This blog is mainly about account management and group management.
Content:
Manage User Commands Summary
Useradd
|
With the AddUser command, execute this command to add a user to the system, which reads parameters and rules from/etc/login.defs and/etc/default/useradd, and adds records to/etc/passwd and/etc/group when the command is used. -C: Add a description. -d Specifies the home directory. -e: Account expiration date, format Mm/dd/yy. -F: The account expires a few days after the stop right, when 0 o'clock immediately stop right, when 1 when the Turn off this feature (default). -G: Specifies that a group belongs. -g specifies multiple groups. -M does not establish a user home directory. -s Specifies the shell type. The useradd-d parameter is omitted. |
passwd |
Modify password command. -K is still available after the expiring user expires. -D Remove the user's password, root can use -l LOCK the user password, can only operate under root privileges -u unlock root only -F force operation, Root only -X two times the maximum number of days to change the password after the number root Only -n two times the minimum number of days to modify the password, followed by the number, root only -W in advance how many days to remind the user to change the password, root only -i password expires how many days after the user is banned, root only -s query user status, The password can only be read from the stdin root only --stdin. |
Usermod |
Modify the user's command, you can use Usermod to modify the login name, user home directory and so on. -C Add description; -D Change the home directory for the new user. -E Plus user account stop time, date format is Mm/dd/yy -F user expires a few days after the permanent stop right, the value is 0 o'clock immediately stop right, when 1 is closed, the default is off. -G change user group. -G changes multiple user groups. Example: Usermod-c wuxiangdong-u 1806-g root,sa-s/bin/tcsh-d/tmp/wuxiangdong Wuxiangdong change user Expiration Time USERMOD-E Mm/dd/yy Wuxiangdong -L Lock User -U Unlock User |
Id |
Query uid, GID, and the user group to which it belongs. |
Su |
User Switching tool. |
Sudo |
sudo executes the command through another user |
Visudo |
Modify the sudo permissions command, modify the/etc/sudoers implementation |
Pwcov |
Synchronizing from/etc/passwd to/etc/shadow |
Pwck |
PWCK is verifying that the contents of the user profile/etc/passwd to the/etc/shadow file are legitimate or complete. |
Pwunconv |
It is pwcov to create/etc/passwd from/etc/shadow and/etc/passwd, and then delete the/etc/shadow file. |
Chfn |
Change the user Information tool. This is mainly to modify the finger information |
Finger |
View the user Information tool. |
Sudoedit |
Same as Sudo's function |
Userdel |
-R parameter can be deleted including the user's home directory, in the production environment is generally not directly delete the home directory, to prevent some scripts in the user's home directory is not standardized, you can choose to delete the Userdel user name, or the/etc/passwd to write off the user, Then make sure to delete the home directory without problems when you can give it. |
Chsh (You can learn) |
This command can change the user's shell type Example: View all shells in the current system Chsh-l Change the shell type of the user. Chsh-s/bin/tcsh Wuxiangdong |
-
Groupadd |
Increase the command for the user group. Related Documents/etc/group, /etc/gshadow -G: Specifies the GID value for the user group, unless the-o parameter (for example: Groupadd-g 1234-o Wuxiangdong) is not followed, otherwise The ID value must be a unique number (cannot be negative), and if you do not specify the-g parameter, the default value starts at 500. -R establishes the system user group. The GID value will be smaller than the uid_min in/etc/login.defs. -F Create a new user, forcing an existing user group account to be overwritten. |
Groupdel |
Delete a user group |
Groupmod |
change user group information |
Groups |
Show user groups to which the user belongs |
Grpck |
|
Grpconv |
The. Etc/gshadow is synchronized or created by/etc/gshadow the file contents, if/etc/gshadow is not present. |
Grpunconv |
Synchronize or create/etc/group with/etc/group and/etc/gshadow file content, and then delete the Gshadow file. |
|
|
|
|
|
|
change user password expiration related commands chage
Chage |
Example: Wuxiangdong users can not change the password within 7 days, 60 days must change the password, 10 days before the expiration of the notification Wuxiangdong users, 30 days after the expiration of the user is forbidden to log in. Chage-m 7-m 60-w 10-i Wuxiangdong Change your account expiration date: CHAGE-E Mm/dd/yy Wuxiangdong View account information: Chage-l Wuxiangdong |
/etc/skel
The/etc/skel directory is the profile used to store the new user (the file is hidden by default), and when a new user is generated, the files in the file are copied to the new user's home directory, allowing the configuration of the new user to be unified, standard, and initialized.
/etc/login.defs configuration file
Login.defs is to set the user account limit of the file, where we can configure the maximum number of days to expire password, password maximum length constraints and so on. The configuration in this file is not valid for the root user. If the same option is found in the/etc/shadow file, the settings in the/etc/shadow are the same, which means that the/etc/shadow configuration takes precedence over/etc/login.defs
/etc/default/useradd
The/etc/default/useradd file is a default profile that needs to be called when a user is added using Useradd, and can be modified and viewed using the useradd-d parameter.
Commands for some queries:
-
Id |
The information used to query the user. such as which user groups belong to |
Finger |
Basic information for users |
Users |
There are a few in the login, what the user name is |
W |
Which users are currently logged in |
W.H.O. |
The currently logged on user |
Last |
Last Login information |
Lastlog |
Last login log
|
Groups |
Query owning Group
|
This article from "Tiandaochouqin" blog, declined reprint!
Linux Learning Note Five (account management, group management)