Users and groups of linux commands, linux Command groups

Users and groups of linux commands, linux Command groups

1. Files for saving user information

root:x:0:0:root:/root:/bin/bashpwftp:x:500:500::/alidata/www/wwwroot/:/sbin/nologinapache:x:48:48:Apache:/var/www:/sbin/nologinmysql:x:501:400::/home/mysql:/sbin/nologin

A total of 7 items are separated:

1	User Name
2	Password	The real password is saved in/etc/shadow.
3	UID	User ID
4	GID	Group id
5	Account Information	What is the significance of this account?
6	Home Directory	In this directory, the user has all Permissions
7	Shell Type	/Sbin/nologin non-Logon user /Bin/bash common shell /Bin/false cannot log on

 

2. New users

Useradd [-u UID] [-g GID] [-d HOME] [-mM] [-s shell] username

Case: Useradd-u 500-g 500-d/home/pwftp-s/sbin/nologin pwftp A user with a user id of 500 and a group id of 500 is created. The user name is pwftp, and the main directory is/home/pwftp, The/sbin/nologin shell used cannot be logged on. If you do not want the system to automatically create the mysql user's home directory/home/mysql, use the-M Parameter

3. delete a user

Userdel Username

Case: Userdel mysql Delete the mysql user. If only mysql user exists in the mysql user group, this group will be deleted at the same time. If the mysql logon status is correct, wait until it is logged out and then delete it. [Root @ test/root] # userdel testing <= only the account content of/etc/passwd and/etc/shadow is cut down; [Root @ test/root] # userdel-r testing <= cut down the/home/testing and/var/spool/mail/testing of this account! Be careful when issuing this command! When you remove an account, you can manually cancel the account in/etc/passwd and/etc/shadow! Generally, if this account is only "temporarily disabled", you can set the last field in/etc/shadow to 0, so that this account cannot be used, however, all data related to this account will be retained! The time to use userdel is usually "you are sure not to let this user use any data on the host !』 Disable an account: # Vi/etc/shadow /PwftpLocate the user's row Shift +Move to the end of the row and edit the status as follows: Pwftp: $6 $ fkOSovyP $ FDrG1XFhNOvy. ZnsDhrbN7Jnj/Aw1rmN2T8UewW. dcS3nrKbbkRTl. JP4/fh/weight: 16367: 0: 99999: 7 ::0: The following message is displayed when you log on to pwftp again:

Usermod-s/bin/bash mysql Modify the shell of a mysql user to bash, so that mysql can also log on. In fact, if you want to change the user's home directory, shell, or group information, directly modify the/etc/passwd file.

 

[Root @ test/root] # useradd testing <= directly create an account named testing with the default data
[Root @ test/root] # useradd-u 720-g 100-M-s/bin/bash testing <= create an account with your own settings

The number of files affected/used by this command is as follows:

/Etc/passwd

/Etc/shadow

/Etc/group

/Etc/gshadow

/Etc/skel

/Etc/default/useradd

/Etc/login. defs

5. Create a preset account:

When creating an account, if there are no special restrictions, we usually only use "useradd username" to create an account named username!

But do you know the basic settings of the default account? Hey, hey, hey !! The basic settings are in the/etc/default/useradd and/etc/login. defs files!

In login. defs, it looks a bit like the following:

MAIL_DIR/var/spool/mail <= default mail directory placement PASS_MAX_DAYS 99999 <= time when the password needs to be changed PASS_MIN_DAYS 0 <== how long the password needs to be changed PASS_MIN_LEN 5 <= Minimum Password Length (which can be larger !) PASS_WARN_AGE 7 <= a warning message sent a few days before the password is about to expire? UID_MIN 500 <= Minimum number of UIDs for the default account (minimum: 500) UID_MAX 60000 <= maximum UID limit GID_MIN 500 <= GID limit GID_MAX 60000 <= GID limit CREATE_HOME yes <= whether to create a home directory. By default, the home directory is to be created (if it is a mail server, you can cancel this project)

Almost all settings can be set here! So you need to know about this file! In addition, if you enable the mail server, the user account does not need to log on to the host,

Therefore, you do not need to give the home directory. In this case, the last GREATE_HOME item can be set to no! In addition, when you create an account with the default data, the UID of this account will be

In/etc/passwd, the "largest (actually less than 60000)" UID + 1 is the UID of the default account!

