# 1 # # User Understanding
the user is the identity of the system consumer
The user is stored as a number of channeling characters in the system+a number of system configuration files
User information involves the system configuration file:
/etc/passwd # # #User Information
User: Password:UID:GID: Description: Home directory: User-usedShell
/etc/Shadow # # #User authentication Information
User: Password: Last password modified this time: Minimum validity: Maximum validity: Warning Period: Inactive period: Account expiration date
/etc/Group # # #Group Information
Group name: Group Password: GroupID: Attaching group members
/etc/Gshadow # # #Group authentication Information
/Home/Username # # #User Home Directory
/etc/Skel/.* ###User Skeleton File
# 2 # # User Management
1.User-Created
Useraddparameter User name
-U # #Specify userUID
-G # #Specify user initial group information, this group must already exist
-G # #Specifies the additional group that must exist for the group
-C # #User Description
-D # #User Home Directory
-S # #the user is using theShell,/etc/Shellsrecords the user's ability to useShell's name
user delete
userdel - r user name - Span class= "Fontstyle0" >r
3 . Establishment of groups
Groupadd - G # # Set up a group
Groupdel Group name ## Delete a group
Monitoring commands for the above experiments:
Watch - N 1 ' tail-n 3/etc/passwd/etc/group;echo ====;ls-l/home;echo ===;ls-l/mnt '
4.UserIDInformation View
IDparameter User
-U # #UserUID
-G # #User Initial GroupID
-G # #User-owned groupID
-N # #display name instead ofIDDigital
-a # #Show All information
5.User Information changes
Usermodparameter User
-L # #change user Name
-U # #ChangeUID
-G # #ChangeGID
-G # #Change an additional group
-AG # #Adding additional groups
-C # #Change Description
-D # #Change Home directory designation
-MD # #Change home directory designation and home directory name
-S # #ChangeShell
-L # #Freeze Account
-U # #Unlock
######################
####3.User Decentralization####
######################
1.in the system, Superuser can delegate actions that ordinary users cannot perform to ordinary users.
Delegation of authority Profiles:/etc/sudoers
2.Ways of decentralizing power
*) Super User executionVisudogo to edit/etc/sudoersmode
*) Format:
Get Permissions User host name=(acquired user identity) command
Test desktop0.example.com=(Root)/usr/Sbin/Useradd
Testthe user candesktop0.example.comEXECUTE AS Super user/usr/Sbin/Useradd
3.Execute delegation of authority command
sudoCommand##If the first time you executesudoyou need to enter the current user password
In the/etc/sudoersif the settings are as follows:
Test desktop0.example.com=(Root) nopasswd:/usr/Sbin/Useradd
represents a user callsudoYou don't need your own code when you order.
############################
####4.Control of user authentication information####
############################
Chageparameter User
-D # #User Password Group after the time of modification, if set to0, the user must change their password after logging into the system.
-M # #Minimum Validity
-M # #Maximum validity period
-W # #Warning Period
-I##User Inactive days
-E # #account Expiration date format-E "YYYY-MM-DD "
Linux Rookie Learning Path >>5