Linux user and group management
I. Overview:
1. Three types of users in Linux:
(1) Super User (root) has all permissions of the operating system. The UID value is 0.
(2) general users have limited operating system permissions. UID value: 500 ~ 6000
(3) the pseudo-user is designed to facilitate system management and meet the requirements of the corresponding system process file owner. The pseudo-user cannot log on, and the UID value is 1 ~ 499
Ii. User account files
1. Password File:/etc/passwd
2. shadow password file:/etc/shadow
Only the root user has the modification permission for the above files
Iii. User Account Management
1. Create an account
Format: useradd [<option>] <User Name>
Example: useradd-gstuff-e 8/31/2005 pp
Useradd Command Options
-Uuid: Specify the uid of the new user. By default, the current maximum UID is used to add 1.
-Ggroup: Specifies the group (private group) of the new user. This group must exist.
-Ggroup: specify an additional group for the new user.
-Ddir: Specifies the directory of the new user.
-Sshell: Specifies the Shell used by new users. The default value is bash.
-Ccomment: Additional information about a new user, such as the full name.
-Eexpire: Specifies the user's logon expiration time (08/31/2005)
-M: Create a new user's own directory
2. Create user account command useradd/adduser
In Red Hat Linux, no matter whether the adduser or useradd command is executed, it actually points to the file/usr/sbin/useradd. Therefore, you only need to select a command to execute it:
Useraddpp: Create a pp account
Passwd pp: Set the password
3. Create and delete user accounts
Create an account:
Useradd-g stuff-e 08/31/2005 pp
Passwd pp
Set a password for pp to create a user pp belonging to the stuff group. The logon expiration time is
Delete an existing user account
Userdel-r pp
The DELETE command userdel parameter-r is used to delete all user information (including the home directory)
4. Disable, restore, and delete accounts
Disable
Usermod-L username Disabled Account
Passwd-l username Password Disabled
Restore
Usermod-U username resume Disabled Account
Passwd-u username resume disabled Password
Delete
Userdel-r u1: delete account U1 and Home Directory
-R: Delete the home directory.
Note: The command usermod is not the same as passwd in the function of disabling and recovering accounts.
5. Disable and delete user accounts
Disabling an account means that users are not allowed to log on to the system for the moment, and their data must be retained. You can edit the/etc/passwd file and mark the row of the account to be stopped.
Iv. Group Management
1. Component
(1) private group (g)
When creating a new user, if no group is specified, RedHat creates a private group with the same name as the user.
(2) Standard Workgroup (G)
A standard group can accommodate multiple users. If you use a standard group, you should specify the group to which a new user belongs when creating a new user.
(3) group files
/Etc/group
2. Create, delete, and modify a group
Groupadd-g 888 group2: Create a group group2 with a GID of 888
Groupdel group2: Delete Group group2
Groupmod-n group22 group2: Modify group2 group name group22
3. id command
Function: view the UID and GID of a user.
Format: id [Option] User Name
Parameters:
-G: only the GID of the user group is displayed.
-G: only the GID of the user's affiliated group is displayed.
-U: displays UID only.
4. finger command
You can view user information, including the user's own directory, startup shell, and user name.
Format: finger [Option] account
-L is displayed in long cells. The default option is
-S is displayed in short Cells
5. chfn and chsh
(1). chfn function: Change User Information
Format: chfn account
Chfnpp: Change pp user information
(2). chsh function: Change the startup shell
Format: shell modified by chsh-s
[Pp @ linuxpp] # chsh-s/bin/bash change the shell of pp to/bin/bash