Linux user configuration file (version 2)
/Etc/passwd file profiling file format:
Root: x: 0: 0: root:/bin/bash
Username: Password: UID: GID [default group ID]: annotation Description: Home Directory: shell [Part 7]
Linux user category:
Super User (root, UID = 0)
Normal user (UID = 500 ~ 60000) # The maximum value can be changed.
Pseudo user/special user (UID = 1 ~ 499)
# Therefore, after a user's UID is changed to 0, it becomes a Super User
Pseudo-user features
1. Pseudo-users are related to systems and program services
For example, bin, daemon, shutdown, and halt. By default, any Linux system contains these pseudo users.
Such as mail, news, games, apache, ftp, mysql, and sshd. pseudo users related to Linux Processes
For example, MySQL is automatically added to the configuration file during installation.
2. Pseudo-users generally do not need to or cannot log on to the system. Therefore, the pseudo-user mechanism ensures system security.
3. No home directory is available.
User Group
1. Each user belongs to at least one user group.
[In the management system, every user should belong to his/her own group. In this way, each user will "perform his/her own duties" and have his/her own unique permissions, so as not to be "messy "]
2. Each user group can contain multiple users. A single user can belong to multiple groups at the same time.
3. users in the same group have the permissions shared by this group.
4. If no user group is specified during user creation, the system creates a group with the same user name and adds the user to the group.
Other Instructions
Annotation description # For example, storing the full name of the user and the department to which the user belongs. if you add a user, you 'd better write this description to differentiate the role of the user in the future.
Home Directory # default directory after the user logs on to the system
Command Interpreter # The Shell used by the user. The default value is bash.
/Etc/shadow file profiling
File Format:
Root: $1 $0 HZuNsCv $ URJuS1MRpjafAVcmYO0bI1: 15957: 0: 99999: 7 :::
User name: encrypted password: last modification time: minimum interval [0 indicates unlimited]: maximum interval: warning time: account idle time: expiration time: sign [not used generally]
Other information:
If the password bit is cleared, the user no longer needs the password.
Minimum interval: minimum number of days between two password changes
Maximum time interval: the maximum number of days for the password to be valid, which can force the user to change the password
[View the help information of the/etc/shadow file: man 5 shadow]
/Etc/shadow file permission
Write the password back: pwunconv # this tool is not provided for commercial UNIX
The/etc/shadow file does not exist.
Password conversion: pwconv
Now/etc/shadow is back
That is, the password is automatically converted whenever the system creates a password.
Verify the/etc/passwd file when verifying the user name and the password:/etc/shadow]
[View root password information grep root/etc/passwd/etc/shadow]
/Etc/login. defs Brief Analysis of default user login information
CREATE_HOMEyes # create a home directory while creating a user
UMASK 077 # permissions for creating files or directories by default
[All options are described in detail in the statement]
/Etc/default/useradd Brief Analysis
Default Configuration when adding a user
INACTIVE =-1 # indicates that the user is not disabled by default during creation, and 0 indicates that the user is disabled by default.
EXPIRE = # account expiration time
SHELL =/bin/shell # Default User shell. If it is/sbin/nologin, new users cannot log on by default.
SKEL =/etc/skel # the original location of the new user's default configuration file
CREATE_MAIL_SPOOL = yes # whether to create a file for saving user emails when adding a user
The information displayed after/etc/motd user logon can be used for internal staff notification information [today's message]. As long as you log on, you will receive
The information displayed before logon by the/etc/issue user. However, the original content is not recommended and can be used to display public information.
Instance: manually add users
1. Edit the/etc/passwd file and add
Xiaofang: 502: 502: test user:/home/xiaofang:/bin/bash
2. Create the home Directory of xiaofang: mkdir/home/xiaofang
3. Change the owner of the Directory: chown tom/home/xiaofang
4. edit/etc/shadow and add
Xiaofang: 16023: 0: 99999: 7 :::
4. cp-rf/ect/skel/. */home/xiaofang
# New User information file:/etc/skel. Some configuration files of the new user are saved here, as long as they are all copied to/home/xiaofang, the user is no different from the user in useradd.
5. passwd xiaofang # generate the xiaofang Password
In this case
OK!
Appendix-generate encrypted ciphertext
Echo "123456" | md5sum