Linux commands (---) User and Group management commands

The role of the user in the computer: the main realization of resource sharing, in sharing resources at the same time involved in resource security, but also new user password authentication, so that its resources by specific permissions of users or groups of users can be accessed.

User and group classification in Linux systems:

The user is divided into: admin user (root), normal user and system user ( permission assignment for the daemon to get resources, that is, the user needed when the system starts or needs to start a process service, also known as "pseudo-user")

User groups are divided into: The Administrator group, the ordinary user group, of course, when creating a user will create a basic group with the user name, so the pseudo-user also has its own basic group. Another user group for the user has an "additional group", of course, is also a common user group

The UID number that uniquely identifies the user is generated when the user is created, and of course the user group has GID, the administrator uid and GID is "0", so the user can be promoted to the system administrator if the UID and GID are changed to "0". In CENTOS6 the general UID is represented from the 1-499 interval as "System user", and the UID is the user of the "ordinary user".

useradd Command: Create a new user or update default new user information

"Feature" creates a new user or updates the user's original information

Syntax

useradd [option] USERNAME

"Common Options"

-U: [Uid_min,uid_max] defined in/ETC/LOGIN.DNFS/-G: Specifies the user's base group, which can be a group name or gid-c: Specifies the user's property information-D: Specifies the user's home directory, but if you specify a home directory that is different from the user name, Specifies that the directory should not exist beforehand-s: Specify user Login system default shell-g: Specify the user's additional group, different additional groups separated by commas, a user can belong to multiple additional groups, the group must exist in advance-r: Create System user centos6:1-499 Centos7 : 1-999

configuration Files/etc/passwd and/etc/shadow

The/etc/passwd file divides each row of data into "7" segments with ":" and each row represents one user information. Root:x:0:0:root:/root:/bin/bash These messages are: User name: Password placeholder: uid:gid: User profile (phone number, age, etc.): User's home directory: User Login system default Shell/etc/shadow: File with ": "Do the delimiter to divide the file each line of data into" 9 "segments, each line represents a user password security information root:$6$tlicikyx0qgdqzf5$qttrzgtgf1csp2gf5.twugh7mr9jlne32ojvcnvctd0x3lv/ YEQUA8YY.EN5XUEP4LIJAYDQ2I6FQAHVUEYNQ.:16912:0:99999:7:::1) User Name 2) encrypted password 3) Date of last password change (starting from 1970-1-1) 4) Minimum password term (per day, 0 = No minimum period) 5) Maximum password duration (per day) 6) password warning period (per day, 0 = unspecified warning) 7) Password inactivity period (per day) 8) account expiry time (starting 1970-1-1) 9) reserved domain

"Instance" useradd create user

[Email protected] ~]# useradd-u 505-c "This is TestUser" testuser1 [[email protected] ~]# tail-n 1/ETC/PASSW Dtestuser1:x:505:505:this is testuser:/home/testuser1:/bin/bash[[email protected] ~]# tail-n 1/etc/shadow testuser1:!! : 16913:0:99999:7::://password encryption is displayed as "!!" Indicates that the system cannot be logged on and no password is set

Usermod command: Modify a user account

"Function" modifies the user's basic information,

Syntax

usermod [Options] USERNAME

"Common Options"

Of course, you can directly change the/etc/shadow file, do not recommend-e: Modify user account Validity period-u: Modify user uid-g: Modify user base Group-C: Modify the user's property information-D: Modify the user's home directory, but if you specify a different home directory than the user name, Specify when the directory should not have pre-s: Modify the user Login system default shell-g: Modify the user's additional group, different additional groups separated by commas, a user can belong to more than one additional group, the group must exist beforehand-L: Modify the user name,-L: Lock the user password, the user password is invalid, Unable to log on to System-u: Unlock user password

