Users, Groups, permissions
Security context (Secure):
Permissions:
R, W, X
File:
R: Readable, you can view the contents of the file using commands like Cat
W: writable, can edit or delete this file
X: Executable, executable, can be submitted to the kernel at the command prompt as a command to run
Directory:
R: You can perform LS for this directory to list all the files of the content
W: You can create files in this directory
X: You can switch to this directory using a CD, or you can use Ls-l to view the details of internal files
Rwx
r--Read Only
R-x Read and Execute
---no permissions
0---No permissions
1 001--x Execution
2 010-w-Write
3 011-wx Write and Execute
4 r--Read Only
5 101 R-x Read and Execute
6 rw-Read and write
7 111 rwx Read and write execution
755:rwxr-xr-x
User: UID,/etc/passwd
Group: GID,/etc/group
Shadow Password:
Users:/etc/shadow
Group:/etc/gshadow
User Category:
Admin: 0
Normal Users: 1-65535
System Users 1-499
General Users 500-60000
User group:
Administrators group:
Normal Group:
System Group:
General Group:
User Group Category:
Private group: When a user is created, a group with the same name as the user name is automatically created if no group is established for it
Basic group: Default group for users
Additional groups, additional groups: groups other than the default group
Process: Tom Tom
Object:
/etc/passwd
Account: Login Name
Password: password
Uid:
GID: Basic Group ID
Comment: Notes
Home dir: Home directory
Shell: User's default shell
/etc/shadow
Account: Login Name
Encrypted password: encrypted password; You can lock the account
Encryption method:
Symmetric encryption: Encrypt and decrypt using the same password
Public Key cryptography: each password appears in pairs, one for the private key (secret key) and one for the public key
Private key encryption, public key decryption;
Public key encryption, private key decryption.
One-way encryption: Hash encryption: Extract data signatures, common terms data integrity check
1. Avalanche effect
2. Fixed-length output
Md5:message Digest, 128-bit fixed-length output
Sha1:secure hash algorithm, 160-bit fixed-length output
Useradd USERNAME
Groupadd GRPNAME
User management:
Useradd, Userdel, Usermod, passwd, Chsh, CHFN, finger, id, chage
Group Management:
Groupadd, Groupdel, Groupmod, gpasswd
Rights Management:
Chown, Chgrp, chmod, umask
/ETC/PASWD:
User name: Password: Uid:gid Comment: Home directory: Default Shell
/etc/group:
Group name: Password: GID: List of users with this group attached to the group
/etc/shadow:
User name: Password: Last time the password was modified: Minimum Age: Maximum Age: Warning Time: Inactive time: Expiry time:
useradd [Options] USERNAME
-U UID is greater than or equal to 500, but cannot be already used
-G GID (Basic Group) group must exist
-G GID, ... (additional groups) can have multiple
-C "COMMENT"
-d/path/to/directory Specify a directory for the user home directory
-S Shell Path
-m-k (copy/etc/skel content to home) forces the home directory to be created for the user
-M does not create a home directory for users, even if the user defined in/etc/login.defs must have a home directory
-R Add System user (1-499 ID number, cannot log into system, no home directory)
/etc/login.defs
Environment variables:
PATH
Histsize
Shell saves the current shell
/etc/shells: Specifies the security shell that is available for the current system
Eg:useradd-c "Tony Blare"-d/home/blare User4
Userdel:
Userdel [options] USERNAME do not specify parameters, the user's home directory will not be deleted
-r: Delete User's home directory at the same time
ID: View user's account attribute information
-U Display user name
-G Display Default group
-G Show additional groups
-N Display name instead of ID number
Finger: View user account information
Finger USERNAME
To modify user account properties:
Usermod
-U UID
-G GID (GID must exist)
-G (-a) overwrites previous additional groups when not with-a
-C
-D (-M) is not available for-M, the old home directory file will not be accessible, and-m will be copied to the new home directory
-S SHELL
-L Modify the user's login name
-L Lock user account
-U Unlock user account
CHSH: Modifying the user's default shell
CHFN: Modify user's comment information
Password Management:
passwd [USERNAME]
--stdin
Eg:echo "Jingming" | passwd User4--stdin
-L Lock Account
-U Unlock Account
-D Delete User password
-N Set Minimum password age
PWCK: Checking the integrity of user accounts
Group Management:
Create Group: Groupadd
-G Specify GID
-R added as System Group (gid=1-499)
Groupmod
-G GID
-N GRPNAME Group name
Groupdel
GPASSWD: Add password to Group
NEWGRP Login The basic group of the current user as a new basic group, you can use GPASSWD to set a password for the group, exit with exit
Practice:
1, create a user Mandriva, whose ID number is 2002, the basic Group is distro (group ID 3003), the additional group is Linux:
Groupadd distro-g 3003
Groupadd Linux
Useradd-u 2002-g distro-g Linux Mandriva
2. Create a user fedora with the full name of Fedora Community, the default shell is tcsh
Useradd-s '/bin/tcsh '-C "Fedora Community" fedora
3, modified Mandriva ID number is 4004, basic group is Linux, additional group is distro and Fedora
Usermod-u 4004-g linux-g Distro,fedora Mandriva
4, to the Fedora password, and set its minimum password period of 2 days, the longest is 50 days
Passwd-n 2-x Fedora
5. Change the default shell of Mandriva to/bin/bash
Usermod-s/bin/bash Mandriva
6, add the system user HBase, and do not allow its login system
Useradd-r-S '/sbin/nologin ' hbase
Chage changing user password expiration information
-D most recent modification time
-E: Expiry time:
-I: Inactive time
-m minimum term of use
-M maximum lifespan
-W Warning Time
This article is from the "Richier" blog, make sure to keep this source http://richier.blog.51cto.com/1447532/1629867
Users, user groups Manage command notes and exercises