Linux Create modify delete users and groups

Introduction

In the daily maintenance process to create user actions relatively more, but in this process involved in the knowledge point is not just useradd, next to learn more about account management information.

User Information

first from the user information analysis, you can query the/etc/password file, each line represents a user information

root:x: 0:0: Root:/root:/bin/bash

Bin:x:1:1:bin:/bin:/sbin/nologin

Daemon:x:2:2:daemon:/sbin:/sbin/nologin

Mysql:x:496:501::/home/mysql:/bin/bash

Each colon is separated by a portion, and the entire line is divided into 7 parts.

1. User Name

2. User password, the previous version of the account password is directly present here, in order to be compatible so also retained this part, with X instead.

3.UID: belongs to the user ID, each file has the user and group that the file belongs to, in fact, the UID is only through the UID and then go to Etc/password,/etc/shadow find the corresponding UID and GID name.

Uid=0 for super users

System User (1-499): 1-99 is created by the system, 100-499 is a user-created system account, the system user cannot log in but can execute some of the system's commands, which is related to the last specified shell; A special shell is/sbin/nologin.

Normal User (500-65535)

4.GID: User group ID to which the account belongs, associated with the/etc/group group file

5. User Description

6. User's home directory: Create a user's home directory by default in/home/users/, when creating users can specify the user's home directory, the system user's home directory is more special, such as the root user's home directory is/root

7.shell:shell is the terminal and kernel (core) communication bridge, kernel and low-level hardware interaction (including CPU, motherboard, hard disk, video card, optical drive, etc.), the Linux default shell is/bin/bash

Password information

Each line in the user's password file records a user's password information, with a total of nine sections

[[email protected] ~] /etc/shadowroot:$1$4/cbv0uu$gz1mevqxy6/ 9uatgi9yut0:16862:0:99999:7:::

1. User name: User information in the corresponding/etc/password file

2. Password: The password is ciphertext

3. The date of the most recent password change: Linux will be January 1, 1970 as 1, so the above 16862 is cumulative, not to forget the specific

4. Number of days the password cannot be changed: 0 indicates that the password can be changed at any time, and can often be used to set how many days a user's password cannot be changed

5. The number of days the password needs to be changed: 99999 is 273 years, the change time is added on the basis of the 3rd part.

6. Password needs to be modified before the warning days: The number of days is calculated on the basis of the 5th, where the default is 7 days is the password before the need to change the 7th day before the issue of warning.

7. The number of days after the password expires: When the password exceeds the number of days required to change, if the user still does not change the password, then the password expires, in the days after the expiration of the password can still log in when the user in the grace period of time to log in the system will force users to change the password, If the user does not change the password within the days of grace, then the password will expire permanently, and the account will expire only after the number of days after the password expires, so the total effective time for an account is 3+6+7.

8. Expiration Date: The date of the change is the same as the 3rd, which is calculated from January 1, 1970, after which the user's password expires regardless of whether or not the user has expired, the change date is usually used in a toll system that specifies that a user will not be able to use the user after the specified date.

9. Reserved parts

Calculates the number that the current date is converted to by 1970 years.

[[email protected] ~]# echo $ (($ (date +'%s')/86400+1))  16927

Calculates a number that has been converted over a 1970-year specified date

[[email protected] ~]# echo $ (($ (Date--date="2016-01-01" +'%s') )/86400+1))16802

Create user

Once you understand the concept above, you can create a user, and the command to create a user is Useradd, followed by a few main parameters.

