Linux User and user group management

Linux and Windows inter-pass files:

1. Xshell Securecet premise To use these two software to upload and download files using commands

2. Lrzsz Installing Yum install-y lrzsz

3. SZ upload from Linux to Windows usage sz 1.txt

4. RZ from Windows to Linux usage rz enter (file uploaded to current directory)

Linux user profile and password configuration file:

User Configuration Files

1. View the user profile, enter LS/ETC/PASSWD, and view the file input cat/etc/passwd.

[Email protected] ~]# LS/ETC/PASSWD

/etc/passwd

[Email protected] ~]# CAT/ETC/PASSWD

Root:x:0:0:root:/root:/bin/bash

Bin:x:1:1:bin:/bin:/sbin/nologin

Daemon:x:2:2:daemon:/sbin:/sbin/nologin

Adm:x:3:4:adm:/var/adm:/sbin/nologin

Lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin

Sync:x:5:0:sync:/sbin:/bin/sync

Shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown

Halt:x:7:0:halt:/sbin:/sbin/halt

Mail:x:8:12:mail:/var/spool/mail:/sbin/nologin

Operator:x:11:0:operator:/root:/sbin/nologin

Games:x:12:100:games:/usr/games:/sbin/nologin

Ftp:x:14:50:ftp User:/var/ftp:/sbin/nologin

Nobody:x:99:99:nobody:/:/sbin/nologin

SYSTEMD-BUS-PROXY:X:999:997:SYSTEMD Bus Proxy:/:/sbin/nologin

SYSTEMD-NETWORK:X:192:192:SYSTEMD Network Management:/:/sbin/nologin

Dbus:x:81:81:system message Bus:/:/sbin/nologin

Polkitd:x:998:996:user for Polkitd:/:/sbin/nologin

Tss:x:59:59:account used by the trousers package to sandbox the TCSD Daemon:/dev/null:/sbin/nologin

Postfix:x:89:89::/var/spool/postfix:/sbin/nologin

Sshd:x:74:74:privilege-separated Ssh:/var/empty/sshd:/sbin/nologin

Chrony:x:997:995::/var/lib/chrony:/sbin/nologin

Aming:x:1000:1000::/home/aming:/bin/bash //Starting from this is a newly created user

User1:x:1001:1001::/home/user1:/bin/bash

Aminglinux:x:1002:1002::/home/aminglinux:/bin/bash

For example, explain the meaning of each user line, such as User1:x:1001:1001::/home/user1:/bin/bash

1. Each user line is used: The number is divided into seven segments, the first is the root user, and the others are the users of the system.

2. User1 the first paragraph represents the user.

3. 1001:1001, the third paragraph and the fourth paragraph represent the UID, each user has an ID, it also belongs to a group, and its group ID is the fourth paragraph.

4. The second X, early is the password file.

5. The fifth paragraph is empty, this indicates user annotation information, has no substantive effect.

6. The sixth paragraph is the user's home directory, such as the normal user is/home/user1,root's home directory is root.

7. The seventh paragraph is the user shell, a user can log in first to have an interactive terminal, then we use XSEHLL or putty to login to CentOS to obtain a window, that window is the shell. /bin/bash indicates that the user is allowed to log in,/sbin/nologin indicates that they cannot log on, even if the password is set.

Password configuration file

1. View user profiles, enter Ls/etc/shadow, view file input cat /etc/passwd

[Email protected] ~]# Ls/etc/shadow

/etc/shadow

[Email protected] ~]# Cat/etc/shadow

root:$6$d/ka/dyhdjmyt3sm$mgvgaiq26dxli0z65uotoigg60tskcneaaxrbmnf/jz5phmuo5bb9rj7mzninvovakei1fvck30zo/ Wfudb.q1::0:99999:7:::

Bin:*:17110:0:99999:7:::

Daemon:*:17110:0:99999:7:::

Adm:*:17110:0:99999:7:::

Lp:*:17110:0:99999:7:::

Sync:*:17110:0:99999:7:::

Shutdown:*:17110:0:99999:7:::

Halt:*:17110:0:99999:7:::

Mail:*:17110:0:99999:7:::

Operator:*:17110:0:99999:7:::

Games:*:17110:0:99999:7:::

