linux--User and User group management

User and User group management

1. User and user group configuration files

/ETC/PASSWD Profile for user information

/etc/shadow configuration file for user password information

/etc/group Profile for user group information

/etc/gshadow configuration file for user group password information

To view the help description for a configuration file

1)/etc/passwd

View configuration file Help

Mans 5 passwd

There is one entry per line, and each line has the format:

Account:password:UID:GID:GECOS:directory:shell

Information for each line of users:

User name

Password ID :

X indicates that there is a password, if you remove x, you can log in without a password, you can only log on locally, each user's password file is stored in /etc/shadow , only root have read and Write permissions , the system to the shadow file to read password authentication.

with Households ID:

0 super users

1-499 system users (cannot be deleted, cannot log on for some service calls from the system)

500-65535 General Users

So to give a user a superuser, just modify their ID , the system through the ID to Manage each user , but their home directory remains unchanged

Group ID: initial group ID

Initial group (each user creates a starting group, the default group name is the user name)

Additional groups (one user can belong to more than one add group)

For more information about groups in /etc/group

User Description :

A description of the user can be omitted

Home Directory (host directory ):

Default directory when a user logs on

s Hell :

/sbin/nologin(temporarily restrict user login)

2)/etc/shadow

the permissions for the configuration file are the , only Root ability to read and write

Information for each line:

User name

Password :

*  !! Indicates no password and cannot log in

Temporarily disable a user, encrypt the password before adding! , encrypted password conversion error, so login does not go in

Password last time Modify Time to be How many days after 1970.1.1 : time stamp

Two times Password change interval

The expiration date of the password (99999 Permanent Entry)

System warning time before password expiration

Grace time after password expiry, no login

account expiration time stamp

Reserved fields

3)/etc/group

Information for each line:

Group name

Group Password identification

Group ID

Additional users in the group

4)/etc/gshadow

Group name Group Password

Additional users in the Group Admins group

2. Additions, deletions and modifications of the user

Command name:useradd

Use:useradd option user name

Options:

-U specify uid

-g Specifies the initial group

-G add additional groups

-C Add User description

-S Specify user shell

Useradd-u 666-g test-c "test user" test1

Add a user test1, whose uid is 666, the initial group is the default initial group test1, and the additional group is Test, the description of it test user

Common useradd User name

Command name:passwd

passwd Direct Enter, set the password for the current user

passwd User name can only be used by root

Ordinary users can only change their own password, and can not add the user name, can only passwd carriage return, the normal user set password must follow the principle of complexity of password, not based on dictionary order, alphanumeric symbols

Passwd-l user name lock user Login/etc/shadow encryption password!!

Passwd-u user name unlock user login/etc/shadow encrypt password Remove!!

Note: After adding a user, you must add a password to the user, or the user cannot log in

Command name:Userdel

Use:userdel option user name

Option-R Delete user's home directory while deleting users

Userdel-r test1

Command name:usermod

Use:usermod option user name for users who have created existing

Options:

-U modify uid

-G Modify the initial group

-G Modify additional groups

-C Modify User description

-S Modify the user Shell

Attention:

1) The created user's default creation information can be viewed in /etc/default/useradd and /etc/login.defs , but some are invalid

2) The contents of the default creation user's home directory can be modified in /etc/skel ,skel for user-created templates

3. Adding, deleting and modifying user groups

Adding a group

Groupadd Group name

-G Specify gid

Groupmod option group name

-G Modify group ID

-N New group name

Delete a group

Groupdel Group name

There is an initial user in the group, the group cannot be deleted, the group has only additional groups, you can delete

To add a delete user to a group

GPASSWD option user name Group name

-A add

-D Delete

Gpasswd-a Test Group name

gpasswd-d Test Group name

Note: For users and user groups to add, delete, modify can not be through the command, directly modify the configuration file to operate.

Example: Delete a user

Delete a record in the /etc/passwd

Delete a record in the /etc/shadow

Delete a record in the /etc/group

Delete a record in the /etc/gshadow

Delete /home/ user

Delete The user's mailbox directory for the/etc/spool/mail/user

Additional commands:

Su Switch User

Su- user name

Note:- do not omit, omit --Switch User's environment variable does not change

Su- user name - C "command" allows the user to execute command commands without switching logins

ID User name

View ID informationfor this user:uid GID

Chage Changing the status of a password

Chage Option User name

Option:- L Displays the user's password information

Other options to modify the password status, directly by modifying the /etc/shadow Direct modification more convenient

freq used:chage-d 0 users Normal User A login prompt to change the password, the last modification of the password changed the time

linux--User and User group management