Linux User Management-profile analysis

Linux is a multi-user multi-tasking time-sharing operating system, all users who want to use the system resources must first request an account from the system administrator, and then enter the system as the identity of the account. On the one hand, the user's account can help the system administrator to track the users who use the system and control their access to system resources, as well as to help users organize files and provide security protection for users. Each user account has a unique user name and user password. Users can enter the system and their home directory by typing the correct user name and password when they log on.

Configuration file:
User Information file:/etc/passwd
Password file:/etc/shadow
User group file:/etc/group
User group password file:/etc/gshadow
User Configuration file:
/etc/login.defs
/etc/default/useradd
New user information file:/etc/skel
Login information:/etc/motd/etc/issue

Account Type: User account, group account

Identification method: Uid,gid "group account not to login"

Linux User account classification

Super User: Root Uid=0 gid=0 has the highest privileges

System User: uid=1~499 generally cannot log on to the system (/sbin/nologin)

Other users: uid≥500, default UID maximum value is 6000

Linux Group account Classification

Basic Group (Private group): The exclusive group for each user, typically with only one member, with the same group name as the corresponding user name

Additional group (public group): A group that is common to multiple users, typically with multiple members, with the group name specified by the administrator

Data file analysis of Linux user account

/ETC/PASSWD information for one user per line, separated by a colon into multiple different fields

Root:x:0:0:root:/root:/bin/bash
Bin:x:1:1:bin:/bin:/sbin/nologin

　　Field 1: User name: User name used when the user logs on to the system

Field 2: Password: password bit

Field 3:uid: User identification number

Field 4:gid: User group identification number

Field 5: Annotative Description: Storing user description information

Field 6: Host directory: The default directory after the user logs on to the system

Field 7: Command interpreter: The shell used by the user, by default Bshell/sbin/nologin indicates that the user is not allowed to log on to the current Linux system

/etc/shadow information for one user per line, separated by a colon into multiple different fields

Root:$1$mup2r3lw$yqesu.zcah9div41fvmym/:17363:0:99999:7:::

　　Bin:*:15980:0:99999:7:::

Field 1: User name

Field 2: Encrypted password, * indicates that the user's login shell is/sbin/nologin

Field 3: The last time the password was modified, this time starts from January 1, 1970

Field 4: The minimum number of days for two password modification times, if set to 0 disables this feature, and if set to 7 indicates that the user password will not be modified until 7 days from the date of Setup. The default value is obtained from pass_min_days in the/etc/login.defs file

Field 5: Maximum number of days for two password modification times to enhance the timeliness of user management. The user password can be changed within the specified time, and the expiration date will expire. The default value is obtained from pass_max_days in the/etc/login.defs file

Field 6: How many days in advance to remind users that the user password expires. The default value is obtained from Pass_warn_age in the/etc/login.defs file

Field 7: Prevent this user from logging in after the password expires

Field 8: User expiration date, this field specifies the number of days that the user is invalidated (from January 1, 1970 onwards) If the word blank indicates that the account is permanently available

Field 9: Fields not developed

　　

Linux User Management-profile analysis