In Linux mainly through user profiles to view and modify user information, so below we will introduce two important user profiles, so that you can better hold your users.
One: Parent file/etc/passwd
1. View configuration file/etc/passwd specific content
[Email protected] ~]# Head/etc/passwdroot:x:0:0:root:/root:/bin/bashbin:x:1:1:bin:/bin:/sbin/nologindaemon:x:2:2 :d aemon:/sbin:/sbin/nologinadm:x:3:4:adm:/var/adm:/sbin/nologinlp:x:4:7:lp:/var/spool/lpd:/sbin/nologinsync:x : 5:0:sync:/sbin:/bin/syncshutdown:x:6:0:shutdown:/sbin:/sbin/shutdownhalt:x:7:0:halt:/sbin:/sbin/haltmail:x : 8:12:mail:/var/spool/mail:/sbin/nologinuucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
'/etc/passwd ' divided into 7 fields by ': '
2. Explanation of the specific meaning of each field
- The user name (such as root in the first row is the user name), the string representing the user account.
- The account is stored in the password, where only a ' x ' instead, the early UNIX system password is actually stored here, but based on security factors, and then stored in the '/etc/shadow '.
- Represents the user identification number, also called the UID. 0 is root, usually the value of the UID range is 0~65535 (but actually can be supported to 4294967294), 0 is the Super User (root) identification number, 1~499 is reserved by the system, the ordinary user's identification number is greater than or equal to 500.
- Represents the group identification number, also called GID. This field corresponds to a record in/etc/group, in fact/etc/group and/etc/passwd are basically similar
- Note that the field does not make sense and typically records some of the user's attributes, such as name, phone, address, and so on.
- The user's home directory, which is in this directory when the user logs in. The home directory of root is/root, and the normal user's home directory is/home/username, and this field can be customized.
- Shell, when a user logs on to start a process that is used to pass a user-issued instruction to the kernel. And Redhat/centos's shell is bash, the default path is/bin/bash, if you want to set up an account to not let him log in, then you can change the field to/sbin/nologin.
Two: Sub-file/etc/shadow
1. View the contents of the configuration file/etc/shadow
[Email protected] ~]# Head-n3/etc/shadow root:$6$wo0kpkgm$ oap0wl2asae4ei4yvbxo3diu5obsyxn1y7qxb5jns70yk91avzelsr5gmogcc8duxkkzk7vyiv8wxneawnm861:15832:0:99999:7:::bin:* : 15628:0:99999:7:::d aemon:*:15628:0:99999:7:::
Similar to/etc/passwd, was ":" divided into 9 characters
2. Explanation of the specific meaning of each field
- User name, corresponding to/etc/passwd.
- Encrypt the password, the encryption algorithm is upgraded to SHA512 hash encryption algorithm, if the password bit is "!! "or" * "means no password, cannot log in, and its shell is/sbin/nologin.
- The last time the password was modified to January 1, 1970 as standard Time, each day timestamp plus 1
- Two times the password modification interval, how many geniuses can change the password, the default is 0, that is, no limit
- The expiration date of the password, the number of days after which the password expires, defaults to 99999. If set to 20, that is, 20 days after the expiry, you must change the password, or not login system.
- The warning period before the password expires, if set to 6, which means that the user will be notified 6 days before expiration.
- Account expiration grace period (relative to the 5th field). If set to 2, the password is not changed after 2 days after expiration, the user is locked.
- The life cycle of the account (which is indicated by a timestamp), the account will expire at the specified time.
- Reserved fields, no special meaning
3. How to convert time stamps
- Convert timestamp to date: [[email protected] ~] #date-D "1970-01-01 16893days" Sar APR 2 00:00:00 CST 2016
- Convert date to timestamp: [[email protected] ~] #echo $ (($ (date--date= "2016/04/02" +%s)/86400+1) 16893
Free to provide the latest Linux technology tutorials Books, for open-source technology enthusiasts to do more and better: http://www.linuxprobe.com/
Two important "Parent-child" profiles in Linux User management
