Linux-based user and group management

Linux User and Group management

Install the context:

The process runs as its initiator;

The process's access to the file depends on the permissions of the user initiating the process;

System User: In order to enable the background process or service class process to run as a non-administrator, it is often necessary to create a number of ordinary users, such users do not have to log on the system;

Groupadd command: Adding a group

Groupadd [Options] Group_name

-G GID: Specifies GID; default is the gid+1 of the previous group;

-r: Create a system group;

Groupmod Command: Modify Group properties

groupmod [Options] GROUP

-G GID: Modify GID;

-N new_name: Modify group name;

Groupdel command: Delete a group

Groupdel [Options] GROUP

Useradd command: Create user

useradd [Options] Login name

-U,--uid uid: Specifies UID;

-G,--gid Group: Specifies the base group ID, which must exist beforehand;

-G,--groups group1[,group2,... [, GROUPN]] : Indicates the additional group to which the user belongs, separated by commas between multiple groups;

-C,--comment Comment: Specify the annotation information;

-D,--home Home_dir: The user's home directory with the specified path,/etc/skel this directory by copying and renaming the implementation; The specified home directory path does not replicate the environment profile for the user if it exists beforehand;

-S,--shell Shell: Specifies the user's default shell, and all available shell lists are stored in the/etc/shells file;

-R,--system: Create System user;

Note: Many of the default configuration files when creating a user are/etc/login.defs

Useradd-d: Displays the default configuration of the created user;

useradd-d option: Modifies the value of the default option;

The result of the modification is saved in the/etc/default/useradd file;

Usermod command: Modify user Properties

usermod [Options] Login

-U,--uid UID: Modifies the user's ID to the new UID specified at this point;

-G,--gid Group: Modifies the basic group to which the user belongs;

-G,--groups group1[,group2,... [, GROUPN]] : Modify the additional group to which the user belongs, and the original additional group will be overwritten;

-A,--append: used in conjunction with-G to append new additional groups to the user;

-C,--comment Comment: Modify the annotation information;

-D,--home Home_dir: Modify the user's home directory, the user's original files will not be transferred to the new location;

-M,--move-home: can only be used with the-D option to move the original home directory to a new home directory;

-L,--login new_login: Modify user name;

-S,--shell Shell: Modifies the user's default shell;

-L,--lock: Lock the user password, i.e. add a "!" before the user's original password string. ；

-U,--unlock: Unlocks the user's password;

Userdel command: Delete user

Userdel [Options] Login

-R: Delete the user's home directory;

Exercise 1: Create a user gentoo,uid of 4001, the basic group is Gentoo, the additional group is distro (GID 5000) and Peguin (GID 5001);

Exercise 2: Create a user fedora with the annotated message "Fedora Core", the default shell being/bin/tcsh;

Exercise 3: Modify the Gentoo user's home directory to/var/tmp/gentoo, and request that its original files still be accessible to users;

Exercise 4: Add additional group netadmin for Gentoo;

passwd command:

passwd [-K] [-l] [-u [-f]] [-d] [-e] [-N mindays] [-X Maxdays] [-W warndays] [-I inactivedays] [-S] [--stdin] [username]

(1) passwd: Modify the user's own password;

(2) passwd USERNAME: Modify the password of the specified user, but only root has this permission;

-L,-u: Lock and unlock users;

-D: Clear the user password string;

-e Date: Expiration period, date;

-I days: inactivity period;

-N days: The minimum period of use of the password;

-X days: The maximum age of the password;

-W days: Warning period;

--stdin:

echo "PASSWORD" | passwd--stdin USERNAME

GPASSWD command:

Group Password file:/etc/gshadow

GPASSWD [Options] Group

-a USERNAME: adding users to a group

-D USERNAME: Removing users from a group

NEWGRP command: Temporarily switch the specified group to the base group;

NEWGRP [-] [group]

-: Will impersonate the user to re-login in order to re-initialize their work environment;

Chage command: Change user password expiration information

chage [Options] Login name

-D

-E

-W

-M

-M

ID Command: Displays the user's true and valid ID;

ID [OPTION] ... [USER]

-U: Displays only valid UID;

-G: Displays only the user's base group ID;

-G: Displays only the IDs of all groups to which the user belongs;

-N: Displays the name instead of the ID;

SU command: Switch user

Logon switching: Re-initialized by reading the target user's configuration file

Su-username

Su-l USERNAME

Non-logon switchover: Initialization of the target user's profile is not read

Su USERNAME

Note: The administrator can switch to any other user without password;

-C ' command ': The command specified here is only run as the specified user;

Several other commands: Chsh, CHFN, Finger, WhoAmI, Pwck, GRPCK

Command summary: Groupadd, Groupmod, Groupdel, Useradd, Usermod, Userdel, passwd, GPASSWD, newgrp, id, su, chage

Linux-based user and group management