8) There is a class of users in the system called Pseudo-user (Psuedo users).
These users also occupy a record in the/etc/passwd file, but cannot login, because their landing shell is empty, their existence is mainly convenient system management, to meet
The corresponding system process requires the owner of the file.
Common pseudo-users are as follows:
Pseudo user meaning
Bin has an executable user command file
SYS has system files
ADM has account files
UUCP UUCP Use
Mobody NF5 Use
Own account File
1. In addition to the pseudo-users listed above, there are many standard pseudo-users, such as Audit,cron,mail, Usenet, etc., which are also required for related processes and files.
Because the/etc/passwd file is readable by all users, if the user's password is too simple or the rule is obvious, a normal computer can easily be able to break him
, so the security requirements of the Linux system are separated from the encrypted password, there is a separate file, this file is a/etc/shadow file, there are super users
To have the file Read permission, which guarantees the security of the user's password.
2, the record line in the/etc/shadow corresponds to one by one in the/etc/passwd, it is automatically generated by the Pwconv command according to the data in the/etc/passwd its file format and
/ETCPASSWD is similar, consisting of several fields, separated by: The fields are:
Login Name: Encrypted password: Last modified: Minimum time interval: Maximum time interval: Warning Time: Inactivity time: Expiry time: Flag
1. The login name is the user account that matches the login name in the/etc/passwd file
2. The password field is encrypted after the user password Word, the length of my 13 characters, if it is empty, then the corresponding user does not have a password, login does not require a password;
Contains characters that are not part of the collection {./0-9a-za-z}, the corresponding user cannot log on.
3. The last modification time represents the number of days from the time the user last modified the password, which may not be the same for different systems, such as SCO
Linux, this point in time is January 1, 1970.
4. The minimum time interval refers to the minimum number of days required between changing the password two times.
5. The maximum time interval refers to the maximum number of days the password remains valid.
The 6 warning Time field represents the number of days from the beginning of the system warning user to the official expiration of the user's password.
7. Inactivity time indicates the maximum number of days that a user does not have a login activity but the account remains valid.
8 The Expiration Time field gives an absolute number of days, if this field is used, then the lifetime of the corresponding account is given, and after expiration, the account is no longer a valid account.
That is, it can no longer be used for landing.
Here is an example of/etc/shadow:
# Cat/etc/shadow
3. All the information of the user group is stored in the/etc/group file.
Grouping users is a means of managing and controlling access to users in a Linux system.
Each user belongs to a group of users, a group can have multiple users, and a user can belong to a different group.
When a user is a member of multiple groups at the same time, the primary group that the user belongs to is recorded in the/etc/passwd file, which is the default group to which the login belongs, and the other groups are called additional groups.
When a user accesses a file that belongs to an additional group, they must first use the NEWGRP command to be a member of the group to which they want to access.
All information for the user group exists in the/etc/group file. The format of this file is also similar to the/etc/passwd file, separated by a colon: several fields, which are:
Group Name: password: Group identification number: List of users in the group
1. The group name is the name of the user group, consisting of letters or numbers, and the group name should not be duplicated as the login name in/etc/passwd.
2. Password field is stored in the user group after the password word, the general Linux system user groups do not have a password, that is, this field is generally empty, or is *
3. The group identification number is similar to the user identification number and is an integer that is used internally by the system to identify the group.
4 The list of users within the group is a comma-separated list of all users belonging to this group, which may be the user's primary group or an additional group.
An example of the/etc/group file is as follows:
。。。。
Four Add bulk users
Adding he removes users to every Linux system administrator is a breeze, the tricky thing is if you want to add dozens of, hundreds or even thousands of users, we
It is unlikely to use Useradd to add a single one, it is necessary to find a simple way to create a large number of users, the Linux system provides a tool to create a large number of users, can let
You create a large number of users immediately, by doing the following:
(1) Edit a file user file first.
Each column is written according to the format of the/etc/passwd password file, note that each user's username UID host directory can not be the same, where the password bar can be left to do
Blank or enter the x number, an example file User.txt content as follows:
(2) Execute the command/usr/sbin/newusers as root, import the data from the user file user.txt that you just created, create the user:
# NewUsers < User.txt You can then execute the command VIPW or vi/etc/passwd check if the/etc/passwd file has already appeared for these user's data, and the user's
Whether the host directory has been created.
(3) Execute command/usr/sbin/pwunconv.
/etc/shadow generated by the shadow password decoding, and then write back to/etc/passwd, and the/etc/shadow of the shadow password column deleted, this is to facilitate the next password
The conversion work, that is, the first cancellation shadow password function.
# Pwunconv
(4) Edit the password control file for each user.
Sample file Passwd.txt content is as follows:
(5) Execute the command as root/usr/sbin/chpasswd
Creating a user Password CHPASSWD writes the password encoded by the/USR/BIN/PASSWD command to the/etc/passwd password bar.
# CHPASSWD < Passwd.txt
(6) After you have determined that the password has been encoded into the/etc/passwd password bar.
Executes the command/USR/SBIN/PWCONV encodes the password to shadow password and writes the result to/etc/shadow
# Pwconv
This completes the creation of a large number of users, after which you can check whether these user host directories have the correct permission settings and log in to verify the user's password
is correct.
Linux User He user group management