"Instance" modifies user name, default shell, user attribute information

[Email protected] ~]# tail-n 2/etc/passwdgentoo:x:504:504:xxxxxxxxxxxxx:/home/gentoo:/bin/bash//original user information testuser1:x : 505:505:this is testuser:/home/testuser1:/bin/bash[[email protected] ~]# usermod-s "/bin/tcsh"-l user1-c "Tell" TE Stuser1[[email protected] ~]# tail-n 2/etc/passwd gentoo:x:504:504:xxxxxxxxxxxxx:/home/ Gentoo:/bin/bashuser1:x:505:505:tell 110:/HOME/TESTUSER1:/BIN/TCSH//modified user Information

passwd command: Update user ' s authentication tokens

"Features" for user/etc/shadow file management, similar to Usermod command

Syntax

passwd [Options] USERNAME

"Common Options"

-L: Lock User-U: Unlock user-n mindays: Specifies the minimum age of user password, indicates that the user must change password after # days to change password-x maxdays: Maximum use period, indicating user change password # After the password must be changed, or you can not log on to the system-W Warndays: How many days before the warning indicates that the user password maximum period expires before the # days to remind users to modify the password-I inactivedays: Inactive period, indicating that the user can also log on to the system-e EXPIRE:YY-MM-DD Set Password expiration period--stdin: Receive user password from standard input echo "PASSWORD" | passwd--stdin USERNAME indicates that echo comes out of the direct input to the passwd--stdin to set the USERNAME password, but must display can be used to send the/dev/null bit buckets black hole in the corresponding Have/dev/zero always spit zero

"Instance" adds a login authentication password to the user

Add a password method to the user one [[email protected] ~]# tail -n 2 /etc/shadowgentoo:!! : 16913:0:99999:7:::   //password encryption bit displays "!!" Indicates no password and cannot log on to the system user1:!! : 16913:0:99999:7:::[[email protected] ~]# passwd gentoochanging password for  user gentoo. new password:                 //Enter the password you need, the average user to set their own password requirements complexity bad password: it is based on a  dictionary wordretype new password:         // Re-enter the password, passwd: all authentication tokens updated successfully.//for the user to set the password method two, and check to see if the password was successful//not recommended, unless it is a batch new user, and the script is automatically generated, otherwise it is not recommended, in case someone has checked your history command or is standing behind you what to do oh, [[email protected] ~]#  echo  "[email protected]"  | passwd --stdin user1  Changing  password for user user1.passwd: all authentication&Nbsp;tokens updated successfully. [[email protected] ~]# tail -n 2 /etc/shadowgentoo:$6$jqgxgi3e$ Xziftua1lqvrcrwfhw6m4cwvjq4ktmh7qku8axnsajynzdikosrgqxt4pmilsmvo1bdlxw0algqbcjjl9/syi1:16913:0:99999:7:::user1 : $6$b5rzkpl1$3awfnwgvpz.vwn67szn58shlt4.j/rpnk7c/exgl0qfhpxwqyjtya0p2scr6zdti7cpfiihqkamrqunfmvlze1 : 16913:0:99999:7:::

Userdel command: Delete a user account and related files

"Features" commonly used to delete users

Syntax

Userdel [option] Useranme

"Common Options"

-R: To delete a user's home directory while deleting a user (caution)

"Instance" removes Gentoo users from the system and deletes the Gentoo master directory

[[email protected] ~]# ls /homegentoo  lisi  testuser1   zhangsan   //in the home directory is the main directory of Gentoo [[email protected] ~]# tail -n 2  /etc/passwdgentoo:x:504:504:xxxxxxxxxxxxx:/home/gentoo:/bin/bash   //gentoo User User1:x :505:505:tell 110:/home/testuser1:/bin/tcsh[[email protected] ~]# userdel -r  gentoo               // Delete Gentoo user and belong to home directory [[email protected] ~]# !lsls /homelisi  testuser1   zhangsan                          //no Gentoo master directory [[email protected] ~]# tail - n 2 /etc/passwd         //also no Gentoo user lisi:x:503:503::/ home/lisi:/bin/bashuser1:x:505:505:tell  110:/home/testuser1:/bin/tcsh 

Groupadd command: Create a new group

Feature when a user needs to specify an additional group, and the additional group must exist before it can be specified, a group must be created before the user-specified user-attached group is created.

