Linux User and Rights management

Linux User and Rights management

I. Overview of the Order

User management: Useradd,userdel,usermod,passwd,id,finger,chsh,chfn,chage,pwck

Group Management: GROUPADD,GROUPDEL,GROUPMOD,GPASSWD,NEWGRP

Rights Management: Chown,chgrp,chmod,umask

/ETC/PASSWD User store files

Format: User name: Password: UID:GID:comment Note: Home directory: Default Shell

/etc/group user groups to store files

Format: Group name: Password: GID: List of users with this group attached to the group

/etc/shadow user password to store files,

Format: User name: Password: Last time the password was modified: Minimum Age: Maximum Age: Warning Time: Inactive time: Expiration: Reserved

/etc/gshadow: Group Password storage file

User Category:

Administrator: Uid=0

Normal Users: 1-65535

System User: 1-499 (centos7:201-999)

General User: 500-60000 (centos7:1000-60000)

User Group Category:

Administrators group

Normal Group: Gid=0

System Group: 1-499 (centos7:201-999)

General Group: 500-60000 (centos7:1000-60000)

User Group Category:

Private group: When you create a user, a group that has the same name as the user name is automatically created if the group to which it belongs is not specified.

Basic group: Default group for users

Additional groups, additional groups (groups): Groups other than the default group

Ii. detailed usage of commands

㈠. User Management

1.useradd-create a new user or update default new user information

useradd [Option]username

Useradd-d

useradd-d [Options]

-U,--UID UID: Specify UID

-G,--GID GID: Specify basic group, group must exist

-G,--Groups GID ...: Specify additional groups, must exist, and can specify multiple additional groups

-C,--coment "COMMENT": Add description information, add to/etc/passwd Fifth column content

-D,--home/path/directory: Specify home directory

-S,--Shell (/etc/shells: Shell file available for current system): Specify User shell

-M (--create-home),-K (--skel): Create directory

-M: Do not create home directory

-R,--System: Adding systems Users (often used when software is installed, such as apache,mysql, etc.)

-P,--Password: Modify user password, followed by encrypted ciphertext

/etc/login.defs useradd Default configuration file

2.userdel-delete a user account and related files

Userdel [Options] LOGIN

: Home directory is not deleted by default

-R--remove: Delete User directory at the same time

3.usermod-modify A user account is similar to useradd usage

usermod [Options] LOGIN

-U,--UID UID

-G,--GID GID

-A (--append)-G GID ...: Does not use the-a option to overwrite the current additional group

-C,--Comment: modifying annotations

-D (--home)-M (--move-home)/path/directory: Specify a new home directory, copy the original home to the new home

-S: Modify shell

-L,--Login: Modify user name

-L,--Lock: Lock user

-U,--unlock: Unlocking user

-P,--Password

4.id-print Real and effective users and group IDs view user account attribute information

ID [OPTION] ... [USERNAME]

-U,--User

-G,--Group

-G,--Groups

-N,--name:print a name instead of a Number.for-ugg

5.finger-user Information Lookup Program View user account information

Finger [-lmsp] [user ...] [[email protected] ...]

6.chsh-change your Login Shell

Chsh [-S Shell] [-l] [-u] [-v] [username]

7.chfn-change Your finger information

CHFN [-F full-name] [-O Office], RB [-P office-phone] [-H Home-phone]

[-u] [-V] [Username]

8.chage-change User Password Expiry (expires, expires) information

chage [Options] [LOGIN]

-D,--Lastday:

-E,--expiredate: Expiry time

-i,--inactive: Inactive Time

-M,--mindays: Minimum term of use

-M,--maxdays: Maximum lifespan

-W,--warndays: Warning Time

9.passwd-update user ' s authentication tokens

passwd [-K] [-l] [-u [-f]] [-d] [-e] [-N mindays] [-X Maxdays] [-W warndays] [-I inactivedays] [-S] [--stdin] [Userna Me

-L: Lock account

-U: Unlock Account

-D: Remove password

#echo "Password" | passwd--stdin LOGIN

10.pwck-verify integrity of password files Check user account integrity

PWCK [-Q] [-S] [passwd [Shadow]]

PWCK [-Q] [-r] [passwd [Shadow]]

㈡. Group Management

1.groupadd-create a new group

Groupadd [Options] Group

-G,--GID GID

-R,--system:create a system group

2.groupdel-delete a group

Groupdel Group

3.groupmod-modify a group defintion on the system

groupmod [Options] GROUP

-G,--GID GID

-N,--new-name new_group Modify Group name

4.gpasswd-administer/etc/group And/etc/gshaow

GPASSWD [option] Group

5.newgrp-log in to a new group

NEWGRP [-] [group]

㈢. Rights Management

Three types of permissions: rwx

Rwx

r--: Read-only

r-x: Read and Execute

---: No permissions

0---: No permissions

1 001--x: Execution

2 010-w-: Write

3 011-wx: Write and Execute

4 r--: Read-only

5 101 R-x: Read and Execute

6 rw-: Read and Write

7 111 rwx: Read and write execution

Three types of users: Ugo (A=ugo)

1.chown-change file owner and group

chown [OPTION] ... [OWNER] [: [GROUP]] FILE ...

chown [OPTION] ...--reference=rfile FILE ...

-R,--Recursive (recursive): Operate on files and directories recursively

--reference (reference, reference) =/path/somefile FILE ...

2.chgrp-change Group Ounership

CHGRP [OPTION] ... GROUP FILE ...

CHGRP [OPTION] ...--reference=rfile FILE ...

-R,--Recursive (recursive): Operate on files and directories recursively

--reference (reference, reference) =/path/somefile FILE ...

3.chmod-change File Mode bits

chmod [OPTION] ... Mode[,mode] ... FILE ...

chmod [OPTION] ... Octal-mode FILE ...

chmod [OPTION] ...--reference=rfile FILE ...

-R,--Recursive (recursive): Operate on files and directories recursively

--reference (reference, reference) =/path/somefile FILE ...

#chmod 777 FILE

#chmod [Ugoa ...] [[+-=][rwxxst] ... FILE

4.umask-display or set file mode mask mask code

Umask [-P] [-S] [mode]

Default Umask property:

root:022

user:002

Catalog: 777-umask

Files: 666-umask

Note: The file default does not have the execution permission, if the result has the execution permission, then its permission adds 1, for example: User umask=023, the default file permission is: 666-023=643 (rw-r--wx) +1=644 (rw-r--r--)

This article is from the "Kaka" blog, please be sure to keep this source http://cakaluote.blog.51cto.com/504821/1612287

Linux User and Rights management