Linux System is a multi-user multi-tasking time-sharing system, any user who wants to use system resources must first request an account from the system administrator and then enter the system as this account. On the one hand, the user's account can help the system administrator to track the users who use the system and control their access to system resources, and on the other hand can help users organize files and provide security protection for users. Each user account has a unique user name and a separate password. When a user types the correct user name and password at logon, they are able to enter the system and their home directory.
To achieve the management of user accounts, the main tasks to be completed are as follows:
Add, delete and modify user accounts.
Management of user passwords.
Management of user groups.
I. Management of Linux system user accounts
The management of user accounts mainly involves the addition, modification and deletion of user accounts.
To add a user account is to create a new account in the system, and then assign the user number, user group, home directory, and login shell resources to the new account. The account you just added is locked and cannot be used.
1. Add a new user account using the Useradd command with the following syntax:
Copy CodeThe code is as follows:
Useradd option User Name
Each of these options has the following meanings:
Code:
-C Comment Specifies an annotative description.
The-D directory specifies the home directory, and if this directory does not exist, the-m option can be used to create the master directory.
The-G user group specifies the user group to which the user belongs.
-G user Group, user group specifies the additional group to which the user belongs.
-S Shell file specifies the user's login shell.
-u user number specifies the user's user number, and if you have the-o option, you can reuse the other user's identification number.
USERNAME Specifies the login name of the new account.
Example 1:
Copy CodeThe code is as follows:
# useradd–d/usr/sam-m Sam
This command creates a user Sam,
Where the-D and-m options are used to generate a home directory for the login Sam/usr/sam (/usr is the parent directory where the default user home directory resides).
Example 2:
Copy CodeThe code is as follows:
# useradd-s/bin/sh-g group–g adm,root Gem
This command creates a new user gem, which is the login shell of/bin/sh, which belongs to the group user groups, and also to the ADM and root user groups, where group user groups are their primary groups.
There may be a new group: #groupadd Group and Groupadd ADM
Add user account is in the/etc/passwd file to add a record for the new user, while updating other system files such as/etc/shadow,/etc/group and so on.
Linux provides an integrated system management tool, userconf, which can be used to manage user accounts uniformly.
2. Delete Account
If a user's account is no longer in use, it can be removed from the system. Deleting a user account is to delete the user record in the system files such as/etc/passwd, and delete the user's home directory if necessary. Delete an existing user account using the Userdel command, in the following format:
Copy CodeThe code is as follows:
Userdel option User Name
The common option is-r, which is to remove the user's home directory.
For example:
Copy CodeThe code is as follows:
# Userdel Sam
This command removes the user Sam's records in the system files (mainly/etc/passwd,/etc/shadow,/etc/group, etc.) while deleting the user's home directory.
3, modify the account
Modify user account is based on the actual situation to change the user's relevant attributes, such as user number, home directory, user group, login shell and so on.
Modify the information for an existing user using the Usermod command, which is in the following format:
Copy CodeThe code is as follows:
Usermod option User Name
Common options include-C,-D,-M,-G,-G,-S,-u, and-O, etc., which have the same meaning as the options in the Useradd command, specifying a new resource value for the user. In addition, some systems can use the following options:
Code:
-L New User name
This option specifies a new account that will change the original user name to the new one.
For example:
Copy CodeThe code is as follows:
# usermod-s/bin/ksh-d/home/z–g developer Sam
This command modifies the user Sam's login shell to Ksh, the home directory to/home/z, and the user group to developer.
4, the User password management
An important part of user management is the management of user passwords. The user account has just been created without a password, but is locked by the system, cannot be used, it must be given a password before it can be used, even if a blank password is specified.
The shell command that specifies and modifies the user's password is passwd. A superuser can specify a password for himself and another user, and a normal user can only use it to modify his or her password. The format of the command is:
Code:
passwd option User Name
Options available for use:
Code:
-L locks the password, which disables the account.
-u password to unlock.
-D make the account no password.
-F forces the user to modify the password the next time they log on.
If the default user name, the password for the current user is modified.
