usermod is used to change the user ID, it must be confirmed that the user is not executing any programs on the computer. You need to manually change the user's crontab file. You also need to manually change the user's at work file. Using NIS server requires that the relevant NIS settings be changed on the server.
<2> Group
The **groupadd,groupmod,groupdel command is the same as the function in the user
1. GPASSD-------> Set a password for the user group
2. Groups-------> Displays the user group to which the user belongs (the first output is a valid group)
3. newgrp-------> change the active user group to which the user belongs
- Initial group: The user is logged into the system and immediately gets the relevant permissions for that group.
- Valid groups: Create a file that shows which group is the current active group and can be viewed through the Groups command (the first is a valid group).
4. GRPCONV------> Synchronize or create/etc/gshadow through/etc/group and/etc/gshadow file content, if/etc/gshadow is not present.
5. grpunconf-----> through/etc/group and/etc/gshadow file content to publish or create/etc/group, and then delete gshadow files
User and user Group management summary