Linux Create user group and user groups, rights assignment examples

1,
How to add an account under Linux system: User name is std02, password is PWD02?
: #useradd std02
#passwd std02
Prompt to enter password pwd02, and then press prompt to enter PWD02
You can also:
#useradd-N std02-p pwd02

2,
Create a new subdirectory/home/public so that it is shared by all users and has all permissions, but cannot be deleted by non-owner?
: #mkdir/home/public
#chmod A+trwx/home/public

3,
Allow a subdirectory/home/student02 to be privatized, allowing only the std02 to enjoy it?
#mkdir/home/student02
#chown std02/home/student02//privatization
#chmod a-rwx/home/student02//Exclusive
#chmod u+rwx/home/student02
namely #chmod 700/home/student02

4. How to make a user a member of a group of users?
For example, make STD03 a member of the student group?
: #groupadd Student
#useradd-G student-n std03

5,

Planning a user and group: There are program developers 5 people, project Manager 2 people, respectively named: Prg01~prg05,mgr01,mgr2, and belong to the group of programs and manage, now according to the following requirements planning:
(1), each developer has its own account, user name: PRG??, Password: Prog?? ；
(2) Each developer belongs to the program group and shares two subdirectories: program and source, with all permissions;

(3), each administrator has its own account, user name Mgr??, password: Mngr?? ；
(4) Each administrator belongs to the Manage group and shares two subdirectories: Project and document with all permissions;

(5), open up a common subdirectory/home/public, so that it is shared by all users, and have all the permissions, but can not be deleted by the non-owner?

: Create two groups

#groupadd Program
#groupadd Manage
Add five Developers
#useradd-G program-n PRG 01-p prog01
#useradd-G program-n PRG 02-p prog02
#useradd-G program-n PRG 03-p prog03
#useradd-G program-n PRG 04-p prog04
#useradd-G program-n PRG 05-p prog05

Add two Administrators

#useradd-G manage-n Mgr01 Mngr01
#useradd-G manage-n Mgr02 Mngr02
Create four subdirectories

#mkdir/home/program
#mkdir/home/source
#mkdir/home/project
#mkdir/home/document

#chmod 770/home/program
#chgrp Program/home/program
#chmod 770/home/source
#chgrp Program/home/source
#chmod 770/home/project
#chgrp Manage/home/project
#chmod 770/home/document
#chgrp manage/home/document

Open up a common subdirectory

#mkdir/home/public
#chmod A+rwxt/home/public

#chmod 777/home/public
#chmod A+t/home/public

Delete Account

If a user's account is no longer in use, it can be removed from the system. Deleting a user account is to remove the user record from the system files such as/etc/passwd and, if necessary, delete the user's home directory. Delete an existing user account using the Userdel command, in the following format:

Code:
Userdel option User Name

The commonly used option is-r, which is to delete the user's home directory together.
For example:

Code:
# Userdel Sam

This command deletes the user Sam's record in the system file (mainly/etc/passwd,/etc/shadow,/etc/group, and so on) while deleting the user's home directory.

3, modify the account

Modify the user account is based on the actual situation to change the user's related properties, such as user number, home directory, user group, login shell and so on.
Modify the information of an existing user using the Usermod command, in the following format:

Code:
Usermod option User Name

Common options include-C,-D,-M, G, G, S,-u, and-O, and the meanings of these options are the same as those in the Useradd command, which can specify a new resource value for the user. In addition, some systems can use the following options:

Code:
-L New User name

This option specifies a new account that will change the original username to the new username.
For example:
Code:
# usermod-s/bin/ksh-d/home/z–g developer Sam
This command modifies the login shell of the user Sam to Ksh, the home directory to/home/z, and the user group to developer.

4, the User password management

One important aspect of user management is the management of user passwords. The user account was created without a password, but is locked by the system and cannot be used, and must be assigned a password before it can be used, even if a null password is specified.
The shell command that specifies and modifies a user's password is passwd. A superuser can specify a password for himself and other users, and a normal user can only use it to modify his or her password. The format of the command is:
Code:

passwd option User Name
Options you can use:

Code:
-L locks the password, that is, the account is disabled.
-u password unlock.
-D makes the account password-free.
-F forces the user to modify the password at the next logon.
If the default user name, the password for the current user is modified.

For example, if the current user is a SAM, the following command modifies the user's own password:

Code:
$ passwd
Old password:******
New password:*******
Re-enter New password:*******

If you are a superuser, you can specify any user's password in the following form:

Code:
# passwd Sam
New password:*******
Re-enter New password:*******

Ordinary users modify their own password, the passwd command will ask the original password, verify that the user input two times after the new password, if the password entered two times, the password will be assigned to the user, and the root user to specify the password, you do not need to know the original password.

For the sake of system security, users should choose a more complex password, for example, preferably with a 8-bit long password, which contains uppercase, lowercase letters, and numbers, and should be different from names, birthdays, and so on.

When you specify a blank password for the user, the following form of command is performed:

Code:
# passwd-d Sam

This command deletes the password for the user Sam so that the system will no longer ask for the password the next time the user Sam logs on.

The passwd command can also lock a user with the-l (lock) option so that it cannot log on, for example:

Code:
# passwd-l Sam
New User exception:
useradd-d/usr/hadoop-u 586-m hadoop-g Hadoop
1 Creating mailbox file: Files already exist
Delete to rm-rf/var/spool/mail/user name
2 useradd:invalid numeric argument ' Hadoop '
This is because the Hadoop group does not exist please build the Hadoop group first
You can view the pass of a user through CAT/ETC/PASSWD
Cat/etc/shadow can view user names
Cat/etc/group can view groups

1, add a new user group to use the Groupadd command. The format is as follows:

Code:
Groupadd Option User Group

The options you can use are:
Code:
-G GID Specifies the group identification number (GID) of the new user group.
-O is commonly used concurrently with the-G option, which means that the GID for the new user group is the same as the GID of the system already has a user group.

Example 1:

Code:
# Groupadd Group1

This command adds a new group group1 to the system, and the group identification number of the new group is based on the currently existing maximum group identification number plus 1.

Example 2:

Code:
#groupadd-G-group2

This command adds a new group group2 to the system and specifies that the group identification number for the new group is 101.

2, if you want to delete an existing user group, use the Groupdel command, the format is as follows:

Code:
Groupdel User Group

For example:

Code:
#groupdel group1

This command deletes the group group1 from the system.

3, modify the properties of the user group using the groupmod command. The syntax is as follows:

Code:
Groupmod Option User Group

The common options are:
Code:
-G GID Specifies a new group identification number for the user group.
With the-O and-g option, the new GID for the user group can be the same as the GID for the system already has a user group.
-N New user group to change the name of the user group to a new name

Example 1:

Code:
# GROUPMOD-G 102 Group2

This command modifies the group identification number of the group group2 to 102.

Example 2:

Code:
# groupmod–g 10000-n Group3 group2

This command changes the identification number of the group group2 to 10000 and the group name to Group3.

4. If a user belongs to more than one user group at the same time, the user can switch between user groups to have other user group permissions. The user can switch to another user group after logging in using the command newgrp, and the command's parameter is the destination user group. For example:

Code:
$ NEWGRP Root

This command switches the current user to the root group, provided that the root group is indeed the user's primary or additional group. Similar to user account management, user group management can also be accomplished through integrated system management tools.

Permission Assignment
assigning permissions
Chown-r hadoop:hadoop/usr/hadoop/

Let normal users have root permissions
1.root login
2.adduser username
3.passwd username
  OK password
4. Modify the/etc/passwd, Modify the ID and ID Group of the user name to 0.