Linux User and user configuration file-general Linux technology-Linux technology and application information. The following is a detailed description. In addition to creating user accounts like in Windows systems, some user accounts in Linux systems also exist after the system is installed, just like built-in accounts in Windows systems. If you want to know some Linux accounts, you can view the/etc/passwd file, as shown below.
There are two configuration files related to users:
/Etc/passwd: user configuration file;
/Etc/shadow: User shadow password file;
For details about the Password file, refer to the above content. Only the root account has the permission to modify it. This file contains the usernames of all users in the system and their related information. Each user account corresponds to a row in the file and is divided into seven parts by colon (;) ("Domain" in Linux). Each part is separated by colon. The format is as follows:
Account name: encrypted password: User ID: Group ID: account full name or description: logon Directory: logon shell
As listed above, the root user's behavior in this file:
Root: x: 0: 0: root:/bin/bash
It indicates that the root account has a password (indicated by x, but not by x ), the user ID and group ID are both "0" (the user ID and group ID of the built-in account are less than 500, and the user ID and group ID of the newly created account are both equal to or greater than 500). The full account name is root, the used logon shell has/bin/bash.
The/etc/passwd file is readable to all users of the system. The advantage is that every user can know which users are on the system, however, the disadvantage is that passwords of other users are vulnerable to attacks (especially when passwords are relatively simple ). Therefore, the shadow password format is used in Linux, such as red hats and red flags. the user's password is stored in another file/etc/shadow, Which is readable only by the root user, therefore, security is greatly improved. As follows:
Similarly, in this file, each user corresponds to a row and is divided into nine parts by a colon ("Domain" in Linux "). The format of each row is as follows:
User Login Name
User's encrypted password (if it is blank, it indicates that the user can log on without a password. If it is *, it indicates that the account is disabled)
The number of days from January 1, January 1, 1970 to the last password Modification
How many days cannot the password be modified by the user?
The number of days after which the password must be modified (0 is not modified)
How many days after the password expires, the user account is forbidden
How many days does the password expire before it is issued to the user?
Password: the number of days banned on January 1, January 1, 1970
Reserved domain
Take the root account as an example. The code above is:
Root: $1 $ qnvzih07 $ LKCr9gldeq1ajos5tuLPH.: 13670: 0: 99999: 7 :::
According to the preceding format, the user login name is root and the encrypted password is $1 $ qnvzih07 $ LKCr9gldeq1ajos5tuLPH. "(because the password is encrypted, It is not displayed as a direct password.) The last time the password was changed from January 1, January 1, 1970 to 13670 days, the password cannot be modified, the password must be modified after 99999 days. The user account is forbidden 7 days after the password expires, and the subsequent three domains are not configured.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
