Linux account security Management--useradd, Groupadd, passwd, Chown, chmod tools

Groupadd

- g set Group ID number

Example: Groupadd Tomcat

groupadd-g600 Tomcat

Delete Group with Groupdel

Groupdel Tomcat

Useradd

     -c Comment Add a comment   to the new user;
    -d home_dir Specify a name for the main directory (if you do not want to use a login name for the main directory)  
    -e expire_date Specifies the date   for an account to expire in YYYYY-MM-DD format;
    -f inactive _days specify how many days after the account password expires this account is disabled,     

-1 means disable this feature
-G Initial_group The GID or group name of the specified user login group
-G Group ... Specify one or more additional groups to which the user belongs except for the logon group
-K must be used with-m to copy the contents of the/etc/skel directory to the user's home directory
-M create user's home directory
-M does not create the user's home directory (only used when the default setting is specified for creation)
-N Create a new group with the same name as the user login
-R Create System account
-P passwd Assigning a default password to a user account
s shell Specifies the default login shell
-U UID assigns a unique UID to the account

Example: Useradd-g tomcat-d/var/servlet/service-s/sbin/nologin Tomcat

Delete User with Userdel

Userdel Tomcat

Userdel-r Tomcat home Directory deleted together

passwd

-L Lock User

--stdin reading a password from a file or pipe

-U Unlock User

-D Quick Erase password

Example: passwd Tomcat modifying the Tomcat password

Passwd-l Tomcat Lock User

Passwd-u Tomcat Unlock User

passwd-d Tomcat Clear User password

echo "123456" |PASSWD--stdin Tomcat set Tomcat password to 123456

Usermod Modifying account information

-c< Notes > Modify the Notes text for the user account.

-D Login Directory > Modify user login directory.
-e< Expiration date > Modify the expiration date of the account.
-f< Buffer days > Modify the number of days after the password expires to close the account.
-g< Group > Modify the group to which the user belongs.
-g< Group > Modify the additional groups to which the user belongs.
-l< Account name > Modify user account name.
-L LOCKS the user password to invalidate the password.
-s<shell> modifies the shell used by the user when they log in.
-u<uid> Modify the User ID.
-U unlocks the password.

Instance:

USERMOD-G staff NewUser add NewUser to the group staff

Usermod-l newuser newuser1 Modified newuser1 user name is NewUser

Usermod-l NewUser Lock Account NewUser

Usermod-u NewUser Unlock the NewUser

chmod modifying file directory Permissions

Chmod can use numbers to represent permissions such as chmod 777 file
The syntax is: chmod ABC file
Each of the a,b,c is a number that represents user, group, and other permissions for different users and groups.
R=4,w=2,x=1

R is read permission, W is write permission, X is execute permission

4+2+1=7 to rwx property; readable writable executable
rw-property is 4+2=6; readable writable non-executable
To r-x the property, 4+1=5. Readable executable not writable

Chown modifying the owner and group of files and directories

Chown User1:tomcat/home/test

Chown user2:tomcat/home/test/-R recursive subdirectory modified together (-R)

This article is from the "Practical Linux knowledge and Skills sharing" blog, please be sure to keep this source http://superleedo.blog.51cto.com/12164670/1886432

Linux account security Management--useradd, Groupadd, passwd, Chown, chmod tools