Linux User and Group management
Install the context:
The process runs as its initiator;
The process's access to the file depends on the permissions of the user initiating the process;
System User: In order to enable the background process or service class process to run as a non-administrator, it is often necessary to create a number of ordinary users, such users do not have to log on the system;
Groupadd command: Adding a group
Groupadd [Options] Group_name
-G GID: Specifies GID; default is the gid+1 of the previous group;
-r: Create a system group;
Groupmod Command: Modify Group properties
groupmod [Options] GROUP
-G GID: Modify GID;
-N new_name: Modify group name;
Groupdel command: Delete a group
Groupdel [Options] GROUP
Useradd command: Create user
useradd [Options] Login name
-U,--uid uid: Specifies UID;
-G,--gid Group: Specifies the base group ID, which must exist beforehand;
-G,--groups group1[,group2,... [, GROUPN]] : Indicates the additional group to which the user belongs, separated by commas between multiple groups;
-C,--comment Comment: Specify the annotation information;
-D,--home Home_dir: The user's home directory with the specified path,/etc/skel this directory by copying and renaming the implementation; The specified home directory path does not replicate the environment profile for the user if it exists beforehand;
-S,--shell Shell: Specifies the user's default shell, and all available shell lists are stored in the/etc/shells file;
-R,--system: Create System user;
Note: Many of the default configuration files when creating a user are/etc/login.defs
Useradd-d: Displays the default configuration of the created user;
useradd-d option: Modifies the value of the default option;
The result of the modification is saved in the/etc/default/useradd file;
Usermod command: Modify user Properties
usermod [Options] Login
-U,--uid UID: Modifies the user's ID to the new UID specified at this point;
-G,--gid Group: Modifies the basic group to which the user belongs;
-G,--groups group1[,group2,... [, GROUPN]] : Modify the additional group to which the user belongs, and the original additional group will be overwritten;
-A,--append: used in conjunction with-G to append new additional groups to the user;
-C,--comment Comment: Modify the annotation information;
-D,--home Home_dir: Modify the user's home directory, the user's original files will not be transferred to the new location;
-M,--move-home: can only be used with the-D option to move the original home directory to a new home directory;
-L,--login new_login: Modify user name;
-S,--shell Shell: Modifies the user's default shell;
-L,--lock: Lock the user password, i.e. add a "!" before the user's original password string. ;
-U,--unlock: Unlocks the user's password;
Userdel command: Delete user
Userdel [Options] Login
-R: Delete the user's home directory;
Exercise 1: Create a user gentoo,uid of 4001, the basic group is Gentoo, the additional group is distro (GID 5000) and Peguin (GID 5001);
Exercise 2: Create a user fedora with the annotated message "Fedora Core", the default shell being/bin/tcsh;
Exercise 3: Modify the Gentoo user's home directory to/var/tmp/gentoo, and request that its original files still be accessible to users;
Exercise 4: Add additional group netadmin for Gentoo;
passwd command:
passwd [-K] [-l] [-u [-f]] [-d] [-e] [-N mindays] [-X Maxdays] [-W warndays] [-I inactivedays] [-S] [--stdin] [username]
(1) passwd: Modify the user's own password;
(2) passwd USERNAME: Modify the password of the specified user, but only root has this permission;
-L,-u: Lock and unlock users;
-D: Clear the user password string;
-e Date: Expiration period, date;
-I days: inactivity period;
-N days: The minimum period of use of the password;
-X days: The maximum age of the password;
-W days: Warning period;
--stdin:
echo "PASSWORD" | passwd--stdin USERNAME
GPASSWD command:
Group Password file:/etc/gshadow
GPASSWD [Options] Group
-a USERNAME: adding users to a group
-D USERNAME: Removing users from a group
NEWGRP command: Temporarily switch the specified group to the base group;
NEWGRP [-] [group]
-: Will impersonate the user to re-login in order to re-initialize their work environment;
Chage command: Change user password expiration information
chage [Options] Login name
-D
-E
-W
-M
-M
ID Command: Displays the user's true and valid ID;
ID [OPTION] ... [USER]
-U: Displays only valid UID;
-G: Displays only the user's base group ID;
-G: Displays only the IDs of all groups to which the user belongs;
-N: Displays the name instead of the ID;
SU command: Switch user
Logon switching: Re-initialized by reading the target user's configuration file
Su-username
Su-l USERNAME
Non-logon switchover: Initialization of the target user's profile is not read
Su USERNAME
Note: The administrator can switch to any other user without password;
-C ' command ': The command specified here is only run as the specified user;
Several other commands: Chsh, CHFN, Finger, WhoAmI, Pwck, GRPCK
Command summary: Groupadd, Groupmod, Groupdel, Useradd, Usermod, Userdel, passwd, GPASSWD, newgrp, id, su, chage
Linux-based user and group management