Linux-user and User Group Management
User and User Group Management
1. User and user group configuration files
/Etc/passwd user information configuration file
/Etc/shadow User Password Configuration File
Configuration file of/etc/group user group information
/Etc/gshadow user group password configuration file
View the help description of the configuration file
1)/etc/passwd
View configuration file help
Man 5 passwd
There is one entry per line, and each line has the format:
Account: password: UID: GID: GECOS: directory: shell
User information for each row:
User Name
Password ID:
X indicates that there is a password. If you remove x, you can log on without a password. You can only log on locally. each user's password file is stored in/etc/shadow. Only the root user has the read and write permissions, when you log on to the system, the system reads the password verification from the shadow file.
User ID:
0 Super Users
1-499 system users (users cannot be deleted or logged on for some system services)
500-65535 common users
Therefore, to authorize a user as a Super User, you only need to modify its id. The system manages each user through the id, but its home directory remains unchanged.
Group id: initial group id
Initial group (when each user creates a starting group, the default group name is the user name)
Additional group (one user can belong to multiple add groups)
The detailed information about the group is in/etc/group.
User description:
User description can be omitted
Home Directory (Home Directory ):
Default directory for User Login
Shell:
/Sbin/nologin (temporarily restrict user logon)
2)/etc/shadow
The configuration file has the permission of 000, and only the root user can read and write the configuration file.
Information of each row:
User Name
Password:
*!! Indicates no password and cannot log on
Temporarily disable a user. encrypt the password before adding !, The encrypted password is incorrectly converted, so you cannot log on.
How many days after the last password modification time is 1970.1.1: Timestamp
Interval between two password changes
Password validity period (99999 valid permanently)
System warning time before Password Expiration
Password Expiration grace time, login prohibited
Account Expiration Timestamp
Reserved Field
3)/etc/group
Information of each row:
Group Name
Group password ID
Group id
Additional users in the group
4)/etc/gshadow
Encrypted password !!
Passwd-u user name to unlock user login/etc/shadow encryption password removed !!
Note: After adding a user, you must add a password for the user. Otherwise, the user cannot log in.
Command name: userdel
Use userdel option Username
Option-r: Delete the user's home directory while deleting the user
Userdel-r test1
Command name: usermod
Use: usermod
Option:
-U: Modify uid
-G: Modify the initial group
-G: Modify additional group
-C modify user description
-S: Modify the User shell
Note:
1) The default creation Information of the created user can be viewed in/etc/default/useradd and/etc/login. defs, but some of them are invalid.
2) by default, the content in the home directory of the user can be modified in/etc/skel. skel is the template created by the user.
3. add, delete, and modify user groups
Add Group
Groupadd group name
-G specifies the gid
Groupmod option group name
-G: Modify the group id.
-N new group name
Delete Group
Groupdel group name
If an initial user exists in the group, the group cannot be deleted. If there is only an additional group in the group, the group can be deleted.
Add or delete a user to a group
Gpasswd option user name group name
-A add
-D Delete
Gpasswd-a test group name
Gpasswd-d test group name
Note: You can directly modify the configuration file without using commands to add, delete, or modify users and user groups.
For example, deleting a user
Delete a record in/etc/passwd
Delete a record in/etc/shadow
Delete a record in/etc/group
Delete a record in/etc/gshadow
Delete/home/user
Delete/etc/spool/mail/user's email directory
Additional command:
Su switching user
Su-User Name
Note:-cannot be omitted or omitted-. The environment variables for switching users have not changed.
Su-user name-c "command" asked the user to execute the command without switching the logon
Id Username
View the id of this user: uid gid
Change the password status of a chage
Chage option User Name
Option:-l displays the password of the user.
You can modify the password status by modifying/etc/shadow.
Frequently-used: chage-d 0 a common user prompts to change the password upon login. The last modification time of the password has changed.