Linux User Management-Primary

Source: Internet
Author: User

Manage User Commands Summary
Command Note Description (must be mastered for special colors)
Useradd Increase 同adduser命令,执行此命令可在系统中添加用户。(更改4个用户文件)
Userdel Delete 执行此命令可删除用户及相关用户的配置或文件(更改4个用户文件)
passwd 执行此命令可为用户设置或修改密码。更改/etc/shadow文件
Chage 修改用户密码属性。管理/etc/shadow文件
Usermod Change 修改用户信息的命令,可以通过usermod来修改登录名,用户的家目录等等
ID Check 查看用户的UID,GID及所归属的用户组
Su 用户角色切换工具。su -
Sudo

sudo是通过另一个用户来执行命令,su 是用来切换用户,然后通过切换到的用户来完成相应的任务,但sudo能在命令后面直接接命令执行,

比如sudo ls /root,不需要root密码就可以执行只有root才能执行的相应命令或具备的目录权限;这个权限需要通过visudo命令或者直接编辑/etc/sudoers来实现

Visudo visudo配置sudo权限的编辑命令;也可以不用这个命令,直接用vi来编辑/etc/sudoers实现。但推荐用visudo来操作(会自动检查语法)

Manage User Group Command summary
Command Note Description (special color tag needed to master)
Groupadd 添加用户组
Groupdel 删除用户组

The/etc/skel directory is the directory used to store the new user environment variable file, and when we add a new user, all files in this directory are automatically copied to the newly added user's home directory : By default,all files in the/etc/skel directory are hidden files ( files beginning with. Point ); by modifying, adding, and deleting files in the/etc/skel directory, we can provide a unified, standard, and initialized user environment for newly created users.

[[email protected] ~]# cd/etc/skel[[email protected] skel]# lsreadme[[email protected] skel]# ls-altotal 20drwxr-xr-x.
   2 root root 4096 May 22:14. Drwxr-xr-x. Root root 4096 May 16 17:07. -rw-r--r--.  1 root root  . bash_logout-rw-r--r--.  1 root root  176 may  . Bash_profile-rw-r--r--.  1 root root  124 may  . Bashrc-rw-r--r--.  1 root root    

Command Description: Create a file in the/etc/skel/directory Readme, and then we create a new user, found in the user's home directory also has a default readme. Therefore, it concludes thatall files in the/etc/skel/directory will appear by default in the new user's home directory.

[Email protected] ~]# su-cheng[[email protected] ~]$ ls-altotal 24drwx------. 2 Cheng Cheng 4096 may 01:23. Drwxr-xr-x. 7 root  root  4096 May 12 22:15. -RW-------.  1 Cheng Cheng  01:23 bash_history-rw-r--r--. 1 Cheng Cheng  . Bash_logout-rw-r--r--. 1 Cheng Cheng  176  . bash_profile-rw-r--r--. 1 Cheng Cheng  124 may  . bashrc-rw-r--r--. 1 Cheng Cheng    

Enterprise Interview question: Please ask the following login fault principle and solution?
-bash-4.1$-bash-4.1$

Problem Example: Command Description: This problem occurs when an ordinary user forcibly deletes a variable file in the home directory.

[Email protected] ~]$ ls-altotal 20drwx------. 2 teacher teacher 4096 may 23:32. Drwxr-xr-x. 7 root    root    4096 May 12 22:15. -RW-------. 1 teacher Teacher  149 may 23:32 bash_history-rw-r--r--. 1 teacher teacher  176  . BASH_PROFILE-RW -r--r--. 1 Teacher Teacher  124  . Bashrc[[email protected] ~]$ rm./.bash*[[email protected] ~]$ ls-altotal 8DRW X------. 2 teacher teacher 4096 may 23:34. Drwxr-xr-x. 7 Root    root    

Workaround: Let's go and copy the variable files from the/etc/skel/directory back.

[Email protected] ~]# su-teacher-bash-4.1$-bash-4.1$ cp/etc/skel/.bash* ~-bash-4.1$ exitlogout[[email protected] ~]# Su-teacher[[email protected] ~]$ ls-altotal 24drwx------. 2 teacher teacher 4096 may 23:36. Drwxr-xr-x. 7 root    root    4096 May 12 22:15. -RW-------. 1 teacher teacher   23:36 bash_history-rw-r--r--. 1 teacher teacher   . 23:36 -. 1 teacher teacher  176 may 23:36. bash_profile-rw-r--r--. 1 Teacher Teacher  

Knowledge expansion * and. * Issues

[[email protected] etc]# cp/etc/skel/*/tmp/[[email protected] etc]# cd/tmp/[[email protected] tmp]# lsetc  MYSQL.SOC K  Readme[[email protected] tmp]# ls-altotal 16DRWXRWXRWT.  4 root  root  4096 23:48 dr-xr-xr-x root  root  4096 May 12 15:28. DRWXRWXRWT.  2 root  root  4096 Nov  2016. Ice-unixdrwxr-xr-x.  8 root  root  4096  etcsrwxrwxrwx.  1 MySQL mysql    0 21:08 mysql.sock-rw-r--r--.  1 root  root     0 may 23:48 readme[[email protected] tmp]#

* Hidden files are not copied, so hidden files in the/etc/skel/directory are not copied to the/tmp/directory

 So before we run cp/etc/skel/.*, let's take a look. * What's in there? [[email protected] ~]# ls/etc/skel/.*/etc/skel/.bash_logout/etc/skel/.bash_profile/etc/skel/.bashrc/etc/                       Skel/.:readme/etc/skel/..:consolekit inputrc quotatabdir_colors Iproute2                     Rcdir_colors.256color issue Rc.dDIR_COLORS.lightbgcolor Issue.bak Rc.localnetworkmanager issue.net rc.sysinitx11 Issue.ne                     T.bak RC0.DABRT kdump-adv-conf rc1.dacpi kdump.conf                   Rc2.dadjtime krb5.conf rc3.daliases latrace.conf                   Rc4.daliases.db LATRACE.D Rc5.dalsa Ld.so.cache RC6.D stuff too much below omitted .... 

