Basic knowledge of Linux user management:
Linux Users:
UID Range: 0-65535
UID 0 corresponds to root
UID 1-499 (CentOS 6) or 1-999 (CentOS 7) for system users
UID is more than 500 (CentOS 6) or more than 1000 (CentOS) for logged-in users
GID Range: 0-65535
GID 0 corresponds to the Administrators group
GID for 1-499 (CentOS 6) or 1-999 (CentOS 7) for system user groups
GID is more than 500 (CentOS 6) or more than 1000 (CentOS) is a logged in user group
Groups of users are also divided into basic groups and additional groups
User Configuration file:
/ETC/PASSWD: User name, UID, basic group and other information
/etc/group: Group name, GID, user included in the group;
/etc/shadow: User password and related attributes;
/etc/gshadow: the password and related attributes of the group;
/ETC/PASSWD Analysis:
Name:password:UID:GID:GECOS:directory:shell
Login Name: X:uid:gid: User reviews: Home directory: User default Shell
Specific information can be viewed in man 5 passwd
/etc/shadow Analysis:
Login name:encrypted password:date of last password change:minimum password age:maximum password Age:password warning Peri Od:password Inactivity Period:account Expiration date:reserved field
Login user name: User encrypted password: The last password modification time ( This data is the number of days starting January 1, 1970, note the unit is days ): The number of days the password is not changed ( compared to the previous field, only the minimum password time period is met, User can change the password ): Maximum password period (maximum password period, to the maximum age, the user must change the password ): Password warning Time ( when the password fast expires before the time, send the user a password fast expiration warning message ): Password inactivity period ( when the password has expired, allow the user to re-modify the password period ): Account expiration period ( account expiration period, once expired, the account will not be allowed to login, and password expires only the account cannot use that password ): Tentative field
/etc/group Analysis:
Group_name:password:GID:user_list
Group name: group password ( usually do not need to configure, this configuration is usually used for "group manager", there is very little chance to configure the Group administrator!) Similarly, the password has been moved to/etc/gshadow, so there is only one "X" in this field : GID: The name of the account that this group supports ( we know that an account can be added to multiple groups, and an account that wants to join this group Fill in this field with the account number. For example, if I want to let Dmtsai also join the root of this group, then in the first line to add ", Dmtsai", note that there is no space, so that the "Root:x:0:root,dmtsai" can be ~)
/etc/gshadow Analysis:
Group_name:encrypted password:administrators:members
Group name: Encryption Password: Group Administrator ( can change group password, comma separated list ): Member ( Comma separated list of users )
Linux User Commands
Useradd
Options and Parameters:
-u uid: Specify UID number directly
-G GID: Specifies the user group (the user group needs to exist beforehand)
-r: Create a System user
-C ' COMMENT '
-d/path/to/somewhere: Specifies the user's home directory path; The location cannot exist beforehand, otherwise its user-related profile will be copied;/etc/skel
-S Shell: Sets the user's default shell
-G GID,... : Specify an additional group to which to belong
-M: Do not create home directory for users
Groupadd
Options and Parameters:
-r: Specify System Group
-G GID: Specify Group ID
Exercise: Create user Oracle, belong to additional group database and Sql,id number is 3000, home directory is/home/database;
Answer:
1.groupadd Database
2.groupadd MySQL
3.useradd-g database,sql-u 3000-d/home/database Oracle
ID: View user-related ID information
Options and Parameters:
-U: Show user ID only
-G: Show group ID only
-G: Show only group ID and additional group ID
Su:switch user, switch users or execute commands as other users
Switching mode:
Su USERNAME: Non-full switch, non-login switch (also using the environment variables of the previous user)
Su-username or su-l USERNAME: full switch, login switch
Usermod: User Property modification
Option parameters (basically consistent with useradd)
-u uid: Specify UID number directly
-G GID: Specifies the user group (the user group needs to exist beforehand)
-G Gid[,gid,...] : Modify the additional group to which the user belongs, and use the-a option with the previous attached group;
-S SHELL
-C ' COMMENT '
-D Home: When the user's home directory is modified to a new location, the user's original file is not moved to the new home; the-m option allows it to be moved to a new home directory at the same time;
-L LOGIN
-l:lock User (lock users)
-u:unlock User (unlocking users)
passwd: Add a password to the user
Option parameters:
-l:lock User
-u:unlock User
--stdin: Receive user password from standard output
Example: Echo ' CentOS ' | passwd--stdin CentOS
Userdel: Deleting users
Option parameters:
-r: Delete User's home directory while deleting
Groupmod: Group Property Modification
Option parameters:
-N group_name: Modify Group name
-G GID: Modify Group ID
GPASSWD: Set password for group
NEWGRP: Toggles the base group for the specified group
Chage: Modify the properties of user account and password
This article is from the "Wind Rhyme" blog, please be sure to keep this source http://chinalx1.blog.51cto.com/2334265/1690324
Knowledge about Linux User management