Syntax

Groupadd [Options] GROUPNAME

"Common Options"

-G: Specify Gid-r When creating group: Create System Workgroup, GID in 1-499 interval

Instance creates a new group

Create a group named Testgroup,gid 534,[[email protected] ~]# groupadd-g 534 testgroup[[email protected] ~]# tail-n 2/etc/grouptest : x:555:testgroup:x:534://Create default system workgroup, GID in 1-399 zone [[email protected] ~]# groupadd-r systemgroup[[email protected] ~]# Tail-n 2/etc/grouptestgroup:x:534:systemgroup:x:498:

gpasswd command: Administer/etc/group and/etc/gshadow

"Features" Management/etc/group,/etc/gshadow file, when set password for the group, can be implemented when the user is not a member of the reorganization, can be set by gpasswd password, group switching, Operation completed exit, not commonly used

Syntax

gpasswd [Options] GROUPNAME

"Common Options"

-A User: Add user to the specified group, additional groups

-D User: Remove users from additional groups

-A user1,user2 ..., set up a list of users with administrative privileges

NewGroup: Temporary Switch Group

PWCK: Checking the completion of user authentication information

"Instance 1" Add Delete user Attach Group

[[email protected] ~]# ID user1uid=505 (user1) gid=505 (testuser1) groups=505 (testuser1) [[email protected] ~]# gpasswd-a u Ser1 Test//Add test Group additional group for user User1 adding user user1 to group Test[[email protected] ~]# ID user1uid=505 (user1) gid=505 (test User1) groups=505 (TestUser1), 555 (test) [[email protected] ~]# gpasswd-d user1 test//Remove User1 additional group testremoving user User1 From group Test[[email protected] ~]# ID user1uid=505 (user1) gid=505 (testuser1) groups=505 (testuser1)

groupdel Command: Delete a group

"Features" removes user groups from the system

Syntax

Groupdel GROUPNAME

"Instance" deletes a group in the system

[Email protected] ~]# tail-n 2/etc/grouptestgroup:x:534:systemgroup:x:498:[[email protected] ~]# Groupdel Systemgroup [Email protected] ~]# tail-n 2/etc/grouptest:x:555:testgroup:x:534:

Chage command: Change user password expiry information

"Feature" Modifies user/etc/shadow file field information

Syntax

chage [Options] USERNAME

"Common Options"

-D,--lastday Last_day modifies the most recent password time-E,--expiredate expire_date effective Time-I,--inactive inactive inactive Duration-m,--mindays min_days Minimum days of Use-M,--maxdays max_days maximum use days-W,--warndays warn_days advance warning time

"Instance" modifies the user password expires "Early warning days"

[Email protected] ~]# tail-n 1/etc/shadowuser1:$6$b5rzkpl1$3awfnwgvpz.vwn67szn58shlt4.j/rpnk7c/ Exgl0qfhpxwqyjtya0p2scr6zdti7cpfiihqkamrqunfmvlze1:16913:0:99999:7::://default is 7 days [[email protected] ~]# chage-w 6 user1[ [Email protected] ~]# tail-n 1/etc/shadowuser1:$6$b5rzkpl1$3awfnwgvpz.vwn67szn58shlt4.j/rpnk7c/ Exgl0qfhpxwqyjtya0p2scr6zdti7cpfiihqkamrqunfmvlze1:16913:0:99999:6::://has been modified to 6 days

More details: Google, Baidu or participate in training

This article is from the "Perthon" blog, make sure to keep this source http://perthon.blog.51cto.com/10484057/1766927

Linux commands (---) User and Group management commands