650) this.width=650; "src=" Http://img.baidu.com/hi/face/i_f38.gif "alt=" I_f38.gif "/> Manually add Users
650) this.width=650; "src=" Http://img.baidu.com/hi/face/i_f42.gif "alt=" i_f42.gif "/> order
Change /etc/passwd
Change /etc/group
change /etc/shadow and add a password
Create a new home directory and modify permissions and properties
Decorate the home catalogue /etc/skel/.bash*
You can also change the password file of the group/etc/gshadow
650) this.width=650; "src=" Http://img.baidu.com/hi/face/i_f42.gif "alt=" i_f42.gif "/> Check tool pwck, GRPCK, Pwconv
pwck: Check the integrity of user password files (/etc/passwd and/etc/shadow files).
Usage: pwck [-Q] [-S] [passwd [Shadow]]
PWCK [-Q] [-r] [passwd shadow]
Parameters:
-Q: Only error messages are displayed and warnings are not displayed
-S: Sort by ID
-R: Read-only mode check
GRPCK: Check the integrity of user groups and password files (Etc/group and/etc/gshadow files)
Usage: GRPCK [-R] [group [shadow]]
GRPCK [-S] [group [shadow]]
Parameters: Same as Pwck
Pwconv: Synchronize the password, the workflow is as follows (do not change when the user is added correctly):
Pwconv relies on the cipher area ' X ' in passwd to synchronize the two files with/etc/passwd and/etc/shadow, and/etc/passwd to control the items in/etc/shadow:
A: If/etc/shadow does not exist, then Pwconv will use/ETC/PASSWD to establish
B: If/etc/shadow already exists, then:
1. If the entry already exists in passwd and not in the shadow, add the relevant entry in the shadow
2. If the entry already exists in shadow and not in the passwd, delete the relevant entry from the shadow
650) this.width=650; "src=" Http://img.baidu.com/hi/face/i_f42.gif "alt=" i_f42.gif "/> Operation
[[email protected] dir]# vim + /etc/passwduser1:x:509:509::/home/user1:/bin/bash[[ email protected] dir]# vim + /etc/groupuser1:x:509# generate MD5 password three ways: grub-md5-crypt chpasswd -m , passwd --stdin[[email protected] dir]# grub-md5-crypt password: retype password: $1$2zjw6$ysvf7smslnfwtytq6sbtg0[[email protected] dir]# vim + /etc/shadowuser1:$1$2zjw6$ysvf7smslnfwtytq6sbtg0:16478:0:99999:7:::[[email protected] dir]$ echo "User1:a" |chpasswd -m #3, direct generation with Passwd --stdin [[ email protected] dir]# echo "a" |passwd --stdin user1[[email protected ] dir]# mkdir /home/user1[[email protected] dir]# cp /etc/skel/.bash* /home/user1/[[email protected] dir]# chown user1.user1 /home/user1 -r[[email protected] dir]# chmod 700 /home/user1[[email protected] ~]# vim + /etc/gshadowuser1 :!::[[email protected] ~] #pwck [[email protected] ~]# grpck[[email protected] ~]# pwconv[[email protected] dir]# su user1[[email protected] dir]$ whoamiuser1
650) this.width=650; "src=" Http://img.baidu.com/hi/face/i_f38.gif "alt=" i_f38.gif "/> User related files/etc/passwd,/etc/ Group,/etc/shadow
650) this.width=650; "src=" Http://img.baidu.com/hi/face/i_f42.gif "alt=" I_f42.gif "/>/etc/passwd VIPW is recommended when modifying, to prevent others from modifying and causing damage at the same time
[[email protected] ~]# tail-1/etc/passwduser1:x:509:509::/home/user1:/bin/bash# user name: password: User id: Group ID: User comments: Home directory: Shell
650) this.width=650; "src=" Http://img.baidu.com/hi/face/i_f42.gif "alt=" I_f42.gif "/>/etc/shadow
root:$1$. Tzs2yur$uq3.5xlbdehlkak9hkqzx/:16042:0:99999:7: blank: blank: Blank 1 2 3 4 5 6 7 8 9 | | | | | | | | |--reserved field, currently empty | | | | | | | |--User expiration Date (in units/day), this field specifies the number of days that the user has been invalidated (from January 1 to the present in 1970) | | | | | | |--disable this user for the number of days after the password expires | | | | | |--how many days in advance warning user password will expire | | | | |-- Two times the maximum number of days between password changes | | | |--two times the minimum number of days between password changes | | |-- Time of last password change (units/day), since January 01, 1970 to date | |-- User password (corresponding to the password placeholder within the/etc/passwd file), if the password is added "!!" Indicates that the user |--user name is disabled (corresponding to the user name in the/etc/passwd file) Note: Where the value of fields 4, 5, 6, 7, 8 is empty, the account can be used permanently
650) this.width=650; "src=" Http://img.baidu.com/hi/face/i_f42.gif "alt=" I_f42.gif "/>/etc/group
[Email protected] etc]# tail-1/etc/group user1:x:509: #组名: Password: Group ID: Extra Group
650) this.width=650; "src=" Http://img.baidu.com/hi/face/i_f42.gif "alt=" I_f42.gif "/>/etc/gshadow
[[email protected] ~]# head-1/etc/gshadowroot:::root# Group name: encrypted password: comma-separated administrator: comma-separated group members
Linux manually add user, related file description