Linux users and user groups

In the private house of laruence, we have introduced Linux users and user groups in detail. But when we started playing, we should prefer 777 .... Helpless, people always need to evolve. I have reorganized some information about users and user groups, and I will not describe the command parameters that are not commonly used.

1. User 1-1. User Type

A. administrator root: users with all permissions. The UID value is 0.

B. normal user: the user we created normally. The UID is 500 ~ 60000.

C. System users: ensure that users running the system do not provide a password to log on to the system. The UID is 1 ~ 499.

1-2. User Related Files

User-related files include/etc/passwd and/etc/shadow.

A./etc/passwd

Stores the basic attributes of a user. You can view all users in Linux from this file. Format:

[User name: Password: User ID: User master group ID: User details (such as name, age, phone number, etc.): user root directory: User Programming Environment]

Each user has one primary group (private group), one or more additional groups.

B./etc/shadow

Some policies for storing user passwords, in the format:

[User name: Password: Date on which the password was recently changed: days when the password cannot be changed: days when the password needs to be changed again: warning period before the password is changed: grace period when the password expires: account Expiration date: retained]

1-3. USER commands

1. New User: useradd-d root directory-g main group-G additional group list (separated by commas) Username

2. Reset Password: passwd User Name

3. modify user: usermod-d root directory-g main group-G additional group list (separated by commas) username --------- the command-G will remove the user from the original additional group, you can use the-a parameter to specify the new mode.

4. delete a user: userdel-r. Delete the user name together with the root directory.

5. View All users: cat/etc/passwd

6. view the details of a single user: id Username

7. view all currently logged-on users: who

2. User Group 2-1. User Group type

A user group is a user's container. You can inherit permissions from the user group.

A. Common User Group: You can add multiple users.

B. System User Group: Generally, some system users are added.

C. Private user group: if a user group is not specified During User Creation, a user group with the same name will be created for the user. Private user groups are also common user groups.

2-2. User Group related files

User-related files include/etc/group and/etc/gshadow.

A./etc/group

Stores basic information about a group. Format:

[Group Name: group password: Group ID: User List]

B./etc/gshadow

Refer to the user's/etc/shadow

2-3. User Group commands

1. Add group: groupadd-g UID group name --------- automatically generated if no UID is specified.

2. Modify group: groupmod-n group name new group name ---------- can be used to group names.

3. Delete group: groupdel group name ------------- if there are still users in the group, the group cannot be deleted.

4. View All groups + view users in a group: cat/etc/group.

5. view the user group information: id Username

Output:

Uid = 501 (weinianjie) gid = 501 (weinianjie) groups = 501 (weinianjie), 0 (root)

Gid is the primary group and groups is the additional group.

6. Add the user to the group: gpasswd-a username group name

7. Remove the user from the group: gpasswd-d user group name

3. default file and folder Permissions

What is the default permission for creating a file or folder?

This is related to the Environment mask. The Global Environment mask is configured in/etc/profile. You can create a. bashrc file in your root directory and write it to umask xxx to set the private mask. Of course, you can also use the umask command to set the mask on the current terminal, but it will be reset after the next login. This is the same as PATH.

You can directly view the mask of the current environment using umask xxxx. umask xxxx can temporarily change the mask of the current environment.

After talking so much, how can we understand umask?

Our files or folders have the rwxrwxrwx permission, that is, 777. The mask has four bits. The first is the so-called guid. Generally, it is 0 or no 1st bits are written directly. Instead, a three-bit mask is used.

777-mask = permission for creating a directory;

666-mask = permission for creating a file.

For example, if the mask is 022 (or 0022), the permission for creating a new directory is 755, that is, rwxr-xr-x; the permission for creating a new file is 644, that is, rw-r --. For the sake of security, Linux does not allow the newly created file to have the x attribute. Therefore, the maximum permission for creating a new file is 666, Which is why 666 is required for the file. If there is-1 after subtraction, it is treated as 0.