User and group management related commands are described and used:
In general, the commands involved are: Useradd,usermod,passwd,userdel,groupadd,groupmod,gpasswd,groupdel,chage,chsh,chfn,id,w, Who,whoami, Su,finger
1, useradd:create a new user or update default new user information.
Usage:
useradd [ options] LOGIN
Useradd-d
useradd-d [Options]
Parameters:
- R: Create a System user
[Email protected]_server ~]# useradd-r Tom [email protected]_server ~]# cat/etc/passwd | grep tomtom:x:497:497::/home/tom:/bin/bash[[email Protected]_server ~]#
Created a Tom user, in the CENTOS6 environment, the System user range is 1-499, Tom's userid is 497, so can see this Tom belongs to the system user
- u: Specify user uid number, this number is unique
[[Email protected]_server ~]# useradd-u8000 tomcreating mailbox file:file exists[[email protected]_server ~]# cat/etc/p asswd | grep Tomtom:x:8000:8000::/home/tom:/bin/bash
By using-u to specify the user created for 8000 Tom, we can find that after the creation of Tom's userid is 8000
-G: Specifies the base group to which the user belongs, and the group must be pre-existing
[[Email protected]_server ~]# useradd-g huangyisan tom[[email protected]_server ~]# cat/etc/passwd | grep tomtom:x:506:502::/home/tom:/bin/bash[[email protected]_server ~]# cat/etc/group | grep 502huangyisan:x:502:huangyisan1,huangyisan3
Using the-G parameter to designate Tom as the Huangyisan group, cat information can find that Tom's GID is 502, while 502 corresponds to the group Huangyisan this group, stating-G is in effect. It is also important to note that in the group file, there is no Tom within the fourth paragraph of the Huangyisan.
-G: Specifies the satellite group to which the user belongs, and the group must be pre-existing
[[Email protected]_server ~]# useradd-g huangyisan tom[[email protected]_server ~]# cat/etc/passwd | grep tomtom:x:506:506::/home/tom:/bin/bash[[email protected]_server ~]# cat/etc/group | grep huangyisanhuangyisan:x:502:huangyisan1,huangyisan3,tom
By the-G to the Tom user assigned to the satellite group as Huangyisan, and then we look through the passwd, found that Tom's GID did not become 502, that Tom's main group is still reserved as Tom; View group information, Huangyisan the end of the group, Tom, It means that Tom became an affiliate in the Huangyisan group.
There is a difference between-G and-G, and the answer can be obtained by comparing the above two examples. a user will have both primary and secondary permissions, but a user can belong to only one primary group and may belong to multiple satellite groups.
-C: Assigns an alias to the added user, which can be a comment message
[Email protected]_server ~]# useradd-c "Mage Jiaoyu" Tom[[email protected]_server ~]# cat/etc/passwd | grep tomtom:x:506:506:mage Jiaoyu:/home/tom:/bin/bash
After the alias is specified by-C, a commit of Mage Jiaoyu is given in the fifth part of the passwd file.
-D: Specify the user's home directory
[Email protected]_server ~]# useradd-d/home/tom1 tom[[email protected]_server ~]# ls/home/tom1/[email protected]_ser Ver ~]# ls/home/tom1/-A. .. . bash_logout. Bash_profile. Bashrc[[email protected]_server ~]# cat/etc/passwd | grep Tomtom:x:506:506::/home/tom1:/bin/bash
Using the-D to specify the Tom user's home directory as/home/tom1 below, view the passwd file, found that Tom's home directory is/home/tom1, while entering the home directory Ls-a we can find Tom User's environment variables have been added. These environment variables are copied from under/etc/skel to the user's home directory. effective use of/etc/skel can save a lot of time when creating users, such as customizing the user's environment variables
-S: Specifies the shell environment used by the user
[[Email protected]_server ~]# useradd-s/bin/csh tom[[email protected]_server ~]#!catcat/etc/passwd | grep tomtom:x:506:506::/home/tom:/bin/csh
The shell environment of the Tom user is specified by-s as CSH, the last part of passwd is CSH, and the default is/bin/bash. The environment for all shells currently available is documented below/etc/shells.
-M: Do not create home directory for users
[[Email protected]_server ~]# useradd-m tom[[email protected]_server ~]#!catcat/etc/passwd | grep tomtom:x:506:506::/home/tom:/bin/bash[[email protected]_server ~]# ls/home/tomls:cannot access/home/tom:no such File or directory
Create Tom with the-M designation, the sixth part of passwd in the home directory of Tom, but Ls/home/tom found that there is no such directory.
