Linux Basic user management and its classification

User management is mainly done by modifying the user profile

The ultimate purpose of using the User Management Control tool is also to modify the user profile

The UID value of each user is unique

first, the user classification

The user's role is identified by UID, not by user name

Linux system Three categories of users: Root users, system users, ordinary users

1 ) Root User

Root The user uid is 0, the most privileged

2 ) system Users

Also become a virtual user, pseudo-user or fake user, does not have the ability to log on to the Linux system, but it is an indispensable user of the system operation

CentOS6 : 1~499

CentOS7 : 1~999

3 ) Ordinary users

Ability to log on to Linux systems with limited permissions, created by management

CentOS6 : 500~60000

CentOS7 : 1000~60000

Assuming that the user logged into the system with Zhangsan, the system will first check the/etc/passwd file to see if there is zhangsan this account, and then determine the user Zhangsan uid, through the UID to confirm the user's side, if there is read/etc/ The password that corresponds to the shadow file. If the password is verified correctly, log in to the system and read the user's configuration file.

Second, user-related configuration files1,/etc/passwd file

Linux all users in the system are logged in the file

Can be viewed by any user, but only the root user can modify

[Email protected] home]# CAT/ETC/PASSWD

Root:x:0:0:root:/root:/bin/bash

Bin:x:1:1:bin:/bin:/sbin/nologin

Daemon:x:2:2:daemon:/sbin:/sbin/nologin

Adm:x:3:4:adm:/var/adm:/sbin/nologin

... ...

The meaning of each field:

User name: Password: uid:gid: User description: User home directory: User Login Shell Type

UID The maximum value can be viewed in the/etc/login.defs file:

[Email protected] ~]$ cat/etc/login.defs |grep Uid_max

Uid_max 60000

2,/etc/shadow file

This file can only be viewed and manipulated by root

[Email protected] ~]# Cat/etc/shadow

Root:$6$w/wqr.c7cduh.vvn$40kmrg9dvs1mrkcyhysms9x6.rq3jklull4e4vtzksqpw9ie8x.o15fgdejio9slmsaxfanqe/vmg9jelqhhl /:17012:0:99999:7:::

Bin:*:17012:0:99999:7:::

Daemon:*:17012:0:99999:7:::

Adm:*:17012:0:99999:7:::

... ...

The meaning of each field:

User name: Encrypted password: the date the user last changed the password: the number of days before the password is allowed to be replaced: number of days before password replacement: Number of days before password change: Number of days before the account is deactivated: User account Expiration Date: Reserved field

Third, manage user accounts

In a Linux system, you can use graphical management tools and character commands for management.

[Email protected] ~]# rpm-ivh/media/packages/system-config-users-1.3.5-2.el7.noarch.rpm--nodeps

Warning:/media/packages/system-config-users-1.3.5-2.el7.noarch.rpm:header v3rsa/sha256 Signature, key ID f4a80eb5: Nokey

Preparing ... #################################[100%]

Updating/installing ...

1:system-config-users-1.3.5-2.el7 ################################# [100%]

system-config-users is a graphical user management tool that allows users and groups to be managed in a visual environment.

1, create user accounts

When creating a new account, assign the user uid, group, home directory, and login shell resources to the new account.

The newly created user is locked out by default and cannot be used without using passwd to set a password.

Creating a new user is adding a user record to/etc/passwd and updating the/etc/shadow and/etc/grouop files.

AddUser useradd is a soft link file, both have the same function, you can create a new account.

Command syntax:

useradd [ options] [user name]

- D : Specify the user's home directory

- e : Set the expiration date of the account

- F : Sets the number of days after the password expires to close the account

- C : Set User account description information

- G : Specify the user's base group

- G : Specify additional groups for users

- M : Create home directory

- M : Do not set up home directory

- R : Specifies that the system user is created

- S : User Login Shell Type

- u : Specify user uid

Create Zhangsan user, UID 1010, home directory/testdir/zhangsan, owning group root, login shell as/bin/csh

[Email protected] ~]# useradd-u 1010-d/testdir/zhangsan-g root-s/bin/csh Zhangsan

Once created, use the getent command to view

[Email protected] ~]# getent passwd Zhangsan

Zhangsan:x:1010:0::/testdir/zhangsan:/bin/csh

[Email protected] ~]# getent shadow Zhangsan

zhangsan:!! : 17015:0:99999:7:::

Zhangsan The user does not create a password, the password displays "!!" indicating that the system cannot be logged on

[Email protected] ~]# echo CentOS | Passwd--stdin Zhangsan

Changing password for user Zhangsan.

Passwd:all Authentication tokens updatedsuccessfully.

[Email protected] ~]# getent shadow Zhangsan

zhangsan:$6$7wwjhbjh$u49xrbtbl3njimeriheop2habtyjuviz.oqimtghgjjwa0nyqxeg2hfxmxwnbze6dt1rpsvlqgfmfck3.d3pm. : 17015:0:99999:7:::

2, modify user accounts

Usermod You can change the user's shell type, the group to which it belongs, the password has a time limit, and change the user's login name

Command syntax:

usermod [ options] [user name]

- G : Modify the user's additional group

- L : Modify the name of the user account

- L : Lock the user's password to invalidate the password

- S : Modify User Login Shell

- u : Unlock Password

- u : Modify User uid

- C : Modify User description Information

- D : Modify the user home directory

- e : Modify the account expiration date

- F : Change the number of days after the password expires to close the account

- G : Modifying a user base group

- o : Allows the use of duplicate UID

- M : Move the contents of the home directory to a new location

Change the Zhangsan user's home directory from the previous/home/zhangsan to/home/wang, and change the login name to Wang.

[Email protected] ~]# ls/home/

CentOS Cyh xiaoming Zhangsan

[Email protected] ~]# CAT/ETC/PASSWD | Grepzhangsan

Zhangsan:x:1003:1003::/home/zhangsan:/bin/bash

[Email protected] ~]# usermod-d/home/wang-m-L Wang Zhangsan

[Email protected] ~]# getent passwd Wang

Wang:x:1003:1003::/home/wang:/bin/bash

[Email protected] ~]# ls/home/

CentOS Cyh Wang Xiaoming

The expiration date of the modified user Wang account is December 30, 2017, which is disabled 15 days after the password expires.

[Email protected] ~]# Getent shadow Wang

wang:!! : 17015:0:99999:7:::

[Email protected] ~]# usermod-e 12/30/2017-f Wang

[Email protected] ~]# Getent shadow Wang

wang:!! : 17015:0:99999:7:15:17530:

3, delete user accounts

Delete a user account from a Linux system

Command syntax

Userdel [ options] [user name]

- R : Delete the user's home directory and the local mail store directory or file when deleting the user

- F : Force Delete user account

Delete Wang's user account and keep the Wang user's home directory and its contents

[Email protected] ~]# Userdel Wang

[Email protected] ~]# CAT/ETC/PASSWD | grep Wang

[Email protected] ~]# ls/home/

CentOS Cyh Wang Xiaoming

In practice, when deleting a user, it is very likely that you want to keep a user's home directory and the following important data (when you want to delete it with the home directory, you need to back up the important content in the user directory to avoid unnecessary loss)

This article is from the "Linux on the Road" blog, be sure to keep this source http://dreamlinuxc.blog.51cto.com/5733156/1833696

Linux Basic user management and its classification