Shell account Management: User and Group management

1.Linux users are divided into ordinary user accounts and Superuser user accounts.

The 2.Linux group accounts are divided into private groups and standard groups. When you create a new user, but do not specify the group to which he belongs, automatically creates a group that is the same as the user name.

3. When a user belongs to more than one group, the group to which they are logged in is the primary group, and the other groups are called additional groups.

The account system under 4.Linux has a/etc/passwd/etc/shadow/etc/group/etc/gshadow file.

5.groupadd, add group account-G Specify group GID number

6.groupmod, modify the system already exists group account number, G Specify group GID number,-n new_group

7.groupdel Delete Group account number

8.Useradd Add user account.

9.usermode Modify user account information

10.userdel Delete a group account that already exists in the system

11.PASSWD Set User password

12. Set the default setting of/etc/login.defs password effect, Pass_max_days set the number of days after the user to change the password, pass_min_days set the password modified to specify how many geniuses allowed to change the password, pass_min_ Len sets the minimum number of characters for the password, pass_warn_age the number of days before the expiration of the password to notify the user to change the password

13. Modify/etc/default/useradd Inactive Specify how long the password expires, and if no changes are made to the password, change the account to an invalid state. Default value -1 expire set a password expiration time for all new users

14.change, set password aging for existing users.

User Switching commands

Su and sudo

SU directly switches to Superuser, the average user switching to Superuser must know the root password of the super user

sudo executes system commands directly using sudo, executing commands without knowing the root user's password,

Su-Toggle user work environment at the same time

-P does not switch user work environment (default)

-C executes commands as specified user

sudo is able to limit the commands that users use, and sudo can provide the process by which logging uses Superuser to perform actions

sudo configuration file saved in/etc/sudoers

When sudo defaults to 5-minute superuser privileges,

Sudo-l Display Current User

Sudo-v Extended Password Effectiveness

Sudo-b executes the password in the background

Sudo-u to the specified user as the new identity

Sudo-i simulate a new user identity initialize shell

Assign users permission to use the sudo command to modify the file/etc/sudoers

(1) Documentation notes and notes: #开头的行为注释行

All represents all

% to represent group names after

！ Non -

End of line/Express endurance

Special characters must be escaped

(2)/etc/sudoers file content components

1> alias definition section: User_alis,host_alias,runas_alias,cmnd_alias

2> configuration Options section, specified by default

3> Rights Assignment section, format User (user) host (host) =runas (user can switch) cmnd (command executed)

NOPASSWD in front of the command: You can use the command without entering a password. RunAs omitted to represent root

User Status command:

WHOAMI displays the name of the current user

Groups displays the groups that the specified user belongs to

ID shows user identity

NEWGRP converts the user from the current group to the specified additional group.

See more highlights of this column: http://www.bianceng.cnhttp://www.bianceng.cn/OS/Linux/