Linux User profiles and permissions

---------- other genera

Security contexts (Secure context)

Any time a user operates a computer is nothing more than initiating a process, so the process is the agent of the user operating the computer, so when the process runs, it must be running as the user who initiated it. Therefore, the process can access which files, depending on the process's own permissions and the resources or files that it wants to access the permissions, the process is determined by the security management of the system resources of the properties of the automatic completion, of course, is actually managed by the kernel to complete.

Permissions: R,w,x

File:

R: Readable, you can view the contents of the file using commands like Cat

W: writable, can edit or delete this file

X: Executable, exacutable, can be submitted to the kernel at the command prompt as a command to run

Directory:

R: You can perform LS on this directory to list all internal files

W: You can create files in this directory

X: You can switch to this directory using a CD, or you can use Ls-l to view the details of internal files

Rwx

0---: No permissions

1 001--x: Executable

2 010-w-: Write

3 011-wx: Write and Execute

4 r--: Read-only

5 101 R-x: Read and Execute

6 rw-: Read and Write

7 111 rwx: Read and write execution

Users: UID,/ETC/PASSWD

Group: Gid,/etc/group

Shadow Password:

Users:/etc/shadow

Group:/etc/gshadow

User Category:

Super User (Admin): id=0

Normal User: id=1-65535

System User: id=1-999

General Users: id=1000~

User Group Category:

Administrators group:

Normal Group:

System Group:

General Group:

User Group Category:

Private group: When a user is created, a group with the same name as the user name is automatically created if the group to which it belongs is not specified

Basic groups: Default values for users

Additional groups, additional groups: groups other than the default group

# cat /etc/passwd:

Account: Login Name

passwd: Password (displayed as x placeholder, password information stored in/etc/shadow)

UID: User ID

GID: Basic Group ID

Comment: Notes

Home dir: Home directory

Shell: User's default shell

# cat /etc/group:

Account: Login Name

passwd: Password placeholder

UID: User ID

The list of users with this group as a supplement, without which is empty

# cat /etc/shadow:

Login Name: Login name

Encrypted passwd: encrypted password

Date Password change: Password Last modified

Minimum password Age: Minimum password life

Maximum password Age: Maximum password lifetime

Password warning Period: Warning time to user when password is about to expire

Password inactivity period: grace period (Intermediate period of time before account is disabled after password expires)

Account Expiration Date: Accounts disabled time

Reserved field: Reserved fields

# cat /etc/gshadow:

Group Name: Team Name

Encrypted Password: encrypted password

Administrators: Managing person

Members: Group member

# cat /etc/default/useradd: Useradd configuration file

Useradd defaults file

group=100

Home=/home (Specify home directory for users)

Inactive=-1 (grace period for password modification)

expire= (empty stands for indefinite use)

Shell=/bin/bash

Skel=/etc/skel

Create_mail_spool=yes

Encryption method:

	Symmetric encryption	Public Key Cryptography	One-way encryption (hash encryption)
	Encrypt and decrypt using the same password	Each password appears in pairs, one for the private key (Serect key) and one for the public key	Extract data signatures (unique), often used for data integrity checks
Encryption speed	Fast	Slow	1. Avalanche effect 2, fixed-length output (MD5, SHA1)
Key length	Short	Long

Md5:message Digest (Information Digest), 128-bit fixed-length output

Sha1:secure Hash algorithm,160 bit fixed-length output (more secure)

Linux user profiles and permissions