[-u UID] [-G initial group ] [-G secondary Group ] [-m\m] [-C description ] [-D Home Directory absolute path ] [-s Shell] account name

- C,--comment comment user description-D,--home-dir home_dir user's home directory  -D--defaults Default User Configuration- E,--expiredate expire_date the expiration date of the user, it is necessary to specify the number calculated from January 1, 1970, for example, 16925 for the May 4, 2016 expires, corresponding to the 8th part of the password file-F,-- Inactive inactive Specify the time when the password expires, where the number is specified, such as 10 for the password in the expiration of 10 days can also log in but need to force change password after login, corresponding to the 7th part of the password file- G,--gid GROUP user's gid-g,-- Groups groups lists users can also add people to groups, secondary groups
  -H--Help Information  -K--Skel Skel_dir Use this alternative skeleton directory  -K--key Key=value override/etc/login.defs defaults  -L--No-log-init don't add the user to the Lastlog andFaillog Databases-M,--create-home mandatory to create home directory-m,--no-create-home force not to create home directory  -N--No-user-group does not create the same group name and user name as the user  -O--Non-unique allows the user uid to be created the same, by default the UID of the user is unique, plus the-o parameter can create the same UID without the user
  -P--password Password Specifies the password to create the user, where the password is stored in ciphertext, so you also need to know the ciphertext corresponding plaintext password is how much-R,--system create a system user- S,--shell shell specifies the user's shell-u,--uid uid Specifies the UID of the user  -U--User-group creates a user group name with the user name, which is the default

  - -- Selinux-user Seuser Use     a specific seuser for the SELinux user mapping

1. Create User test

Creating a user without parameters by default creates a user group with the same name, the password is empty, the UID and GID of the user are automatically added after 500 on the basis of the existing UID and GID, and the default permission to create a home directory with the same name is 700

[[email protected] ~]# Useradd Test[[email protected] ~]# grep Test/etc/passwd/etc/Shadow/etc/Group/etc/PASSWD:TEST:X:501:502::/Home/Test/Bin/Bash/etc/shadow:test:!!:16925:0:99999:7:::/etc/Group: test:x:502:

[Email protected] ~]# ll-d/home/test
DRWX------. 4 test test 4096 May 4 16:25/home/test

2. Create user new Note User is test, specify user UID is 600, user's group initial group is test, user's minor group is MySQL, specify user's expiration date (note that the expiration date here is also need to be converted by January 1, 1970), specify the user's expiration days

3. Create the system user old

A system user that is created has a specified home directory in the user file, but in fact does not create a directory for the user in the home directory, and the user mail notification directory is not created.

4. Create a user who is not allowed to log in

5. Specify User home Directory

Create a user home directory first

[Email protected] ~]# mkdir-p/test/~]# mkdir/test/home/testuser

Create a user and specify a home directory

[Email protected] ~]# useradd-d/test/home/ from Skel directory into it.

Note: The home directory here is the absolute path, that is, you specify that directory home directory is not in the directory you specify to create the directory, there will be warned that users can not copy the file home directory, because the permissions of the home directory is the right to create directory users, this time need to give home directory user owner.

[Emailprotected] ~]# chown testuser:testuser/test/home/~]# ll/test/4drwxr  24096 may  5:

Delete User

Userdel [Options] LOGIN

  -F,--                   force to remove the user, regardless of whether the user is using the                             
  -H,--help                    help info
  -R,--remove                  delete users and groups and delete user's home directory and Mail notification  directory -Z,--selinux-user            Delete selinux user

1. Delete users without parameters

Userdel TestUser

No parameter removal removes only the user, password, user group, and does not delete the user's home directory and the user's mail directory

2. Delete the user at the same time delete the user's home directory and Mail notification directory

Userdel-r Test

Removing users by using the-R parameter deletes both the user's home directory and the user's mail notification directory, and other user groups are not deleted if the user's user group is a user group that uses other users.

User groups

Create a user group

Groupadd GroupName

Delete a user group

Groupdel GroupName

Modify a user group

---H newname oldname---G newgid oldgid

There's not much to do with user groups alone, just a little bit more.

Summary

Modify the user here do not do a detailed explanation, with the creation of the user's syntax is not very different,

Note: pursuer.chen Blog:http://www.cnblogs.com/chenmh This site all the essays are original, welcome to reprint, but reprint must indicate the source of the article, and at the beginning of the article clearly give the link. Welcome to the exchange of discussions

Linux Create modify delete users and groups