1.Linux users are divided into ordinary user accounts and Superuser user accounts.
The 2.Linux group accounts are divided into private groups and standard groups. When you create a new user, but do not specify the group to which he belongs, automatically creates a group that is the same as the user name.
3. When a user belongs to more than one group, the group to which they are logged in is the primary group, and the other groups are called additional groups.
The account system under 4.Linux has a/etc/passwd/etc/shadow/etc/group/etc/gshadow file.
5.groupadd, add group account-G Specify group GID number
6.groupmod, modify the system already exists group account number, G Specify group GID number,-n new_group
7.groupdel Delete Group account number
8.Useradd Add user account.
9.usermode Modify user account information
10.userdel Delete a group account that already exists in the system
11.PASSWD Set User password
12. Set the default setting of/etc/login.defs password effect, Pass_max_days set the number of days after the user to change the password, pass_min_days set the password modified to specify how many geniuses allowed to change the password, pass_min_ Len sets the minimum number of characters for the password, pass_warn_age the number of days before the expiration of the password to notify the user to change the password
13. Modify/etc/default/useradd Inactive Specify how long the password expires, and if no changes are made to the password, change the account to an invalid state. Default value -1 expire set a password expiration time for all new users
14.change, set password aging for existing users.
User Switching commands
Su and sudo
SU directly switches to Superuser, the average user switching to Superuser must know the root password of the super user
sudo executes system commands directly using sudo, executing commands without knowing the root user's password,
Su-Toggle user work environment at the same time
-P does not switch user work environment (default)
-C executes commands as specified user
sudo is able to limit the commands that users use, and sudo can provide the process by which logging uses Superuser to perform actions
sudo configuration file saved in/etc/sudoers
When sudo defaults to 5-minute superuser privileges,
Sudo-l Display Current User
Sudo-v Extended Password Effectiveness
Sudo-b executes the password in the background
Sudo-u to the specified user as the new identity
Sudo-i simulate a new user identity initialize shell
Assign users permission to use the sudo command to modify the file/etc/sudoers
(1) Documentation notes and notes: #开头的行为注释行
All represents all
% to represent group names after
! Non -
End of line/Express endurance
Special characters must be escaped
(2)/etc/sudoers file content components
1> alias definition section: User_alis,host_alias,runas_alias,cmnd_alias
2> configuration Options section, specified by default
3> Rights Assignment section, format User (user) host (host) =runas (user can switch) cmnd (command executed)
NOPASSWD in front of the command: You can use the command without entering a password. RunAs omitted to represent root
User Status command:
WHOAMI displays the name of the current user
Groups displays the groups that the specified user belongs to
ID shows user identity
NEWGRP converts the user from the current group to the specified additional group.
See more highlights of this column: http://www.bianceng.cnhttp://www.bianceng.cn/OS/Linux/