Linux Learning Note Five (account management, group management)

This blog is mainly about account management and group management.

Content:

1. Manage User Commands Summary

   Useradd	With the AddUser command, execute this command to add a user to the system, which reads parameters and rules from/etc/login.defs and/etc/default/useradd, and adds records to/etc/passwd and/etc/group when the command is used. -C: Add a description. -d Specifies the home directory. -e: Account expiration date, format Mm/dd/yy. -F: The account expires a few days after the stop right, when 0 o'clock immediately stop right, when 1 when the Turn off this feature (default). -G: Specifies that a group belongs. -g specifies multiple groups. -M does not establish a user home directory. -s Specifies the shell type. The useradd-d parameter is omitted.
   passwd	Modify password command. -K is still available after the expiring user expires. -D Remove the user's password, root can use -l LOCK the user password, can only operate under root privileges -u unlock root only -F force operation, Root only -X two times the maximum number of days to change the password after the number root Only -n two times the minimum number of days to modify the password, followed by the number, root only -W in advance how many days to remind the user to change the password, root only -i password expires how many days after the user is banned, root only -s query user status, The password can only be read from the stdin root only --stdin.
   Usermod	Modify the user's command, you can use Usermod to modify the login name, user home directory and so on. -C Add description; -D Change the home directory for the new user. -E Plus user account stop time, date format is Mm/dd/yy -F user expires a few days after the permanent stop right, the value is 0 o'clock immediately stop right, when 1 is closed, the default is off. -G change user group. -G changes multiple user groups. Example: Usermod-c wuxiangdong-u 1806-g root,sa-s/bin/tcsh-d/tmp/wuxiangdong Wuxiangdong change user Expiration Time USERMOD-E Mm/dd/yy Wuxiangdong -L Lock User -U Unlock User
   Id	Query uid, GID, and the user group to which it belongs.
   Su	User Switching tool.
   Sudo	sudo executes the command through another user
   Visudo	Modify the sudo permissions command, modify the/etc/sudoers implementation
   Pwcov	Synchronizing from/etc/passwd to/etc/shadow
   Pwck	PWCK is verifying that the contents of the user profile/etc/passwd to the/etc/shadow file are legitimate or complete.
   Pwunconv	It is pwcov to create/etc/passwd from/etc/shadow and/etc/passwd, and then delete the/etc/shadow file.

   Chfn	Change the user Information tool. This is mainly to modify the finger information
   Finger	View the user Information tool.
   Sudoedit	Same as Sudo's function

   
   

   Userdel

   -R parameter can be deleted including the user's home directory, in the production environment is generally not directly delete the home directory, to prevent some scripts in the user's home directory is not standardized, you can choose to delete the Userdel user name, or the/etc/passwd to write off the user, Then make sure to delete the home directory without problems when you can give it.

   Chsh (You can learn)

   This command can change the user's shell type Example: View all shells in the current system Chsh-l Change the shell type of the user. Chsh-s/bin/tcsh Wuxiangdong

2. Groupadd	Increase the command for the user group. Related Documents/etc/group, /etc/gshadow -G: Specifies the GID value for the user group, unless the-o parameter (for example: Groupadd-g 1234-o Wuxiangdong) is not followed, otherwise The ID value must be a unique number (cannot be negative), and if you do not specify the-g parameter, the default value starts at 500. -R establishes the system user group. The GID value will be smaller than the uid_min in/etc/login.defs. -F Create a new user, forcing an existing user group account to be overwritten.
   Groupdel	Delete a user group
   Groupmod	change user group information
   Groups	Show user groups to which the user belongs
   Grpck
   Grpconv	The. Etc/gshadow is synchronized or created by/etc/gshadow the file contents, if/etc/gshadow is not present.
   Grpunconv	Synchronize or create/etc/group with/etc/group and/etc/gshadow file content, and then delete the Gshadow file.

4. change user password expiration related commands chage

   Chage

   Example: Wuxiangdong users can not change the password within 7 days, 60 days must change the password, 10 days before the expiration of the notification Wuxiangdong users, 30 days after the expiration of the user is forbidden to log in. Chage-m 7-m 60-w 10-i Wuxiangdong Change your account expiration date: CHAGE-E Mm/dd/yy Wuxiangdong View account information: Chage-l Wuxiangdong

6. /etc/skel

   The/etc/skel directory is the profile used to store the new user (the file is hidden by default), and when a new user is generated, the files in the file are copied to the new user's home directory, allowing the configuration of the new user to be unified, standard, and initialized.

8. /etc/login.defs configuration file

   Login.defs is to set the user account limit of the file, where we can configure the maximum number of days to expire password, password maximum length constraints and so on. The configuration in this file is not valid for the root user. If the same option is found in the/etc/shadow file, the settings in the/etc/shadow are the same, which means that the/etc/shadow configuration takes precedence over/etc/login.defs

10. /etc/default/useradd

12. The/etc/default/useradd file is a default profile that needs to be called when a user is added using Useradd, and can be modified and viewed using the useradd-d parameter.

14. Commands for some queries:

    
    

15. Id	The information used to query the user. such as which user groups belong to
    Finger	Basic information for users
    Users	There are a few in the login, what the user name is
    W	Which users are currently logged in
    W.H.O.	The currently logged on user
    Last	Last Login information
    Lastlog	Last login log
    Groups	Query owning Group

This article from "Tiandaochouqin" blog, declined reprint!

Linux Learning Note Five (account management, group management)