User and User group management
1. User and user group configuration files
/ETC/PASSWD Profile for user information
/etc/shadow configuration file for user password information
/etc/group Profile for user group information
/etc/gshadow configuration file for user group password information
To view the help description for a configuration file
1)/etc/passwd
View configuration file Help
Mans 5 passwd
There is one entry per line, and each line has the format:
Account:password:UID:GID:GECOS:directory:shell
Information for each line of users:
User name
Password ID :
X indicates that there is a password, if you remove x, you can log in without a password, you can only log on locally, each user's password file is stored in /etc/shadow , only root have read and Write permissions , the system to the shadow file to read password authentication.
with Households ID:
0 super users
1-499 system users (cannot be deleted, cannot log on for some service calls from the system)
500-65535 General Users
So to give a user a superuser, just modify their ID , the system through the ID to Manage each user , but their home directory remains unchanged
Group ID: initial group ID
Initial group (each user creates a starting group, the default group name is the user name)
Additional groups (one user can belong to more than one add group)
For more information about groups in /etc/group
User Description :
A description of the user can be omitted
Home Directory (host directory ):
Default directory when a user logs on
s Hell :
/sbin/nologin(temporarily restrict user login)
2)/etc/shadow
the permissions for the configuration file are the , only Root ability to read and write
Information for each line:
User name
Password :
* !! Indicates no password and cannot log in
Temporarily disable a user, encrypt the password before adding! , encrypted password conversion error, so login does not go in
Password last time Modify Time to be How many days after 1970.1.1 : time stamp
Two times Password change interval
The expiration date of the password (99999 Permanent Entry)
System warning time before password expiration
Grace time after password expiry, no login
account expiration time stamp
Reserved fields
3)/etc/group
Information for each line:
Group name
Group Password identification
Group ID
Additional users in the group
4)/etc/gshadow
Group name Group Password
Additional users in the Group Admins group
2. Additions, deletions and modifications of the user
Command name:useradd
Use:useradd option user name
Options:
-U specify uid
-g Specifies the initial group
-G add additional groups
-C Add User description
-S Specify user shell
Useradd-u 666-g test-c "test user" test1
Add a user test1, whose uid is 666, the initial group is the default initial group test1, and the additional group is Test, the description of it test user
Common useradd User name
Command name:passwd
passwd Direct Enter, set the password for the current user
passwd User name can only be used by root
Ordinary users can only change their own password, and can not add the user name, can only passwd carriage return, the normal user set password must follow the principle of complexity of password, not based on dictionary order, alphanumeric symbols
Passwd-l user name lock user Login/etc/shadow encryption password!!
Passwd-u user name unlock user login/etc/shadow encrypt password Remove!!
Note: After adding a user, you must add a password to the user, or the user cannot log in
Command name:Userdel
Use:userdel option user name
Option-R Delete user's home directory while deleting users
Userdel-r test1
Command name:usermod
Use:usermod option user name for users who have created existing
Options:
-U modify uid
-G Modify the initial group
-G Modify additional groups
-C Modify User description
-S Modify the user Shell
Attention:
1) The created user's default creation information can be viewed in /etc/default/useradd and /etc/login.defs , but some are invalid
2) The contents of the default creation user's home directory can be modified in /etc/skel ,skel for user-created templates
3. Adding, deleting and modifying user groups
Adding a group
Groupadd Group name
-G Specify gid
Groupmod option group name
-G Modify group ID
-N New group name
Delete a group
Groupdel Group name
There is an initial user in the group, the group cannot be deleted, the group has only additional groups, you can delete
To add a delete user to a group
GPASSWD option user name Group name
-A add
-D Delete
Gpasswd-a Test Group name
gpasswd-d Test Group name
Note: For users and user groups to add, delete, modify can not be through the command, directly modify the configuration file to operate.
Example: Delete a user
Delete a record in the /etc/passwd
Delete a record in the /etc/shadow
Delete a record in the /etc/group
Delete a record in the /etc/gshadow
Delete /home/ user
Delete The user's mailbox directory for the/etc/spool/mail/user
Additional commands:
Su Switch User
Su- user name
Note:- do not omit, omit --Switch User's environment variable does not change
Su- user name - C "command" allows the user to execute command commands without switching logins
ID User name
View ID informationfor this user:uid GID
Chage Changing the status of a password
Chage Option User name
Option:- L Displays the user's password information
Other options to modify the password status, directly by modifying the /etc/shadow Direct modification more convenient
freq used:chage-d 0 users Normal User A login prompt to change the password, the last modification of the password changed the time
linux--User and User group management