Ftp:*:17110:0:99999:7:::

Nobody:*:17110:0:99999:7:::

systemd-bus-proxy:!! : 17455::::::

systemd-network:!! : 17455::::::

dbus:!! : 17455::::::

polkitd:!! : 17455::::::

Tss:!! : 17455::::::

postfix:!! : 17455::::::

Sshd:!! : 17455::::::

chrony:!! : 17455::::::

aming:!! : 17464:0:99999:7:::

user1:!! : 17464:0:99999:7:::

aminglinux:!! : 17466:0:99999:7:::

1. This password profile/etc/shadow each line to the user profile/etc/passwd each row is one by one corresponding to the

2. Set password for user passwd aming, view password profile for two users (same password encryption is not the same)

650) this.width=650; "Src=" Https://s4.51cto.com/oss/201710/30/56100012c368d2cf5b0e3a3a2e90af99.png-wh_500x0-wm_3 -wmp_4-s_2665241773.png "title=" 1.1.png "alt=" 56100012c368d2cf5b0e3a3a2e90af99.png-wh_ "/>

For example, explain the meaning of each user line, such as: user1:!! : 17464:0:99999:7:::

1. This file is specifically used to control the user password, with: is divided into nine paragraphs, the first paragraph is the user name

2. The second paragraph is the user's password, the password is encrypted, and cannot be compiled.

3. The third paragraph is a number that represents the number of days. The number of days elapsed from January 1, 1970 to the time the password was changed.

4. The fourth paragraph indicates how many days before the password cannot be changed, how many geniuses can change the password, and the default is 0,0 to indicate unrestricted.

5. The fifth paragraph means that the password expires and the number of days after which the password must be changed.

6. The system will have a reminder of the period before the sixth password expires. For example, the period is set to seven days, when the password expires after seven days, the system is issued a warning, reminding the user password will expire in seven days.

7. The seventh paragraph indicates the expiration of the account, such as the period set to 3 days, the password expires after the password has not changed, three days after the user will be locked.

8. The eighth paragraph represents the life cycle of an account, similar to the third paragraph, the number of days from 19700101 accounts, account numbers can be used before this date, after the expiry of the password will be locked, can not be used.

9. The nineth paragraph is a reserved field and has no practical significance.

User Group Management:

1. View the user group management profile, enter Ls/etc/group, view the file content input Cat/etc/group, and the group password profile to view the input Cat/etc/gshadow.

2. Groupadd Create a new user group command, for example: Groupadd GRP1

3. You can assign an ID to a group while adding a group, and command Groupadd-g example:

[Email protected] ~]# GROUPADD-G 1005 GRP2

[Email protected] ~]# Tail-n3/etc/group

SLOCATE:X:21:

GRP1:X:1003:

GRP2:X:1005:

4. Delete Group, command Groupdel, Tail-n3 is the first three rows of the group under the view of the file/etc/group, for example:

[Email protected] ~]# Groupdel GRP1

[Email protected] ~]# Tail-n3/etc/group

AMINGLINUX:X:1002:

SLOCATE:X:21:

GRP2:X:1005:

5. Delete User1 group, prompt cannot delete, if need a group, if there is no user in this group. Group concept: A group contains a number of members, each member is a user, as long as there are any members within the group, you cannot delete this group.

[Email protected] ~]# Groupdel user1

Groupdel: Unable to remove the primary group for user "User1"

User management:

