User Management in Linux

Source: Internet
Author: User
First, you must understand the directory structure of Linux. The directory structure of Linux is different from that of windows, and the directory of Linux cannot be seen in windows. In turn, Linux cannot directly see the directory under windows. The meanings of directories in Linux are as follows:
Directory Name meaning
/Vmlinuz the directory stores the system kernel.
/Bin Common commands used to store Linux in this directory. In some versions, the directory is the same as that in the root directory.
/Boot this directory stores all the programs used during system startup. some information here will be used when lilo is used to guide Linux.
/Dev this directory contains all external devices used in Linux. It is actually the port used to access these external devices. You can access these external devices, it is no different from accessing a file or directory. For example, if you type "CD/dev/CDROM" in the system, you can see the files in the optical drive. If you type "CD/dev/mouse", you can see the files related to the mouse.
/CDROM the directory is empty when the system is just installed. You can mount the optical drive file system to this directory, for example, "Mount/dev/CDROM"
/Etc This directory stores various configuration files and sub-directories used for system management, such as network configuration files, file systems, X system configuration files, device configuration information, and set user information.
/Sbin this directory is used to store system management programs of the system administrator.
/Home if you create a user named "XX", there is a corresponding "/home/xx" path under the/home directory to store the user's home directory.
/LIB This directory is used to store the shared libraries dynamically connected by the system. Almost all applications will use the shared libraries in this directory.
/Lost + found this directory is empty in most cases. However, some files are temporarily stored here after a sudden power failure or abnormal shutdown.
/Mnt this directory is usually empty. You can temporarily mount another file system to this directory.
/Proc can obtain system information in this directory, which is generated by the system itself in the memory.
/Root if you log on as a Super User, this is the main directory of the Super User.
/Tmp is used to store temporary files generated during execution of different programs
/Many USR applications and files are stored in this directory.
======================================
Second:

Linux User management commands (add, delete, modify)

User management commands

Linux is a multi-user operating system. The system administrator must set the permissions for each user in the system.

Create a new user

The useradd command (you can also use adduser) to create a user account. The command format is as follows:

Table 4-19 common options of the useradd command

Common Phenomena

Yi

-D

Set the login directory for new users

-E

Set the end date of the new user. The date format is mm/DD/yy.

-F

The account will be permanently suspended several days after it expires. When the value is 0, the account is immediately suspended. If the value is-1, this function is disabled. The default value is-1.

-G

Add new users to a group

-G

Add new users to a new group. Each group is separated by commas (,) and cannot contain blank characters.

-S

Specify the login shell of a new user

-U

Set the ID of a new user

After a new user is created, the user information will be added to the/etc/passwd file in the following format:

[User name]: [Password]: [uid]: [GID]: [identity description]: [main directory]: [Login Shell 〕

The fields are divided into seven parts by the colon.

Because the UID and GID smaller than 500 are generally reserved by the system and do not need to be used as a sign for common users and groups, the newly added users and groups are generally UID and GID greater than 500.

For example, run the following command:

[Root @ localhost root] # useradd user1

A user named userl will be created.

Set and modify the User Password passwd

The passwd command is used to set and modify user commands. Only super users and users can change their own passwords. Other common users do not have the right to change the passwords of other users. The command is as follows:

# Passwd (user name 〕

To avoid being noticed when you enter a password, Linux does not use a password similar to Windows to echo the password (displayed as *). Therefore, these characters cannot be entered. For example, you can use the following command to set a password for the newly created userl User:

[Root @ localhost root] # passwd user1

Enter the password twice according to the system prompt. The system will display the following:

Passwd: All authentication tokens updated successfully

Indicates that the password is successfully modified. The creation of a user is only completed after the user has set a password. Otherwise, the user cannot log on with the user name.

 

Modify user information usermod

The usermod command is used to modify user information. The command format is as follows:

# Usermod [Options] [user name 〕

The commonly used Command Options are 11-20.

Table 4-20 common options of The usermod command

Common options

Yi

-D

Update the user's new logon directory

-E

Set the end date of the new user. The date format is mm/DD/yy.

-F

The account will be permanently suspended several days after it expires. When the value is 0, the account is immediately suspended. If the value is-1, this function is disabled. The default value is-1.

-G

Update new user to join Group

-G

Define the user as a group member. Each group uses "?" Separated, cannot contain blank characters

-L

Change the name of the user during login, and the user directory name will be changed to a new name.

-S

Specify New User Shell

-U

User ID value, which must be a unique ID value. The USERID of the document directory used under the user directory will be automatically changed. Manually change the document directory that is placed outside the support directory.

For example, the following command modifies user information:

[Root @ localhost root] # usermod-D/home/user2-S/bin/bash user2

Set the main directory path of user2 to/home/user1 and the shell to/usr/bin/GCC.

