Users and Groups

User Category:

Administrator

Normal user (System user, logged in user)

User id: UserID, UID

Represented by a 16bits binary number: 0-65535

Admin: 0

Normal Users: 1-65535

System User: 1-499 (CentOS6), 1-999 (CentOS7)

Login User: 500-6000 (CentOS6) 1000-6000 (CentOS7)

Group Category:

Groups ID: Group IDs

1) Administrators group:

Normal user group (System Group, login Group)

Administrators group: 0

Normal User group: 1-65535

System User group: 1-499 (CentOS6), 1-999 (CentOS7)

Login User group: 500-6000 (CentOS6) 1000-6000 (CentOS7)

2) Main group: Primary group

Auxiliary Group: Secondary Group

3)

Private group: The group name is the same as the user name and contains only a single user

Public groups: Multiple users are included in a group

Password

Library User/etc/shadow

Group/etc/gshadow

Primary configuration files for Linux users and groups:

/ETC/PASSWD: User and its attribute information (name, UID, primary group ID, etc.)

/etc/group: Group and its attribute information

/etc/shadow: User passwords and their associated properties

/etc/gshadow: group password and its related properties

Password Usage Policy:

1 Using random passwords

2 length not less than eight bits

3 Regular replacement

4 use uppercase and lowercase letters, numbers, and punctuation in at least three kinds

Individual encryption

Algorithm: MD5 message digest,128bits

Sha Secure Hash Algori,160bits

sha224

sha256

sha384

sha512

/ETC/PASSWD: User's Repository (man 5 passwd)

[email protected] ~]# cat/etc/passwd

                    nbsp     hjl : x : 500 : 500 / :: h :/bin/bash

User name, placeholder (password), Uid,gid (user belongs to group ID), gecos comment information, user's home directory, user's default Shel l

[email protected] ~]# Cat/etc/shadow

root: $6$gczhaquc$ugvvna0kag51u4hatt9ixmtk3zyeslinlmrrodkk.j/ Bf.vo4weled0ezdsljnzzjc1ohh4s6darsq33qjs.i.:17010:0:99999: 7:::

Login name, encrypted password (encryption algorithm, salt random number, encrypted password), January 1, 1970 to change password all days (last time the password), password minimum validity period, password maximum validity period, warning, expiration period, retention period

several commands for users and groups:

Group:

Groupadd Add Group:

-G GID: Specify group ID at creation time

-r: Create a System group:

Groupmod: Modifying Group properties

-ggid: Modifying GID

-N new-name Modify group name

Groupdel command: Delete a group

User:

Useradd Creating a user

-u,--uid UID designation UID

-g,--gid Group Specifies the base group ID, which must exist

-g,--groups GROUP1 (, GROUP2,...): Indicates the additional groups to which the user belongs, separated by groups

-c,--comment Comment: Specifying annotation information

eg: [[email protected] ~]# useradd-c "JJ" JJJ

-d,--home Home-dir: The specified path is the user's home directory; copy,/etc/skel, and rename the implementation: If the specified home is present, the environment profile is not replicated for the user

-s,--shell Shell: Specifies that the user's default shell is available for shell storage in/etc/shells

-R, creating the system user

-D Option: Modify the value of the default option (the modified result is saved in Etc/default/useradd)

Displays the default configuration for creating users:

UserMode: Modifying a user's properties

-u,--uid UID: Modify the user's ID

-G,--GID Group modifies the base group to which the user belongs

-a,--comment: Used with-G to append a new additional group to the user

-c,--comment Comment: Specifying annotation information

-d,--home Home-dir: Modify the user's home directory: The user's original file is not moved to a new location

-m,--move-home: can only be used with-D to move to the new home directory with the original home directory

-l,--login new-login: Modify user Name

-s,--shell Shell: Modifying the user's default shell

-l,--lock: Lock user password: That is, in the user's original password string added "! ”

-u,--unlock: Unlocking the user's password

Userdel Deleting a user

-R: Delete the user's home directory while deleting it

passwd order;

1PASSWD: Modify the user's own password

2PASSWD USERNAME: Modifies the password for the specified user, but only root has this permission

-L,-u: Locking and unlocking users

-D: Clears the user's password string

-e Date: Expiration period, date

-I days: inactivity period

-N Days: Minimum password usage period

-X days: Maximum password lifetime

-W Days: Warning period

--stdin:

echo "PASSWORD" | Passwd--stdin USERNAME

Gpasswd:/etc/gshadow

-a USERNAME: adding users to a group

-D USERNAME: Removing users from a group

NEWGRP: Temporarily switch to the specified group as the base group

chage: Change user password expiration information Chage-change User Password expiry information

ID Command: Displays the user's true and valid ID

-U: Show only valid UID

-G: Displays only the user's base group ID

-G: Displays only the IDs of all the groups that the user belongs to

-N: Display name instead of ID

Users and Groups