Linux Add Users, permissions

# useradd–d/usr/sam-m Sam

This command creates a user Sam, where the-D and-m options are used to generate a home directory for the login Sam/usr/sam (/usr is the parent directory where the default user home directory resides).

Assuming the current user is Sam, the following command modifies the user's own password:

# passwd

Old password:******

New password:*******

Re-enter New password:*******

If you are a superuser, you can specify the password for any user in the following form:

# passwd Sam

New password:*******

Re-enter New password:*******

>> Reference 1====================================

1. Add Users

First, add an ordinary user with the AddUser command, with the following command:
#adduser Tommy//Add a user named Tommy
#passwd Tommy//Change Password
Changing password for user Tommy.
New UNIX Password://Enter your password here
Retype new UNIX Password://Enter password again
Passwd:all authentication tokens updated successfully.
2. Give root permission
Method One: Modify the/etc/sudoers file, locate the following line, remove the previous comment (#)
# # allows people in group wheel to run all commands
%wheel all= (All) all
Then modify the user to belong to the root group (wheel) with the following command:
#usermod-G root Tommy
After the modification, you can now log in with your Tommy account, and then use the command Su-to get root privileges to operate.
Method Two: Modify the/etc/sudoers file, locate the following line, and add a line under root as follows:
# allow ROOT to run any commands anywhere
Root all= (All) all
Tommy All= (All) all
After the modification, you can now log in with your Tommy account, and then use the command Su-to get root privileges to operate.

>> Reference 2==================================== With Useradd new users can not directly use SSH remote access, need to modify the SSH-related configuration As follows: Vi/etc/ssh/sshd_config Add to allowusers [email protected] Admin Multiple users separated by spaces

>> Reference 3====================================
how to get the root user permission to perform operations on a regular userWithout needing to know the root user's password or to switch to the root user? There is a command sudo can implement this function.
sudo workflow:
(1) The root user edits the/etc/sudoers file and adds a regular user record to be assigned, with one line of records: Root all= (All) all, added after this line: Sam all= (All) all
(2) Then when the SAM user performs the operation, if the operation does not have the permission, it will go to the/etc/sudoers file to find out if there is a corresponding record, if there is a temporary root permission to perform operations that only root can perform.
Note: You will be prompted for the password, but the password for the SAM user is entered, not the root user's password. For example:
shell> sudo mkdir–p a/b/c/d
We Trust you are received the usual lecture from the local System
Administrator. It usually boils down to these three things:
#1) Respect the privacy of others.
#2) Think before you type.
#3) with great power comes great responsibility.
Password: #这里的密码是sam用户自己的密码, not root password
Several operations:
1) Edit the/etc/sudoers file, use the Visudo command,
Shell> Visudo
In fact, the Visudo command is also called VI to edit the Sudoer file, but in the save will go to check the syntax of your modified file, if the error is not saved, but if you directly use VI to edit the file, force save although successful, but if there is a language
Method error here does not give a hint, also caused the later sudo command is not available.
2) Record parsing:
Sam all= (All) all
The host to which the user account is logged in = (the identity that can be transformed) commands that can be issued
The above statement means that the SAM user can log in anywhere and can switch to any user for any action. if (all) is not written, only as Sam All=all, he can only switch to the root user by default.

>> Reference 4====================================

Linux chown command parameters and usage details--Change the owner of the file:

To change the owner of a file program.c: chown Jim Program.c
The user access rights for PROGRAM.C are now applied to Jim. As an owner, Jim can use the chmod command to allow or deny other users access to PROGRAM.C.

To change the owner and group of all files in directory/tmp/src to user John and group build:chown-r john:build/tmp/src

For example: the owner of the Tomcat installation directory is modified (#chown-R user:group/usr/java/tomcat5.5)

>> Reference 5====================================

Add, delete, modify, view users and user groups under Linux

1, create a group

Groupadd Test

Add a test group

2, modify Group

Groupmod-n test2 Test

Change the name of the test group to Test2

3, deleting a group

Groupdel test2

Delete Group Test2

4, viewing groups

A), view the group groups where the current logged-on user is located, and view the Apacheuser group groups Apacheuser

b), view all groups Cat/etc/group

c), some Linux systems do not have/etc/group files, this time to see the following method

CAT/ETC/PASSWD |awk-f [:] ' {print $4} ' |sort|uniq | Getent group |awk-f [:] ' {print $} '

Here a command is getent, you can find the group information through the group ID, if the command is not, it is difficult to find, all the groups in the system.

Two, user operation

1, increase the user

View copy print?

[Email protected] mytest]# Useradd–help

Usage:useradd [Options] LOGIN

Options:

-b,–base-dir Base_dir Set the base path as the user's logon directory

-c,–comment comment comments to the user

-d,–home-dir Home_dir Setting the user's login directory

-d,–defaults changing settings

-e,–expiredate Expire_date Set the user's validity period

-f,–inactive inactive user expires, make password invalid

-g,–gid Group enables users to belong to only one group

-g,–groups groups enable users to join a group

-h,–help Help

-k,–skel Skel_dir Specify a different Skel directory

-k,–key key=value Overwrite/etc/login.defs configuration file

-m,–create-home Automatically create login directories

-L, do not add the user to the Lastlog file

-M, do not create the login directory automatically

-R, set up the system account

-o,–non-unique allows the user to have the same UID

-p,–password password using encrypted passwords for new users

-s,–shell Shell Login Time Shell

-u,–uid UID Specifies a UID for the new user

-z,–selinux-user Seuser use a specific seuser for the SELinux user mapping

[Email protected] mytest]# Useradd--help

Usage:useradd [Options] LOGIN

Options:

-B,--base-dir Base_dir set the base path as the user's login directory

-C,--comment comment comments to the user

-D,--home-dir Home_dir set the user's login directory

-D,--defaults change settings

-E,--expiredate expire_date set the user's validity period

-F,--inactive inactive the password is invalid after the user expires

-G,--gid group enables users to belong to only one group

-G,--groups groups enables users to join a group

-H,--help help

-K,--skel Skel_dir Specify a different Skel directory

-K,--key key=value overwrite/etc/login.defs configuration file

-M,--create-home automatically create login directory

-L, do not add the user to the Lastlog file

-M, do not create the login directory automatically

-R, set up the system account

-O,--non-unique allows the user to have the same UID

-p,--password password use encrypted password for new user

-S,--shell Shell login Time Shell

-U,--uid uid specifies a UID for the new user

-Z,--selinux-user seuser use a specific seuser for the SELinux user Mappinguseradd test

passwd test

Add user test, one thing to note, useradd add a user, do not forget to set a password for him, otherwise you can not log in.

2, modify the user

usermod-d/home/test-g test2 Test

Change the login directory of the test user to/home/test and join the Test2 group, note that this is the big G.

Gpasswd-a test test2 Adding user test to the Test2 group

gpasswd-d test test2 To remove user test from the Test2 group

3, delete user

Userdel Test

Remove the test user

4. View Users

A) to view the currently logged on user

[Email protected] ~]# W

[email protected] ~]# who

b), view your user name

[Email protected] ~]# WhoAmI

c) To view individual user information

[email protected] ~]# finger Apacheuser

[[email protected] ~]# ID apacheuser

d) To view user login records

[[email protected] ~]# Last view login successful user record

[[email protected] ~]# LASTB View login unsuccessful user record

e), view all users

[Email protected] ~]# cut-d:-F 1/ETC/PASSWD

[[email protected] ~]# cat/etc/passwd |awk-f \: ' {print $} '

Linux Add Users, permissions