Linux User management of the use of each command

First, we have to understand the user management and authority management mechanism

A: Authentication mechanism

Identity (Username/password) Username/password

A:permission Permissions

Mode modes

Ownership ownership

Ii. introduction of users and groups under Linux

Users: Username/password

UID (user identity) from: 0-65535

The user is divided into: Administrator, normal user > System user, Login user.

The Administrator uid is: 0

The normal user uid is: 1-60000

Group: Groupname/gid

Administrators group: 0

Normal Group:

1-499, 1-999

1000+, a researcher

Basic Group of users:

The private group of the user;

Additional Groups for users

Third, Linux users and groups related configuration files:

/ETC/PASSWD: User name, UID, basic group and other information

/etc/group: Group name, GID, user included in the group;

/etc/shadow: User password and related attributes;

/etc/gshadow: the password and related attributes of the group;

Iv. related commands for user and group management

Useradd, Usermod, passwd, Userdel

Groupadd, Groupmod, GPASSWD, Groupdel

Chage, Chsh, CHFN

ID, W, who, WhoAmI

Su

First Look at Useradd: Create user

useradd [Options] LOGIN

useradd-d [Options]

-r: Create a System user

-U uid: Specifies uid;

-G GID: Specifies the base group to which the user belongs, which must exist beforehand

-C ' COMMENT ':

-d/path/to/somewhere: Specifies the user's home directory path; The location cannot exist beforehand, otherwise its user-related profile will be copied;/etc/skel

-S Shell: Sets the user's default shell;

Cat/etc/shells

-G GID,... : Specifies the additional group to which it belongs;

-M: Do not create home directory for users;

Usermod: User Property modification

Usermod [OPTION] ... LOGIN

-U UID

-G GID

-G Gid[,gid,...] : Modify the additional groups that the user belongs to, and use the-a option;

-S SHELL

-C ' COMMENT '

-D Home: When the user's home directory is modified to a new location, the user's original file is not moved to the new home; the-m option allows it to be moved to a new home directory at the same time;

-L LOGIN:

-l:lock User

-u:unlock User

passwd: Add a password to the user

passwd [OPTION] [UserName]

-l:lock User

-u:unlock User

-N mindays: Minimum period of use;

-X maxdays: Default is 99,999 days;

-W Warndays:

-I. Inactivedays:

--stdin: Receive user password from standard output;

echo ' CentOS ' | passwd--stdin CentOS

Userdel: Deleting users

Userdel [-R] USERNAME

-R: Delete the user's home directory at the same time;

Let's make an example:

[[email protected] ~]# useradd-u centos-r//Create CentOS user as System user and set UID to 100.

[[email protected] ~]# usermod-u CentOS//Modify CentOS user UID to 200 and see if the modification was successful

Usermod:warning:/var/spool/mail/centos not owned by CentOS

[[email protected] ~]# ID CentOS

uid=200 ( CentOS) gid=493 (CentOS) groups=493 (CentOS)

[[email protected] ~]# usermod-g SQL CentOS//Add database and SQL two additional groups to users

[Email protected] ~]# usermod-g database-a CentOS//NOTE: If you do not add-a, the original add-on group will be overwritten, but not the effect of adding two additional groups at the same time.

[[email protected] ~]# ID CentOS//view user CentOS properties.

uid=200 (CentOS) gid=493 (CentOS) groups=493 (CentOS), 501 (database), 502 (SQL)

[[email protected] ~]# mkdir/home/database//Create home Next directory and add CentOS user home directory more

[[email protected] ~]# usermod-d/home/database CentOS for/home/database

[[email protected] ~]# passwd-n CentOS//Set Minimum password age for users:

Adjusting aging data for user CentOS.

Passwd:success

[Email protected] ~]# echo ' CentOS ' | How to use the user's password from standard output;

> Echo ' CentOS ' | passwd--stdin CentOS

Changing password for user CentOS.

Passwd:all authentication tokens updated successfully.

OK, the above is the basic simple usage of our useradd, let's continue to look at the use of Group setup and Group commands:

Groupmod: Group Property Modification

Groupmod [OPTION] GROUPNAME

-N group_name

-G GID

GPASSWD: Set password for group

NEWGRP: Toggles the base group for the specified group

Groupdel: Deleting a group

Let's try to run these commands:

First, we create a group and do the property modification, set the password, switch group, delete the group and so on:

[Email protected] ~]# Groupadd Schneider

[Email protected] ~]# GROUPMOD-G 503 Schneider

[Email protected] ~]# gpasswd Schneider

Changing the password for group Schneider

New Password: ******

Re-enter new password: ******

[Email protected] ~]# Su-l base

Note: Su base is only temporarily switched to the user below, we can use the Echo $PATH to view the following Linux variables, we will find:

[[email protected] ~]# SU Base

bash-4.1$ Echo $PATH

/usr/lib64/qt-3.3/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin

But if we exit and log in using Su-base, this will be the case:

[Email protected] ~]# su-base

-bash-4.1$ Echo-base

-Base

Linux environment variables are different, Su-username is completely switched to the user below, please differentiate.

Let's look at the switch group again:

bash-4.1$ Newgrp Schneider

Password:

bash-4.1$ groups

Schneider SQL//We have temporarily added the Schneider group to the base user, note that NEWGRP is not permanently adding users to the group, only giving the user permission to temporarily own the group.

Then delete the group we do not do the operation, very simple, groupdel directly delete is good, but to note that if there are users in the group, then is not deleted, so in the delete group operation, we need to view and transfer the group of users!

Chage: Modify the properties of user account and password

chage [OPTION] ... LOGIN

- L: Lists the user's and password expiration dates
-M: Minimum number of days to change password
-M: Maximum number of days to change password
-I : number of days to lock account after password expires
-D: Specify the date the password was last modified
-E: valid, 0 means immediate expiration, 1 means never expires
-W: Start warning days before password expires

Let's do a simple operation example:

[[email protected] ~]# chage-l Base//View user's password information valid days, etc.

Last Password change: Jan 31, 56704

Password expires: Never

Password inactive: Never

Account Expires: Never

Minimum number of days between password change: 1

Maximum number of days between password change: 1

Number of days of warning before password expires:-1

Other commands: CHFN, Chsh, Finger, WhoAmI, who, W

We can use CHFN to add user information to the user:

[Email protected] ~]# CHFN base

Changing finger information for base.

Name []: Basee

Office []: Shanghai

Office Phone []: 119

Home Phone []: 120

Finger information changed.

When the user information is added, we can use the CAT/ETC/PASSWD command to view the user's changed information.

So the above is our user management of the use of the commands and examples, if there is any shortage or neglect of the place, welcome to correct me! Thank you!

This article is from the "Chino" blog, make sure to keep this source http://10267776.blog.51cto.com/10257776/1688424

Linux User management of the use of each command