For example, assuming the current user is Sam, the following command modifies the user's own password:
Copy CodeThe code is as follows:
$ passwd
Old password:******
New password:*******
Re-enter New password:*******
If you are a superuser, you can specify the password for any user in the following form:
Copy CodeThe code is as follows:
# passwd Sam
New password:*******
Re-enter New password:*******
Ordinary users to modify their own password, the passwd command will first ask the original password, verify and then ask the user to enter two times the new password, if the password two times the same, the password is assigned to the user, and the superuser to specify a password for the user, you do not need to know the original password.
For system security, the user should choose a more complex password, for example, preferably with a 8-bit long password, the password contains uppercase, lowercase letters and numbers, and should be different from name, birthday, and so on.
When you specify an empty password for a user, the following forms of command are executed:
Copy CodeThe code is as follows:
# passwd-d Sam
This command removes the password for the user Sam so that the next time the user Sam logs on, the system will no longer ask for the password.
The passwd command can also lock a user with the-l (lock) option so that it cannot log on, for example:
Copy CodeThe code is as follows:
# passwd-l Sam New User exception:
useradd-d/usr/hadoop-u 586-m hadoop-g Hadoop
1 Creating Mailbox file: Files already exist
Delete to rm-rf/var/spool/mail/user name
2 useradd:invalid numeric argument ' Hadoop '
This is because the Hadoop group does not exist please build the Hadoop group first
The user's pass can be viewed via cat/etc/passwd
Cat/etc/shadow can view user name
Cat/etc/group can view groups
Create users under Linux (ii)
II. Management of Linux system user groups
Each user has a user group, and the system can centrally manage all users in a single user group. Different Linux systems provide a different set of user groups, as users under Linux belong to a user group with the same name, which is created at the same time as the user is created.
The management of user groups involves adding, deleting, and modifying user groups. The addition, deletion, and modification of a group is actually an update to the/etc/group file.
1. Add a new user group using the Groupadd command. The format is as follows:
Copy CodeThe code is as follows:
Groupadd Option User Group
The options you can use are:
Code:
-G GID Specifies the group identification number (GID) of the new user group.
-O is commonly used with the-G option, which means that the GID of the new user group can be the same as the GID of the user group already in the system.
Example 1:
Copy CodeThe code is as follows:
# Groupadd Group1
This command adds a new group group1 to the system, and the group identification number of the new group is added 1 on the basis of the currently existing maximum group identification number.
Example 2:
Copy CodeThe code is as follows:
#groupadd-G 101 group2
This command adds a new group group2 to the system, specifying that the group identification number for the new group is 101.
2. If you want to delete an existing user group, use the Groupdel command, which has the following format:
Copy CodeThe code is as follows:
Groupdel User Group
For example:
Copy CodeThe code is as follows:
#groupdel group1
This command removes the group group1 from the system.
3. Modify the properties of the user group using the groupmod command. Its syntax is as follows:
Copy CodeThe code is as follows:
Groupmod Option User Group
The common options are:
Code:
-G GID Specifies a new group identification number for the user group.
The-O is used in conjunction with the-G option, and the user group's new GID can be the same as the GID of the user group already in the system.
-N New user Group change user group name to new name
Example 1:
Copy CodeThe code is as follows:
# GROUPMOD-G 102 Group2
This command modifies the group ID number of group group2 to 102.
Example 2:
Copy CodeThe code is as follows:
# groupmod–g 10000-n Group3 group2
This command changes the identification number of the group group2 to 10000 and the group name to Group3.
4. If a user belongs to more than one user group at the same time, the user can switch between groups of users in order to have permissions from other user groups. After logging in, the user can switch to another user group using the command Newgrp, which is the target user group. For example:
Copy CodeThe code is as follows:
$ NEWGRP Root
This command switches the current user to the root user group, provided that the root user group is really the user's primary or additional group. Similar to the management of user accounts, the management of user groups can also be done through integrated system management tools.
assigning permissions
Copy CodeThe code is as follows:
Chown-r hadoop:hadoop/usr/hadoop/
Let the normal user have root privileges
1.root Login
2.adduser User Name
3.PASSWD User Name
Determine password
4. Modify the/etc/passwd to change the ID and ID Group of the user name to 0.
"Go" Linux useradd