User and Group Introduction
User Category:
Administrator
Normal User
System users
Logged in user
User id: UserID, UID
16bits binary Number: 0-65535
Admin: 0
Normal Users: 1-65635
System User: 1-499 (CentOS6), 1-999 (CentOS7)
Login User: 500-60000 (CentOS6), 1000-60000 (CentOS7)
Name resolution: Name translation
Username <--> UID
Based on the name resolution library:/ETC/PASSWD
Group:
Group Category 1:
Administrators group
General user groups
System Group
Login Group
Group ID: GroupID, GID
Administrators group: 0
Normal User group: 1-65635
System User group: 1-499 (CentOS6), 1-999 (CentOS7)
Login User group: 500-60000 (CentOS6), 1000-60000 (CentOS7)
Name resolution: GroupName <--> GID
Analytic Library:/etc/group
Group Category 2:
Basic Group of users
Additional Groups for users
Group Category 3:
Private group: The group name is the same as the user name and contains only one user;
Public group: Multiple users are included in the group;
Several files and directories related to:
/ETC/PASSWD: User's information base
Save format:
Name:password:UID:GID:GECOS:directory:shell
Name: User Name
Password: Can be encrypted password, but also placeholder X;
UID: uid of user
GID: The ID number of the primary group to which the user belongs;
GECOS: Comment Information
Directory: The user's home directory;
Shell: The default shell of the user, the default shell program when logging in;
/etc/shadow: User Password,
Save format:
User name: Encrypted password: Last modified password time: Minimum Age: Maximum Age: Warning Period: Expiration period: Reserved field
/etc/group
Save format:
Group_name:password:GID:user_list
User_list: The user member of the group; the user list of users with this group as an additional group;
Related Command Introduction
Groupadd command: Adding a group
Groupadd [Options] group_name-g gid: Specify GID, default is the previous group gid+1;-r: Create System group;
Groupmod Command: Modify Group properties
groupmod [Options] group-g gid: Modify gid;-N new_name: Modify group name;
Groupdel command: Delete a group
Groupdel [Options] GROUP
Useradd command: Create user
useradd [option] Login name -u, --uid uid: Specify uid; -g, --gid group: Specifies the base group ID, which is pre-existing; -g, --groups group1[,group2,... [, GROUPN]] : Modifies the additional group to which the user belongs; -a, --append: Used with-G, the original additional group is overwritten; To append a new additional group to the user; -c, --comment comment: indicates the annotation information; -d, --home home_dir: The home directory of the user with the specified path, by copying the/etc/ Skel This directory and rename the implementation; The specified home directory path will not replicate the environment profile for the user if it exists beforehand; -s, --shell shell: Specifies the user's default shell, and all the available shell lists are stored in the/etc/shells file; -r, --system: Create system user; -m, do not create home directory Note/etc/login.defs : Many of the default configuration files when creating a user are useradd -d: Displays the default configuration of the creation user; useradd -D Options: Modify the value of the default option; The result of the modification is saved in the/etc/default/useradd file;
Usermod command: Modify user Properties
usermod [Options] Login -u, --uid UID: Modify the user's ID to the new uid; -g, --gid group specified at this point: Modify the base group to which the user belongs; -g, --groups group1[,group2,... [, GROUPN]] : Modifies the additional group to which the user belongs; The original additional group is overwritten; -a, --append: Used with-G to append a new additional group to the user; -c, --comment comment: Modify the comment information; -d, --home home_dir: Modify the user's home directory, the user's original files will not be transferred to the new location; -m, --move-home: can only be used with the-D option to move the original home directory to a new home directory; -l, --login new_login: Modify user name; -s, --shell shell: Modifying the user's default shell; -l, --lock: Lock the user password, that is, in the user's originalThe password string before adding a "!" ; -u, --unlock: Unlocking the user's password;
Userdel command: Delete user
Userdel [option] Login-r: Delete User's home directory
Exercise 1: Create user Gentoo,uid to 4001, Basic group Gentoo, additional group distro (GID 5000) and Peguin (GID 5001) ; [[Email protected] tmp]# useradd -u 4001 -g gentoo -g distro, peguin gentoo[[email protected] tmp]# tail -1 /etc/passwdgentoo:x:4001:506::/ Home/gentoo:/bin/bash Exercise 2: Create a user Fedora with a comment message "Fedora core" and a default shell of/bin/tcsh;[[email protected] tmp]# useradd fedora -c "Fedora core" -s /bin/tcsh [[email protected] tmp]# tail -1 /etc/passwdfedora:x:4002:4002:fedora core:/home/fedora:/bin/ TCSH Exercise 3: Modify the Gentoo user's home directory as/tmp/gentoo, requiring its original files to still be accessible by the user; [[email protected] tmp]# usermod -d /tmp/gentoo -m gentoo[[email protected] tmp]# Exercise 4: Adding additional groups to Gentoo Netadmin;[[email protected] tmp]# usermod -g netadmin -a gentoo[[email protected ] tmp]#
passwd Command: Change password
passwd [-K] [-l] [-u [-f]] [-d] [-e] [-N mindays] [-X Maxdays] [-W warndays] [-I inactivedays] [-S] [--stdin] [Usernam E] (1) passwd: Modify the user's own password, (2) passwd USERNAME: Modify the password of the specified user, but only root has this permission;-L,-u: Lock and unlock the user;-D: Clears the user password string;-e Date: Expiration period, date; -I days: Inactive period;-N days: Minimum password age;-X days: Maximum password age;-W days: Warning period;--stdin:echo "PASSWORD" | passwd--stdin USERNAME
GPASSWD command:
Group password file:/etc/gshadowgpasswd [options] group-a USERNAME: Adding users to a group-D USERNAME: Removing users from a group
NEWGRP command: Temporarily switch the specified group to the base group;
NEWGRP [-] [group]-: Will impersonate the user to re-login in order to re-initialize their work environment;
Chage command: Change user password expiration information
chage [Options] Login name
The minimum number of days that the-m password can change. For zero, the maximum number of days that a password-m password remains valid before the user password expires, the number of days in advance to receive the warning message, and the date the E-account expires. After this day, this account will not be available with-D last changed date-I stasis period. If a password has expired these days, then this account will not be available with-l example out of the current setting. By non-privileged users to determine when their password or account expires
ID Command: Displays the user's true and valid ID;
ID [OPTION] ... [User]-u: Displays only valid UID;-G: Displays only the user's base group ID; -G: Displays only the IDs of all groups to which the user belongs;-N: Displays names instead of IDs;
SU command: Switch user
Logon switching: The Su-username su-l USERNAME non-logon switch is reinitialized by reading the target user's profile: does not read the target user's profile for initialization su USERNAME NOTE: The administrator can switch without a password to any other User;-C ' command ': Runs the command specified here only as the specified user;
This article is from the "Wang Liming" blog, make sure to keep this source http://afterdawn.blog.51cto.com/7503144/1855814
Introduction of Linux Users and groups and use of related commands