 

The useradd content is:

GROUP = 100 <= the Default User group is 100. Check whether the GROUP name is users in/etc/group! HOME =/home <= default directory created by the user's HOME directory INACTIVE =-1 <= whether or not to start. If it is set to-1, it is started! EXPIRE = <== do I need to set the "death" time? If you want the user to log on after the deadline, you can set the number of days. SHELL =/bin/bash <= What is the preset Shell? SKEL =/etc/skel <= contents of the user's home directory!

SKEL is the most important thing to know about in this project! When you create an account named testing, the default home directory will be "/home/testing,

The contents of this directory are copied by/etc/skel! Therefore, "when you want to change the content of your default home directory, you can directly write the more dynamic data in/etc/skel !』

6. Create an account with your own conditions:

  
If you want to create an account on your own, I usually like to manually add it!
  
Otherwise, add an account in the preceding example and manually modify the file of/etc/passwd!
  
 

Ii. File for saving the User Password

1./etc/shadow

  
 
 

  
  
 
   
 
    
1
 
    
Account name
 
    
 
 
   
 
   
 
    
2
 
    
Password
 
    
 
 
   
 
   
 
    
3
 
    
Last password modification date
 
    
 
 
   
 
   
 
    
4
 
    
Number of days when the password cannot be changed
 
    
 
 
   
 
   
 
    
5
 
    
Number of days the password needs to be changed
 
    
 
 
   
 
   
 
    
6
 
    
Warning period before the password needs to be changed
 
    
 
 
   
 
   
 
    
7
 
    
Account Expiration Date
 
    
 
 
   
 
   
 
    
8
 
    
Account cancellation date
 
    
If it is set to a number from <1970 to the current date of the system, it indicates that the account has been canceled, and this cannot be used.
 
   
 
   
 
    
9
 
    
Retained
 
    
 
 
   
 
  
 
 

3. Files for saving group information

1./etc/group

This file allows you to add the groups that your account wants to support! For example, if you have an account named myaccount and want this account to support the root group, you can directly add it to/etc/group! Very convenient. No instructions are required!

Root: x: 0: root Bin: x: 1: root, bin, daemon Daemon: x: 2: root, bin, daemon Sys: x: 3: root, bin, adm Adm: x: 4: root, adm, daemon

1	2	3	4
Group Name	Group Password	Group ID (GID)

4. File for saving the group password

1./etc/gshadow

  
 
 

  
  
 
   
 
    
 
root:::root 
bin:::root,bin,daemon 
daemon:::root,bin,daemon 
sys:::root,bin,adm 
adm:::root,adm,daemon
 
 
   
 
  
 
 

 

 

5. General steps for adding users:

  
When adding a user, if the user's group does not exist, you must (1) Add a group first;
  
Then (2) Add a user account. Of course, if you want to delete a group, you must first Delete the user before deleting the group! Please pay attention to this!

 

For more detailed tutorials, visit laruence's linux Private food http://u2l.info/3iltdg.

In linux, what are the USER commands in the group?

You can use groups to view the group to which the current user belongs.
Then you can view the/etc/group file. The following command is used to view the group_name group user.
Cat/etc/group | grep group_name :( it is best to include a colon, Ubuntu needs sudo)
The result is similar to the following:
Group_name: x: 1000:
This indicates that the group_name group has only one user and is a user of the same name (that is, the user name is also group_name)
If the result is similar to the following:
Root: x: 1001: root, group_name
This indicates that the root group has two users: root, group_name

How to add users to a group using commands in linux?

Useradd-g group name (groupid)-u User Name (USERID)