Linux cloud computing cluster Architecture Study Notes: user management and root User Password Reset, Study Notes root

Source: Internet
Author: User

Linux cloud computing cluster Architecture Study Notes: user management and root User Password Reset, Study Notes root

RHEL7User Management

Content of this section:

  • Configuration files of users and groups
  • Manage users and groups
  • RHEL7Crack the root password

Compared with windows, users and accounts in LINUX serve the same purpose.

It is based on the user's control over the accessed resources, but there are differences in the presentation details.

 User Account:

Super User: root is supreme

Local User: created by the Administrator. The permissions are limited and the permissions are complete in the home directory.

System users: Generally, they do not log on to the system and are used to maintain the normal operation of a service program.

 User category:

Based on the account location: Local Account, remote (domain) account. Ldap

Based on account functions: Super User (root) UID: 0

Common User

System User UID: 1-999

Local user UID: 1000 + rhel6 500

 UID: ID of each user, similar to the ID number of each user.

 

Configuration files related to system users and groups:

Account Information and password information

User:/etc/passwd/etc/shadow

Group:/etc/group/etc/gshadow

 

Command for adding a user account:

Syntax: useradd User Name

Common parameters:

-U UID

-D main directory

-G start group # Only one

-G additional group # There can be multiple

-S logon shell

 

[root@xuegod60 ~]# useradd SAN[root@xuegod60 ~]# ls /home/San[root@xuegod60 ~]# tail -1 /etc/passwdsan:x:1002:1002::/home/san:/bin/bash

 

 All user account information is saved in the/etc/passwd file. This file stores all the information of each system account in the following format:

(Fields are separated)

 The function of each field in/etc/passwd is as follows:

Root: x: 0: 0: root:/bin/bash

Username: Password placeholder: UID: GID: User Description: User main directory (bash "~ "Indicates which): shell used after Logon

 

Pseudo-user-for security

 In linux, any command operation must have a user identity.

Pseudo-users are generally related to systems or program services.

Bin, daemon, shutdown, and halt linux all have these pseudo users by default.

Pseudo users generally do not need or cannot log on to the system

You can have no home directory

Common pseudo users in/etc/passwd files

Install nginx in the source code. By default, the nobody user is used to run the nginx web server.

 

User UID

 

Specify the user's home directory

 

Start Group of the specified user

 

User additional group

 

Specify the user's logon shell

 

 

 

Create another USER command

Useradd or adduser

[Root @ xuegod60 ~] # Adduser honghaier

 

Delete A User:

Userdel

-R CC together with the Home Directory

 

 

Password File

/Etc/shadow

Root: $6 $. btynb8q1_zr. KY $412 ...... M8ZHWiidd/: 16274: 0: 99999: 7 :::

 

 

 

 

 

Modify user information:

Syntax:

# UsermodUser Name

Common parameters:

-U UID

-DHome Directory

-GStart Group # Only one

-GAdditional group # There can be multiple

-SLog on to shell

 

 

Modify UID

 

 

Modify shell

 

 

Modify additional group

 

 

 

 

Group category:

Based on the account location: Local Group, remote (domain) group.

Based on account functions: Super User Group (root) GID: 0

Common User Group

System User Group GID: 1-999

Local user group GID: 1000 +

* ** Each user has a group with the same name ***

/Etc/groupConfiguration file structure:

[Root @ xuegod60 ~] # Grep rm/etc/group

Rm: x: 1000: rm

 

 

 

 

 

Control the file for adding user rules

When a new user account is added, the following operations are performed by default.

  • Its home directory will be created(Generally"/Home/User Name"Unless you set)
  • Some Hidden FilesFor example.bash_logout,.bash_profileAnd.bashrcWill be copied to the user's home directory.
  • A group with the same username will be created unless you specify a group for the new user ).

 

 

 

 

Solved the problem of abnormal display after the template file is deleted.

[Root @ xuegod60 ~] # Useradd aaa

[Root @ xuegod60 ~] # Echo 123456 | passwd -- stdin aaa

 

[Root @ xuegod60 ~] # Ls-a/home/aaa/

... Bash_logout. bash_profile. bashrc. mozilla. zshrc

 

[Root @ xuegod60 ~] # Rm-rf! $. Bash *

Rm-rf/home/aaa/. bash *

 

[Root @ xuegod60 ~] # Su-aaa

-Bash-4.2 $

 

Recovery:

[Root @ xuegod60 ~] # Cp/etc/skel/. bash */home/aaa/

[Root @ xuegod60 ~] # Chown aaa: aaa/home/aaa/. bash *

 

Switch users:

[Root @ xuegod60 ~] # Su-aaa

In addition, the environment variables will be switched together during the switchover.

 

If this parameter is not added, the original environment variables are retained.

 

Command for viewing user information:

Id

 

 

W

 

 

Who

 

 

Whoami

 

 

Finger

 

 

 

 

 

 

Practice: RHEL7 restore the root password

First restart, press the restart keys to enter the following interface, select the first item, and press e to edit

 

 

 

Find the ro item on this interface and modify it to rw init =/sysroot/bin/sh.

 

 

 

After the change, press Ctrl + X to enter the emergency mode.

Principle: Start a shell environment, and the system does not actually start

 

 

Root change and Password Change

/Default

ChrootCommand to run commands in the specified root directory

.Chroot, That isChange root directory(ChangeRootDirectory ). InLinuxIn the system, the default directory structure is/Is the root(Root). In useChrootThen, the system directory structure will take the specified location/Location

AfterChrootAfter the command, the directory and file read by the system will not be under the old system root, but under the new root (that is, the specified new location) directory structure and file,

 

 

 

Note: selinux is disabled when the password is restored.

Restart the system

First exit the current root and execute/bin/sh shutdown-r now

 

 

 

 

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.