. * Even the things under etc are copied out, why is this? Don't forget, there's something in the catalogue, and.

. Represents the current directory,.. Represents the parent directory. So . * Copy all files from the parent directory as well. So we can not use when copying hidden files. * To represent all .

User management commands in detail Add user commands Useradd
    • The commands for adding users are Useradd and AddUser, and the two commands can achieve the same effect. Of course, in addition to the Useradd and AddUser commands, we can also modify the user profile/etc/passwd and/etc/group and manual file creation method to add users directly, but it is not recommended here, it is recommended that you use the Useradd command uniformly, This article will only give an example for the Useradd command.
    • When using the Useradd command without the parameter option, followed directly with the added user name, the system first reads the parameters or rules defined in the configuration file/etc/login.defs and/etc/default/useradd, adds the user according to the rules set, and Add new user and user group records in/PASSWD and/etc/group files.
    • Of course,/etc/passwd and/etc/group encrypted information files/etc/shadows and/etc/gshadow will also generate records synchronously, and the system will also be based on the information configured in the/etc/default/useradd file to establish the user's home directory , and copy all the files in the/etc/skel (including the hidden Environment profile) to the new user's home directory.

Useradd Syntax:

[[email protected] ~]# Man Useradd #下面的内容源于此命令帮助的结果, for some places modified name: useradd-the tool syntax for account creation or update of new user information: useradd [-c comment] [-d home_dir] [-e expire_date] [ -f Inactive_time] [-g initial_group] [G-group[,....] [-m [-K Skeleton_dir] | -m] [-s shell] [-u uid[-o][-n][-r] login] useradd-d [-G default_ Group] [-B default_home] [-f default_inactive] [-e default_expire_date] [-s Default_shell] Description: New account creation When the class= parameter is not added -d "kw", the useradd instruction uses the command column to specify the setting value of the new account and the default value on the system (referred to above/etc/ Configuration files such as Login.defs and/etc/default/useradd). The new user account will generate some system files, such as the creation of user directories, copy of the start file, etc., which can be specified using the command column options. This version is provided for Red Hat Linux, which allows each new user to create a group with the same name as the user, and cannot add the-n option for this purpose.  

To make it easier to see, we use a tabular approach to show the useradd available parameter options to everyone as follows:
|useradd parameter Options | Note Description (special color needs to be mastered) |
|--|--|
|-c comment| New Account description bar for password file |
|-d home_dir| The Home_dir used when the new account is logged in. The default value is Default_home login name, and as the login directory name |
|-e expire_date| 账号终止日期。日期的指定格式为MM/DD/YY或者YYYY-MM-DD |
|-f inactive_day| account expires a few days after the permanent stop right. The account at 0 o'clock is immediately deactivated. This function is turned off when the value is-1, and the default is -1|
|-g initial_group| group 名称以数字来作为用户登入起始用户组(group)。用户组名须为系统现有存在的名称。用户组数字也须为现有存在的用户组,预设的用户组数字为1. |
|-g group,[...]| Define this user as a member of several different groups, each with a comma separated by ",". The user group name is limited to the-G option. The default value is the user's starting user group.
The |-m| user directory is automatically created if it does not exist. |
|-m| 不建立用户家目录,优先于/etc/login.defs文件的设定。一般创虚拟用户时不建立家目录,部署服务时需要创建虚拟用户。 |
|-n| the user's user group is the same as the user's name by default. If the command has the-n argument, the user group with the same name will not be generated. |
|-r| This parameter is used to establish the System account. |
|-s shell| 用户登入后使用的shell名称。默认值不填写,这样系统会帮你指定预设的登入shell(根据/etc/default/useradd预设的值)。cat /etc/shells系统支持的shell |
|-u uid| 用户的ID值。这个值必须是唯一的,除非用-o选项。数字不可为负值 |

Example 1:useradd-c,-u,-g,-s,-d,-m multiple parameter combinations example, customizing the user home directory.

Example 2: New user default account termination date

Example 3: Default shell type when adding a user/bin/bash to/bin/sh

 [[email protected] ~]#   cat/etc/ Shells #查看当前系统支持的shell种类 /bin/sh /bin//sbin/nologin /bin/dash / Bin/tcsh /bin/csh[[email protected]  ~]#   grep Shell/etc/default/useradd # View the current default SHELL configuration  shell=/bin/bash[[email protected]  ~]#   useradd-d-s/bin/sh #修改为/bin/sh  [[email protected] ~]#   grep shell/etc/default/useradd #查看修改结果  shell=/bin/sh #   modified successfully  
View Code

In particular, this changes only the default value of the configuration file, which is only valid for the new user that was created later, regardless of the old user .

Notice, here I change the shell type, useradd new user when found login, will appear the following login fault!

-bash-4.1$-bash-4.1$

  

Linux User Management-Primary

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.