Linux Learning Private notes-account management

Linux account Management and permissions

1> user account information is mainly in the/etc/passwd and/etc/shadow two files,

Open (cat/etc/passwd) passwd file to see this diagram

A total of 7 fields are separated by:

account name: Password: uid:gid: User Information Description: User's home folder: Shell

The password is replaced by x in order to keep it secret.

Open ( cat Etc/shadow)/etc/shadow file to see this diagram

A total of 9 fields are separated by:

Account Name: Password: the date of the recent password change: The number of days the password cannot be changed: the number of days the password needs to be changed: the number of times the password needs to be modified before the expiration date: Account Grace time after password expires: Account expiration: Reserved

All 9 fields are visible with the number of days associated with the password. The following explains an abstract:

Date of recent password change: This field records the date that the password was changed, why it is 15980 (or something else) instead of the year-month-day, and Linux is on January 1, 1970 as the 1 cumulative date, You can calculate 15980 is the number of days and then add January 1, 1970 will be able to obtain the Change password date.

Other references The date of the recent password change is well understood and will not be explained.

2> User group main information in/etc/group and/etc/gshadow files

Open ( cat etc/group)/etc/group file to see this diagram

A total of 4 fields are separated by:

User group name: User group password: GID: Account name supported by this user group

The same user group password is replaced by x and the password is moved to/etc/gshadow

Open ( cat Etc/gshadow)/etc/gshadow file to see this diagram

There are a total of 4 fields

User group name: User Group password: User Group Administrator account: the user group account

All passwords are listed! Represents no legal password

3> Add and delete accounts

New account:

Useradd [-U UID] [-G initial user Group] [-G secondary user Group] [-C description Bar] [-D folder absolute path] account name (Rom list some common properties)

Useradd Account name (all information is configured by default)

Set Password:

passwd [-l Lock User] [-u unlock user] [-N after days, how long can not change the password days] [-X after the number of days, how long must change the password] [-W after the number of days, how long must change the password] [-I after the date, the password expires before the warning days]

4> Modify user information and delete user information, use man to view the following information

Usermod

Name
Usermod-Change user account

Grammar
Usermod [-C comment] [-D Home_dir [-m]]
[-E Expire_date] [-F Inactive_time]
[-G Initial_group] [-G group[,...]]
[-L login_name] [-s Shell]
[-U uid [-O]] Login

Describe
The USERMOD command modifies the system account file according to the section specified on your command line. The following parameters are available for Usermod
。

-C Comment
Update the note bar in the user account password file, usually using CHFN (1) to modify.

-D Home_dir
Update the user's new login directory. Given the-m option, the user's old directory will be moved to a new directory, such as
The old directory does not exist and a new one is built.

-E Expire_date
Plus user account stop date. The date format is mm/dd/yy.

-F Inactive_days
The account expires several days after the permanent stop right. The account number at 0 o'clock is immediately deactivated. This is closed when the value is-1
Function. The default value is-1.

-G Initial_group
Update the user's new start login group. The group name must already exist. The group ID must refer to both groups.
The group ID preset value is 1.

-G group,[...]
Defines the user as a member of a heap of groups. Each group uses the "," area, and cannot be mixed with blank characters
。 The group name is limited to the-G option. If the user's current group is no longer in this column, the user is determined by the group
Removed from the.

-L Login_name
The name of the change user login is login_name. It does not change. In particular, the name of the user directory should also be
Then change into a new login name.

-S Shell
Specifies the new login shell. This column is white, the system will choose the system preset shell.

-U uid the user ID value. Must be a unique ID value unless the-o option is used. The number cannot be negative. Presets are minimal
To be less than 999 and increase successively. 0~ 999 is traditionally reserved for use in system accounts. All under the user directory tree
The file directory whose user ID is automatically changed. Files that are placed outside the user's directory are manually altered by themselves.

Warning
Usermod does not allow you to change the user account name on the line. When Usermod is used to change the user ID, you must confirm that this
User does not execute any programs on the computer. You need to manually change the user's crontab file. You also need to manually change the user
At work file. Using NIS server requires that the relevant NIS settings be changed on the server.

File
/ETC/PASSWD-User account information
/etc/shadow-User account information encryption
/etc/group-Group Information

Userdel

Name
Userdel-Delete user accounts and related files

Grammar
Userdel [-R] Login

Describe
The Userdel command modifies the SYSTEM account file to delete all the login reference parts. The subject name must be present.

The-R files are removed from the user directory. Files in other locations will also be identified and deleted.

File
/ETC/PASSWD-User account information
/etc/shadow-User account information encryption
/etc/group-Group Information

Warning
Userdel does not allow you to remove user accounts that are online. You have to chop off the program that this account is now executing on the system
To delete the account. The NIS attribute cannot be removed from the NIS client side. This action must be performed on the NIS server side
。

Linux Learning Private notes-account management