- P: Set a password for the user, but the password is encrypted
[[Email protected]_server ~]# useradd-phuangyisan tom[[email protected]_server ~]# Cat/etc/shadow | grep tomtom:huangyisan:16658:0:99999:7:::
Through-p to Tom user specified Huangyisan password, to view the shadow file, found that Huangyisan is already encrypted password. after the user named Tom, password for Huangyisan Landing, found unable to login.
2, usermod:usermod-modify a user account.
Usage:
usermod [options] LOGIN
Parameters:
-U: Re-specify the user UID, which must be unique
[Email protected]_server ~]# cat/etc/passwd| grep tomtom:x:506:506::/home/tom:/bin/bash[[email protected]_server ~]# usermod-u 605 tom[[email protected]_server ~]# cat/etc/passwd| grep Tomtom:x:605:506::/home/tom:/bin/bash
Originally Tom's UID was 506, and by-U The Tom's uid was modified to 605
-G: Reassign user gid, the GID must already exist
[Email protected]_server ~]# cat/etc/passwd| grep tomtom:x:605:506::/home/tom:/bin/bash[[email protected]_server ~]# usermod-g 502 Tom[[email protected]_server ~]# cat/etc/passwd | grep Tom Tom:x:605:502::/home/tom:/bin/bash
Originally, Tom's GID was 506, and Tom's GID was modified by-G to 502
-G: Re-specify the group ID that the user belongs to, the owning group ID must already exist
[[Email protected]_server ~]# Cat/etc/group | grep huangyisanhuangyisan:x:502:huangyisan1,huangyisan3,tomhuangyisan1:x:503:huangyisan3:x:505:[[email Protected ]_server ~]# usermod-g 503 tom[[email protected]_server ~]# Cat/etc/group | grep huangyisanhuangyisan:x:502:huangyisan1,huangyisan3huangyisan1:x:503:tomhuangyisan3:x:505:
Tom was originally in a group of 502 Huangyisan, and after the-G designation, Tom was divided into 503 of Huangyisan1 's owning group.
It's not finished.
[[Email Protected]_server ~]# usermod-a-G 502 tom[[email protected]_server ~]# Cat/etc/group | grep huangyisanhuangyisan:x:502:huangyisan1,huangyisan3,tomhuangyisan1:x:503:tomhuangyisan3:x:505:
Combining the-a parameter allows Tom to be present with two groups, that is, 502 and 503.
-S: Re-specify user shell mode, the shell must exist with/etc/shells inside
[[Email protected]_server ~]# cat/etc/passwd | grep tomtom:x:605:502::/home/tom:/bin/bash[[email protected]_server ~]# usermod-s csh tom[[email protected]_server ~]# cat/etc/passwd | grep tomtom:x:605:502::/home/tom:csh
Originally, Tom's shell mode was bash, which was specified by-s and became CSH
- C: Re-specify user commit alias
[[Email protected]_server ~]# cat/etc/passwd | grep tomtom:x:605:502::/home/tom:csh[[email protected]_server ~]# usermod-c "Mage Jiaoyu" Tom[[email Protected]_server ~]# CAT/ETC/PASSWD | grep tomtom:x:605:502:mage jiaoyu:/home/tom:csh
The original Tom's commit was empty and was specified by-C as Mage Jiaoyu
- D: Re-specify user home directory
[[Email protected]_server ~]# cat/etc/passwd | grep tomtom:x:605:502:mage jiaoyu:/home/tom:csh[[email protected]_server ~]# usermod-d/home/tom1 tom[[email protected ]_server ~]# cat/etc/passwd | grep tomtom:x:605:502:mage jiaoyu:/home/tom1:csh[[email protected]_server ~]# ls-a/home/tom1ls:cannot access/home/ Tom1:no such file or directory
Originally, Tom's home directory was/home/tom, which was specified by-D and became/home/tom1, but the directory does not actually exist
It's not finished.
[Email protected]_server ~]#!cat cat/etc/passwd | grep tomtom:x:605:502:mage jiaoyu:/home/tom:csh[[email protected]_server ~]# usermod-m-d/home/tom1 tom[[email Protected]_server ~]# cat/etc/passwd | grep tomtom:x:605:502:mage jiaoyu:/home/tom1:csh[[email protected]_server ~]# ls-a/home/tom1/. .. . bash_logout. Bash_profile. BASHRC
By adding the-m parameter to the original command, you can move all the problem pieces from the original home directory to the new home directory and delete the original home directory.
Linux users and user groups and related commands (bottom)