Linux Learning 16-linux user Management

Linux User Management

Linux systems, like Windows systems, can create different users, different groups of users. Using the system under different users has the appropriate permissions

1. When creating a normal user, several files are modified and some initial files are copied to the user's home directory

The modified file path is

/etc/passwd

/etc/shadow

/etc/group

/etc/gshadow

Files copied to the user's home directory are

. bash_logout. Bash_profile. BASHRC

If you mistakenly delete these three files under the root user, and then switch back to the root user, it will not be successful, the workaround is:

The original storage path for these three files is/etc/skel/,

Simply copy it back to the root home directory: cp/etc/skel/.bash*.

Finally executes the command source. Bash_profile Solve the problem

2. Detailed introduction of/ETC/PASSWD

SASLAUTH:X:499:76:SASLAUTHD User:/var/empty/saslauth:/sbin/nologin

Postfix:x:89:89::/var/spool/postfix:/sbin/nologin

Sshd:x:74:74:privilege-separated Ssh:/var/empty/sshd:/sbin/nologin

Tcpdump:x:72:72::/:/sbin/nologin

Localhost:x:500:500::/home/oldboy:/bin/bash

CAT/ETC/PASSWD intercept part of the content

First column: User name

Second column: X for password

Third column: UID (unique number per user)

Fourth column: GID (unique number per group)

Fifth Column: Remarks (You can specify a note by entering the USERADD-C user name when you create the user)

Sixth column: Home directory

Column Seventh: Specifies the role of Shell interpreter Shell used after login: The user's command is parsed and passed to the kernel for execution.

Execute command cat/etc/shells View the Shell interpreter category

[Email protected] ~]# Cat/etc/shells

/bin/sh

/bin/bash

/sbin/nologin

/bin/dash

/bin/tcsh

/bin/csh

3. Detailed introduction of/etc/shadow

saslauth:!! : 17613::::::

postfix:!! : 17613::::::

Sshd:!! : 17613::::::

tcpdump:!! : 17613::::::

Localhost:$6$k3vi5v8s$yf1lqdfvk0nx5uvndaqyje9voufhadvk5og7n3kolw4ayg.za/ft2kmu4uhe1w8ejn1il.trbemydwdb7qt66. : 17624:0:99999:7:::

Cat/etc/shadow intercept part of the content, can be ordered by the man 5 shadow View instructions

First column: User name

Second column: Password after encryption (no password is two!)

Third column: Time of last password change (number of days from 1970)

Fourth column: Password minimum usage time, 0 means no limit (cannot change password frequently)

Fifth column: Maximum password use time (limit the period of password change)

Sixth column: Password warning period (early reminder password expiration time)

Seventh column: Password disable cycle (disables the user's cycle after the password expires)

Eighth column: Specify a specific date for password expiration

Nineth column: Reserved

4, the principle of creating users

Cat/etc/default/useradd Viewing the default configuration

[Email protected] ~]# Cat/etc/default/useradd

# useradd defaults file

group=100

The base directory for the Home=/home home directory

The number of days before the account is completely disabled after the Inactive=-1 password expires

Expire= Expiration Time

Shell=/bin/bash specifying the default shell interpreter

Skel=/etc/skel Specifying skeleton Directories

Create_mail_spool=yes whether to create a mailbox

5, the scope of the UID

0-100 Linux System Reservation

101-499 System Account (service)

500-60000 General Users

6. Useradd command

Parameters and Description Options:

-G--gid group name or ID of the primary group of the new account

Specify user group Useradd-g group ID b5 or useradd-g group name B5

Example:

Useradd-g 814 B5 or useradd-g incahome b5

-G--groups Groups List of supplementary groups of the new account

Specify multiple user groups, useradd-g multiple group names or group ID user names

Example:

Useradd-g test,incahome,a1 b6

-M--create-home Create the home directory of the user ' s home

-M--no-create-home do not create home directory for the user ' s home directories

Example:

Useradd-m-s/sbin/nologin B8

-p--password Password encrypted password of the new account

Specify a password for fixed encryption

Example:

Useradd-p ' EZNHDD48MHKGW ' C1

How to generate an encrypted password OpenSSL passwd 123456

-S--shell Shell login shell of the new account

Do not log in

Example:

Useradd-m-s/sbin/nologin B9

-u--uid UID User ID of the new account

Specify user UID to allow multiple machines to share files synchronously

Cases:

[Email protected] ~]# useradd-u 608 web

[[email protected] ~]# ID Web

uid=608 (web) gid=608 (web) groups=608 (web)

Infrequently used parameters

-B Specify the base directory

-C Specify Note information

-D Specify the user's home directory

-E Expiration Time

-F Disable Time

7. Chage command

This command is used for password aging management. It can modify the expiration date of the account and password

[Email protected] ~]# chage

Usage: chage [options] Login

Options:

-D,--lastday Last date set the most recent password setting time to "Last Date"

-E,--expiredate expiration date set account expiration to "Expiration date"

-H,--help displays this help information and launches

-I,--inactive inacitve expired inactive days after the password is set to a failed state

-L,--list display account age information

-M,--mindays the minimum number of days to change the minimum number of days between passwords is set to "minimum days".

-M,--maxdays maximum number of days will change two times the maximum number of days between passwords is set to "Maximum days"

-R,--root Chroot_dir CHROOT to the directory

-W,--warndays warning days set expiration warning days to "warning days"

8. Other Related commands

Usermod Modifying user parameters

Groups view the group that the user is in

NEWGRP Switch User Group, if you switch to another user's user group, you need to enter the group group password

GPASSWD Setting the group password

Bo Master original articles, reproduced please be sure to indicate the source

Linux Learning 16-linux user Management