User and Rights Management related content for CentOS 7

User and Rights Management related content for CentOS 7

1. User, group knowledge is the relevant command

A. User's Category:

Administrator: Root

Normal User:

System User: Only for running the service program;

Login User: Normal users of system resources;

User id: UserID, UID

16bits binary number: 0-65535;

Admin: 0

Normal User:

System users:

CentOS 5, 6:1-499

CentOS 7:1-999

Login User:

CentOS 5,6:500+

CentOS 7:1000+

Management of users and groups:

The main commands are:

Group: Groupadd, Groupmod, Groupdel

Users: Useradd, Usermod, Userdel

Certification: PASSWD,GPASSWD

View user information: ID

Switch User: Su

Log in to a new group: NEWGRP

Chage command: Modify the user account for various deadlines;

Chsh change the shell of a user login, option-l displays the list of shells that the system can use to log on, like the contents of the file/etc/shells, as well as the useradd-d command

Chfn:chfn-change Your finger information change FN information

Finger-user Information Lookup Program

pwck-verify integrity of password files verifying the integrity of the password file

Grpck-verify integrity of the group files verify the integrity of the file

[email protected] ~]# Less/etc/default/useradd

# useradd defaults file

group=100

Home=/home

Inactive=-1

Expire=

Shell=/bin/bash

Skel=/etc/skel

Create_mail_spool=yes

B. Group Category:

Administrators group

General user groups

System Group

Login Group

Group ID: GroupID, GroupID

Administrators group: 0

Normal User group:

System Group:

CentOS 5,6:1-499

CentOS 7:1-999

Login Group:

CentOS 5,6:500+

CentOS 7:1000+

C. Related files for user and group commands

Uid,gid Parsing library for/etc/passwd user name

/etc/group the GID of the group name and the resolution library of the included user situation

/etc/login.defs default information when user is created: Mailbox directory, detailed expiry time information, UID value range of system user and login user, umask, encryption algorithm, etc.

/etc/default/useradd default information when user is created: Home directory situation, Shell situation, expiration time, whether there is a mailbox, whether it is inactive, etc. Same as the useradd-d results

Files that are copied by default when a user is created when the/etc/skel/home directory does not exist

[Email protected] ~]# less/etc/skel/

Total 24

Drwxr-xr-x. 3 root root and 29 02:08.

Drwxr-xr-x. 126 root root 8192 Mar 6 10:19.. /

-rw-r--r--. 1 root root 6. bash_logout

-rw-r--r--. 1 root root 193 Mar 6. Bash_profile

-rw-r--r--. 1 root root 231 Mar 6. BASHRC

Drwxr-xr-x. 4 root root Notoginseng 02:07. mozilla/

/etc/shells the list of shells that can be used to login for the current account

/etc/shadow user authentication information base: password algorithm, encrypted password string, password expiration related

/etc/gshadow Group certification Information base: password algorithm, encrypted password string, password expiration, etc.

Random digit character device file

/dev/random: The random number is returned only from the entropy pool, and the process is blocked when the random number is exhausted;

/dev/urandom: The random number is returned from the entropy pool first, and the random number is returned from the pseudo-random number generator when the entropy pool is exhausted.

2. The basic knowledge of permissions is the relevant command

File System file Permissions:

Three types of users:

Master: Owner, U

Genus Group: Group, G

Others: Other, O

Permissions:

R:readable, readable

W:writable, writable

X:excutable, executable

Rights Management:

File:

R: Can obtain the data of the file;

W: can modify the data of the file;

X: This file can be run as a process; # #规则文件一般都不能有x可执行权限

Directory:

R: You can use the LS command to get a list of all the files under it, but you can not use "ls-l" to get details, nor can you CD to this directory;

W: You can modify the list of files in this directory, that is, you can create or delete files in this directory;

X: You can use the "ls-l" command to get detailed property information for the file under it, or to CD to this directory; # #一般的目录都应该提供有x权限, because you want the CD to go in. Of course, ordinary users of the/root directory is not X-permission

RWXRWXRWX:

U owner:rwx

G group:rwx

o other:rwx

Privilege Combination mechanism:

Take owner as an example:

--- 0

--x 001 1

-w- 010 2

-WX 011 3

r-- 4

R-x 101 5

rw- 6

RWX 111 7

Permission modification, belong to the main, group related changes and other related commands Chmod,chown,chgrp

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M01/7D/4B/wKiom1blDhyxOgH8AAAvy0m16V0596.png "title=" chmod A =,.png "alt=" Wkiom1bldhyxogh8aaavy0m16v0596.png "/>

you can see " what to write and what to change ( a=, Note this usage), the user is not written to retain the original value, the modification is for the final value, equivalent to overwrite the previous value " and the root Administrator's restrictions are not the same,root has the supremacy of authority.

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/7D/49/wKioL1blEK-xXUxKAACaywux1Q4130.png "title=" chmod u +8.png "alt=" Wkiol1blek-xxuxkaacaywux1q4130.png "/>

you can see that the U+ class option is " only for which one or the specified number of changes, the bits of the user not specified are reserved."

You can see that the 777 class option "What to write and what to change is the final value of the 3 class of users, equivalent to overwriting all previous values"

Changes affect from small to u+ class commands < u= class Commands < 777 commands

chmod [OPTION] ...--reference=rfile FILE ...

This article from "BHJ_DYSF" blog, reproduced please contact the author!

User and Rights Management related content for CentOS 7