Linux Account and Rights management

1. Account Management:

(1) Users and groups:

User is the embodiment of human in the computer

Linux User classification: According to the different rights are divided into super User (root), program users (running the app), ordinary users

Group: A collection of users to facilitate centralized management of users

Group Classification: Basic Combination Additional group users must belong to a basic group

Understand the user's relevant files:

User profile Head-1/etc/passwd user's Information Store file

Root:x:0:0:root:/root:/bin/bash

User name: Password placeholder: uid:gid: Description: Home directory: Login Shell

Tail-1/etc/shadow User's password file

User name: password: Last Change password time: password minimum Age: Password maximum age: Password expiration: How many days the password expires disabled users: How many day after the user fails

Password Status:

！！ --The user does not set a password

Encrypted string-user has set a password

Empty-user password is empty

！！ Encrypted string-user has been disabled

Case LIST:

Useradd u01

echo 123123 |passwd--stdin u01

passwd-d u01 Setting the password for the U01 account is empty

Passwd-l u01 Lock Disable Account

Passwd-u u01 Unlock

Tail-1/etc/shadow

User management to increase and revise the search:

Add Useradd

Delete Userdel Plus-r more thorough

Change passwd password to user password

Check finger/id/users/w/who to view the logged in user's information rpm-ivh/packages-. . RPM installation is only

Usermod-s/sbin/nologin User1 Modify login Shell

(2) Group management: additions and deletions

Add Groupadd

Delete Groupdel

Change Usermod/groupmod-h/gpasswd-h

Check groups |grep Group name/etc/group

Case:

GROUPADD-G 503 G01

grep "^G01"/etc/group

g01:x:503

Group name: password: GID

Groupmod-n group01 g01 Modify Group name

Tail/etc/group

Gpasswd-a root group01 Add user root to the group

grep "^group"/etc/group

gpasswd-d root group01 Remove the root user from the group

Gpasswd-m u01,root,u02 GROUP01 Define a member list for a new group

grep "^group"/etc/group

Groups viewing activity groups

grep "^root"/etc/group view root Group information

grep root/etc/group View root in those groups

2. Settings for permissions

(1) file permissions focus on viewing and modifying

Permissions: Restrict user access to resources

LS-LH install.log Long format view file properties

-rw--r--r--1 root root 49 April 8 Install.log

Permissions limit number of nodes owner all group size date file name

Permission restrictions:

R Read-only octal number 4

W Write octal number 2

X Execute octal number 1

(2)

A, change the permissions of a file or directory

chmod [u/g/o (other users)/a (all users)] [+/-/=] [rwx] File/directory

chmod o+x/w/r directory or file

chmod o-x/w/r directory or file

chmod a-rwx/opt/hehe/a.file Cancel Multiple permissions

chmod nnn File/directory

chmod 775/opt/hehe chmod u=rwx,g=rwx,o-w

b, modify the attribution of the user

Chown: Genus Group files/directories

Chown U01:g01/hehe

chmod 750/hehe

Chown:root/hehe group changed to root group

Chown u02/hehe Modify user to U02

C, permission recursion to execute-r option

Case LIST:

Mkdir-p/test/test1/test2

Touch/test/test1/test2/a.file

chmod 770/test

Ls-ld/test

Ls-ld/test/test1 permissions are not recursive

Chmod-r 770/test to set permissions limits for a directory recursively

Ls-ld/test/test1 permissions are recursive

Chown-r u01:g01/test Recursive setting of the genus genera of the directory

Linux Account and Rights management