1. Useradd and adduser Create user command, example: Create user user2, enter command Useradd user2.

2. View a list of UID numbers for a user file/etc/passwd.

[Email protected] ~]# tail-n 3/etc/passwd

User1:x:1001:1001::/home/user1:/bin/bash

Aminglinux:x:1002:1002::/home/aminglinux:/bin/bash

User2:x:1003:1003::/home/user2:/bin/bash

3. Specify the UID and user group of the user while creating the user. Cases:

[Email protected] ~]# useradd-u 1004-g grp2 User3

[Email protected] ~]# tail-n 3/etc/passwd

Aminglinux:x:1002:1002::/home/aminglinux:/bin/bash

User2:x:1003:1003::/home/user2:/bin/bash

User3:x:1004:1005::/home/user3:/bin/bash

[Email protected] ~]#

4. Specify the home directory and shell while creating the user. Cases:

[Email protected] ~]# useradd-u 1006-g grp2-d/home/aming111-s/sbin/nologin user4

[Email protected] ~]# tail-n 3/etc/passwd

User2:x:1003:1003::/home/user2:/bin/bash

User3:x:1004:1005::/home/user3:/bin/bash

User4:x:1006:1005::/home/aming111:/sbin/nologin

[Email protected] ~]# ls/home/

aming aming111 aminglinux user1 user2 User3

5. When creating a user, specify that the home directory cannot be established, for example:

[[email protected] ~]# useradd-m User5//-m The role of creating a user without going to create a home directory, its home directory is/HOME/USER5, but not created.

[Email protected] ~]# tail-n 3/etc/passwd

User3:x:1004:1005::/home/user3:/bin/bash

User4:x:1006:1005::/home/aming111:/sbin/nologin

User5:x:1007:1007::/home/user5:/bin/bash

Question: Can gid start with other numbers, examples:

1. Suppose you first create a group GRP3 and specify that the GID is 1010.

[Email protected] ~]# groupadd-g 1010 GRP3

2. When creating a new user User6, specify the group as GRP3.

[Email protected] ~]# useradd-g GRP3 User6

3. To view the GID number specified by the user and group, see the GID jump from 7 to 10 directly from the fifth paragraph.

[Email protected] ~]# TAIL-N5/ETC/PASSWD

User2:x:1003:1003::/home/user2:/bin/bash

User3:x:1004:1005::/home/user3:/bin/bash

User4:x:1006:1005::/home/aming111:/sbin/nologin

User5:x:1007:1007::/home/user5:/bin/bash

User6:x:1008:1010::/home/user6:/bin/bash

4. Create User User7

[Email protected] ~]# Useradd User7

5. View User7gid is 1009

[Email protected] ~]# TAIL-N5/ETC/PASSWD

User3:x:1004:1005::/home/user3:/bin/bash

User4:x:1006:1005::/home/aming111:/sbin/nologin

User5:x:1007:1007::/home/user5:/bin/bash

User6:x:1008:1010::/home/user6:/bin/bash

User7:x:1009:1009::/home/user7:/bin/bash

Conclusion: GID has nothing to do with the above figures, and will not increase according to the GID, only increase according to the UID.

6.userdel Delete User command, example: Delete User User8

[Email protected] ~]# Userdel User8

[Email protected] ~]# TAIL-N3/ETC/PASSWD

User5:x:1007:1007::/home/user5:/bin/bash

User6:x:1008:1010::/home/user6:/bin/bash

User7:x:1009:1009::/home/user7:/bin/bash

7.userdel-r the user's home directory while deleting the user. Reason: Delete the user when worried about accidentally delete the user's files, want to delete the user's home directory permissions left to the administrator, so delete users when not directly delete the user home directory, plus-R can directly delete users and user home directory.

[Email protected] ~]# ls/home/

aming aming111 aminglinux user1 user2 user3 user6 user7 User8

[[email protected] ~]# Rm-rf/home/user8//delete user User8 home directory separately

[[email protected] ~]# userdel-r User7//For example, delete user User7 and home directory directly

[Email protected] ~]# ls/home/

aming aming111 aminglinux user1 user2 user3 User6

Knowledge Points:

1. If you want to hit two commands on a single line of terminals, you can use; split open, such as:

[Email protected] ~]# Head-n1/etc/shadow:tail-n2/etc/shadow

2. Use LS to view the following files, remember to enter the command using the TAB key or ls/etc/passwd* carriage return, the file with a minus sign is the system automatically for these files for backup, if you accidentally deleted the file or the user deleted, the file copy can also be restored, if the backup file is not updated, May cause two file information to be inconsistent.

650) this.width=650; "Src=" Https://s4.51cto.com/oss/201710/30/ef1f5ac06e19211c53c22f24d941ef23.png-wh_500x0-wm_3 -wmp_4-s_4052547488.png "title=" 1.png "alt=" Ef1f5ac06e19211c53c22f24d941ef23.png-wh_ "/>

This article is from the "Gary Blog" blog, please be sure to keep this source http://taoxie.blog.51cto.com/10245493/1977596

Linux User and user group management