Linux System Management Technical Manual-Chapter 2 Add new users and linux Technical Manual
6.1/etc/passwd file
When a user logs on to Linux, the user's file/etc/passwd is identified.
/Etc/passwd includes seven fields:
Login Name (no more than 32 bits, no more than 8 bits after using the NIS system)
Encrypted passwords or password placeholders (most of them are actually stored in the/etc/shadow file, MD5 encryption is used by default (34 digits after encryption), Blowfish is used in SUSE, and passwd is used for setting)
UID (User ID) number (32-bit unsigned number, it is recommended to limit to 32767, root UID is 0, so that multiple accounts UID is 0 will generate a potential security vulnerability, LDAP is a popular UID management tool)
The default GID (group ID) number (defined in the/etc/group file, GID 0: root group, GID 1: bin group, GID 2: daemon group, the default GID takes effect when creating new files and directories)
"GECOS" information: full name, office, extension number, residential phone number (records user personal information, finger, chfn, GECOS information is very suitable for LDAP Management)
Main directory (if DEFAULT_HOME of/etc/login. def is set to no, user logon without the main directory is prohibited)
Log on to shell (the chsh command changes the shell used by the user. The/etc/shells file contains the shell list that the chsh command allows the user to use. add an item to the shell file and use the absolute path)
6.2/etc/shadow file
Format: root: $1 $ buJ6v3Ch $ bwLIof5each9Nv. OEzD3T0: 13348: 0: 180: 14: 14974:
Only Super Users can read/etc/shadow files
The original password field in the/etc/passwd file must contain an x
The Administrator must maintain both the/etc/shadow and/etc/passwd files (or use the useradd tool for self-maintenance)
You can use the pwconv tool to ensure that the contents of the shadow and passwd files are consistent.
9 fields in the/etc/shadow file:
Login Name (same as in/etc/passwd)
Encrypted password
Time when the password was last modified (the number of days since January 1, January 1, 1970)
Minimum number of days between two password changes (to prevent the user from changing the password immediately after the password is changed, it is recommended to set 0)
Maximum number of days between two password changes
How many days before warning that the user password will expire
Account Expiration Date (days from January 1, January 1, 1970)
Reserved field, empty currently
6.3/etc/group file
Format:
Wheel: x: 10: net, evi, lynda, boggs, tom, millert
Student: *: 200: dotty
The newgrp command changes a user not in a group to belong to this group.
The/etc/group file contains four fields:
Group Name (up to 8 characters)
The encrypted password or contains an x, indicating that a gshadow file exists.
GID (to avoid conflict with GID provided by the vendor, we recommend that you assign a local group from GID 500)
List of members separated by commas)
6.4 Add a user
Before creating an account for a new user, it is very important for the user to sign and date the copy of the Local User Agreement and policy statement.
Steps required by the system:
Edit the passwd and shadow file to define the user account:
Add a user to the/etc/group file
Set an initial password
Create a user's home directory and use the chown and chmod commands to change the owner and attributes of the user's home directory
Steps for the user:
Copy the default startup file to your home directory.
Set the user's mail home directory and create a mail alias
Steps for the Administrator:
Check whether the account is set correctly
Add the user's contact information and account status to the database
1) edit the passwd and shadow files
After ora and RHEL use vipw to edit the passwd file, they will ask whether to edit the shadow file. SUSE, Debian, and Ubuntu use vipw-s to implement the above functions.
Add the account linda to/etc/passwd:
Linda: x: 2000: 2000: linda,:/home/linda:/bin/sh
Add the following content to the/etc/shadow file:
Linda: *: 16268: 0: 99999: 7 :::
2) edit the/etc/group file
Linda: 2000: linda
3) set the initial password
Passwd linda
4) create a user's home directory
Mkdir/home/linda
Chown linda: linda/home/linda
Chmod 700/home/linda
5) copy the default Startup File
Cp/etc/skel/[a-zA-Z] * ~ Linda (skel is in/etc/skel under ubuntu12.04. find/-name skel in other systems)
Chown linda: linda ~ Linda/[a-zA-Z] *
Chmod 600 ~ Linda/[a-zA-Z] * (Note: it cannot be written ~ Linda/. *, because this also includes... (/home), it will lead to linda not only the owner of her own file, but also the owner of her parent directory, which is very dangerous)
6) set the user's mail home directory
See section 18.3.2.
7) verify the new Logon
Log out, log in as a new user, and execute the command
Pwd/* Verify the main directory */
Ls-al/* Check the owner and group of the Startup File */
8) record user status and contact information
Maintain the contact information and account status database
6.5 delete a user
Steps for manually deleting a user:
Delete a user from all local user databases or phone books
Delete a user from the alias file or add a forwarding address
Delete the user's crontab file and all pending at jobs
Terminate all user processes that are still running
Delete a user from the passwd, shadow, group, and gshadow files
Delete the user's home directory
Delete a user's email storage file
6.6 login prohibited
Method 1) add an asterisk or other characters before the encrypted password to prevent it from accessing and logging through the password
Method 2) usermod-L linda and usermod-U linda indicate locking and unlocking passwords respectively (SUSE is invalid)
Method 3) Replace the user's shell. The pseudo shell is not in/etc/shells.
6.7 account management tools
The useradd command adds the user to the passwd file (if possible, it will also be added to the shadow file)
The usermod command can change the entries of an existing user in the passwd file.
The userdel command can be used to delete a user from the system or the user's home directory.
Groupadd, groupmod, and groupdel can be used to operate on/etc/group files.
Add User
Useradd-c "David Hilbert"-d/home/hilbert-g facultry-G famous-m-s/bin/sh hibert
The effect is as follows:
In/etc/passwd (hilbert: x: 1005: 30: David Hilbert:/home/hilbert:/bin/sh)
In/etc/shadow (hiblert :! : 11508: 0: 99999: 7: 0 ::)
In/etc/group (add the hilbert to the faculty and famous groups)
The home directory/home/hilbert is created.
Copied the content of/etc/skel to the main directory.
Delete a user
Userdel hilbert
Information related to hilbert In passwd, shadow, and group files is deleted.
After the-r option is added, the user's home directory will be deleted.
Linux System Management Technical Manual 2
If you want to learn basic operations, we suggest you look at laruence's Linux private dish.
If you want to learn systematically or professionally, read the "linux System Management Technical Manual" (second edition), the legendary Bible!
Of course, it is important to combine practice and theory!
Which of the following is the best version of the Linux System Management Technical manual?
Laruence writes well. It's easy to see. There are many examples.
The Linux System Management Technical Manual is also good. It is more systematic to be patient.
We recommend that you first read the. linux.vbird.org/