UBUNTU user and User Group Management

UBUNTU user and user group management create group: $ sudo addgroup ccache create user: $ sudo useradd ccache-g ccache-M innovation wfz user and create HOME directory, specify the USER group as ccache $ sudo useradd wfz-g ccache-m to add existing users to the specified group $ sudo adduser $ USER ccache $ sudo adduser dbh ccache $ sudo adduser paul ccache $ sudo adduser wfz ccache displays the user ID and group information: ~ $ Iduid = 1001 (dbh) gid = 1001 (dbh) groups = 115 (admin), 1001 (dbh) $ cat/etc/groupccache: x: 1002: dbh, paul, wfz 1. user and user group management: the concept of multiple users in Linux means that multiple users can use the system at the same time. (1) The user account file passwd Passwd is a text file (each line identifies one user) that defines the system's user account, which is located in the "/etc" directory. The file contains a list of system accounts that store some useful information for each account, such as the user ID, group ID, home directory, and shell (separated ). Only the user account is defined, and the password is not saved ("x" indicates that, if there is no sun: indicates that there is no password ). The real password is stored in the Shadow file, which cannot be read by common users. Encrypted ciphertext cannot be read to improve the security of the user account. For example, [root @ sun root] # head/etc/passwd root: x: 0: 0: root:/bin/bash indicates that there are 7 fields: Login Name: password or not: User ID: Group ID: account remarks: user Home directory: name of the User shell at logon (the super user has the permission to modify) (2) user Password File-each row of shadow defines a user information, and each field in the row is separated. To further improve security, the password file stores the user's encrypted password :*, special symbol [root @ sun root] # head/etc/shadow Login Name: encrypted password (expressed by * or other special characters): the number of days from the last password change to 1970.1.1: days that cannot be changed after the password is changed: days that must be changed after the password is changed (validity period): days that warning the user before the password is invalid: days that the account is blocked after the password is expired: the number of days from 1970.1.1 when the account is blocked: unused. (3) user group account file-group user group: a set of logical organization user accounts. Users are allowed to share files in their groups. Each file in the system has a user and a affiliated user group. Use the "ls-l" command to view the attributes and groups of each file. [Root @ sun root] # head/etc/group root: x: 0: root, tom, mary (group name: group encryption password: GID: group member list (used, (4) user group password file-gshadow is used to define user group passwords and User Group Administrator information. Only the root user of this file can read the record information of each line: [root @ sun root] # head/etc/gshadow user group: User Group encryption password: group Administrator Account (the Administrator has the right to add or delete accounts): group member list 2. commands maintained by user and user group accounts: (1) Add User Account: useradd useruseradd-g group name username specify the private group name used by the user, by default, a private group with the same name as a user account is used. Useradd-D [-g group] [-B base] [-s shell] [-f inactive] [-e expire] is used to display and set the default value used by the useradd command. For example: # useradd sun // create a user account # tail-l/etc/passwd // query the information of the User Account Added in passwd # tail-l/etc/shadow # ls/home/ /view the Home Directory of the created account (2) modify user account attributes: usermod [-LU] [-c] [-d] [-e] [-f] [-g] [-G] [-l] [-s] [-u] [User Account] (3) delete a user account: userdel [-r] [User Account] // if no parameter is added, only the user account is deleted, and files are not deleted. Otherwise, both accounts are deleted. Userdel [-r] [User Account] // example of how to delete all the files in the Account Logon directory and directory: # grep sun/etc/passwd // query whether the user account sun exists # userdel sun // Delete the user account sun # grep sun/etc/passwd // query whether the user account sun exists again # ll-d/home // check whether the user's sun home directory exists # When userdel-r sun // deletes the user, delete the working home directory (4) Add a user group account: groupadd [-r] [group account] [note] the account ID is unique and the value cannot be negative. The default minimum value cannot be less than 500, each time one account is added, the group account ID increases by 1. The-r parameter is used to create a system account. 0 ~ 499 is for the system account. Example: # groupadd magicSun // create a group account magicSun # grep magicSun/etc/group // query whether the magicSun group account is created in the group file # groupadd-r sysWang // create a system group account sysWang # grep sysWang/etc/group // query whether the sysWang system group account is created in the group file (5) modify group account: groupmod [-g] [-n] [group name] Where-o indicates repeated use of group ID (6) Delete group account: groupdel [group name] [note] You must delete the users in the group before deleting the group (7) password maintenance: passwd [-s] [-l] [-u] [-d] [user name] a Super User can set a password for each new user, common users can only use passwd commands without parameters to modify their own passwords. Here, the parameter-s is used to query the status of the specified user account,-l the password of the account locked by the user,-u to unlock the account password, and-d to delete the password of the specified account. (8) Maintenance of group user Members: add an account to the group, delete an account from the group, and set an account as the Group Administrator. Add User to group: gpasswd-a user account name group account name delete user from group: gpasswd-d user account name group account name set user as Group Administrator: gpasswd-group A administrator user list user group (9) user and group status command: id [Option] [user name] is used to display the user's current UID, the gid and the group list [Option] parameters include-g: show the id of the user's group-G: show the id of the user's additional group-n: show the name of the user group or additional group-r: show the actual ID-u: show the user id whoami used to show the name of the consumer (= ID-un) su [-flmp] [-] [-c] [-s] [User Account] // It is used to convert the current user to another user identity and temporarily change its login identity, log on to the system as another user. The premise is that you must know the password of the other party. The-c parameter indicates that the original identity is restored after the specified command is executed. -F is applicable to csh and tsch, so that the shell does not need to read the Startup File. -The working directory, HOME, SHELL, USER, and LOGNAME are also changed when the identity is changed. In addition, the PATH environment variable is also changed. -M and-p do not change environment variables when changing identities. -S specifies the shell to be executed. If the user account to be changed is not specified, the default value is root Super User. Groups [user name] is used to display the group to which the specified user belongs. If no user is specified, the group to which the current user belongs is displayed.