Generally, The usermod command modifies the user account information by referring to the command instructions. However, usermod does not allow you to change the name of an online user account. Therefore, when you use usermod to change the user account information, you must confirm that this user account did not execute any program on the computer.

Create group groupadd

The groupadd command is used to create a new user group. The command format is as follows:

# Groupadd [Option] [user name 〕

Common options include:

-G: GID value. Unless the-O parameter is used, the value must be unique and cannot be the same. The value cannot be negative.

By default, the GID value is increased at least 500. Traditionally, 0-499 is reserved for system accounts.

-F: an existing group account is added. The system displays an error message and ends groupadd.

In this case, the Group will not be added (in this case, the system will not be added once ). You can also add the-G option. When you add a GID, the GID does not need to be a unique value. You do not need to add the-O parameter, the created group displays the created result (adding a group as neither-G or-O options were specified). This is an additional option added to Red Hat Linux.

Delete user userdel

The userdel command is used to delete existing users and related documents. The command format is as follows:

# Userdel [Option] User Name

Common options for The userdel command:

-R: Delete the documents in the user directory. Documents from other locations will also be found and deleted one by one.

Userdel is not allowed to remove online user accounts. Therefore, to delete such user accounts, you must first kill the programs running on the system before deleting the accounts.
Delete Group groupdel

The groupdel command is used to delete an existing user group. The command format is as follows:

# Groupdel group name

Similar to userdel, if a user in any group is online, the user group cannot be removed. Therefore, if a user in the group is online, it is best to remove the user first, delete the user.

Switch su between users

The su command is often used for switching between different users. The command format is as follows:

# Su [user name 〕

The common usage of the su command is to change to a user or a Super User. If a su command without a user name is issued, the system prompts you to enter the root password. after entering the root password, you can change it to the root user. If you log on as the root user, you can use the su command to become any user on the system without a password.

For example, to switch to user2 if user1 is logged in, use the following command:

# Su user2

Then the system prompts you to enter the user2 password. after entering the correct password, you can switch to user2. After that, you can use the exit command to return to user1.

View the current online user who

The WHO command is used to view the current online users. This command is very useful. If you want to establish communication with other users, such as using the talk command, you must first make sure that the user is online. Otherwise, the talk process cannot be established.

Another example is that the system administrator also needs to use the who command to monitor what each login user is doing at this moment. Common command formats and options for who commands are as follows:

# Who [Option 〕

Table 4-21 lists the common command options for the command who.

Table 4-21 WHO Common commands

Common options

Yi

-

Show all information of all users

-M

Displays the user name for running the program, which is the same as "Who am I ".

-Q

Only the user's login account and number of login users are displayed. This option has a higher priority than any other options.

-U

The last time the user performed the system operation is displayed after the login user.

-H

Show Column Title

 

All options are optional. For example, run the following command:

[Root @ localhose root] # Who-ah
The meanings of the Main title are shown in Table 4-22.

Table 4-22 definitions of common output titles by WHO

Title

Description

User

User Login

Line

User Login Terminal

Time

User Logon Time

Ldie

The user's idle time, that is, the operation time

PID

The process ID of the user to log on to the shell

 

You can also use the who command to log on to the user, use the terminal device, and log on to the system at three times.

The command for setting file/directory permissions: chmod
This is one of the most common commands for Linux system administrators. It is used to change the access permissions of files or directories. This command has two usage methods:

Use the text setting method that contains letters and operator expressions

Syntax format: chmod [who] [opt] [mode] File/directory name

Which indicates the object, which is one or a combination of the following letters:

U: indicates the file owner.
G: indicates the same group of users.
O: other users
A: indicates all users.
Opt indicates the operation, which can be:
+: Add a permission.
-: Cancel a permission.
=: Grant the given permissions and cancel the original permissions.
Mode indicates the permission:
R: readable
W: writable
X: executable

For example, to add the read and write permissions for file a.txt to users in the same group:

Chmod g + RW a.txt

Set by number

The number setting rule is simpler: chmod [mode] File Name

The key is the mode value. At first many beginners will be confused. In fact, it is very simple. We regard rwx as a binary number. If there is 1, there is 0, then rwx R-x r--can be expressed:

111 101 100

Convert each three digits into a decimal number, that is, 754.

For example, we want to grant the permission for the.txt file:

Other users in the same group
Readable is yes
Whether to write or not
Executable no

Then, we first obtain the permission string RW-r -- Based on the table above, and convert it to the binary number 110 110 100, and then convert each three digits into a decimal number, we get 664, So we run the following command:

Chmod 664 a.txt

Finally, manage user operations as needed. The Linux group concept allows administrators to easily grant appropriate permissions through groups. In some Forum posts, find the following permission change method:

CD/
Chmod-r 700 *
Then, change the accessible directory to 777.
Chown can be used to change user groups.

I have never tried it. Changing permissions to 700 is much safer, but other accounts such as MySQL and Apache are affected. Think twice.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.