Users and Groups

1. Classification of user groups

Administrator Root: A user with all rights to the system, with a UID of 0.

Normal User   :  that is, the average user , its access to the system is limited , its UID to be 500-60000 between .

System users: Protect the system operation of users, generally do not provide password login system, the UID is between 1-499.

2. Modify the user and user group commands:

Useradd usermod Userdel groupadd groupmod Groupdel

A. Add Users: useradd [options] Username

Options:-u:uid
-g:gid

-C: Note User set comment description text for account

-D: Specify user home directory, default in/home/username

-S: Specifies the shell environment in which the user resides

-G: Specified additional group

Example: Add a user test UID to 1111 home directory is/home/test, Shell is/bin/sh, additional group is root

# useradd-u 1111-d/home/test-g root-s/bin/sh test

At this time the user is not able to log in, because there is no password, and, with the password after the state exception, because there is no normal home directory of the configuration files, so, we need to configure:

[[email protected] ~]# passwd test Change the password for user test. New Password: Re-enter the new password: passwd: All authentication tokens have been successfully updated.  [Email protected] test]# cd/etc/skel/[[email protected] skel]# ls[[email protected] skel]# ls-a.  .. . bash_logout. Bash_profile. bashrc. gnome2. Mozilla[[email protected] skel]# cp-r/etc/skel/. [^.]  */home/test[[email protected] skel]# cd/home/test[[email protected] test]# ls-a.  .. . bash_logout. Bash_profile. bashrc. gnome2. Mozilla

B. Modify User: Usermod [options] Username

Options

-U uid: New UID

-G GID: New Basic Group

-G group1[,group2,... [, GROUPN]] : The new add-on group, the original additional group will be overwritten, if the original, you want to use the-a option at the same time, indicating append;

-S shell: new default shell;

-C ' COMMENT ': new annotation information;

-D Home: The new home directory will not be created automatically, the files in the home directory will not be moved to the new home directory at the same time, to create a new home directory and move the original home data, while using the-m option

-L login_name: new name;

-l:lock Specify the user, add in the/etc/shadow password bar!

-u:unlock Specify the user, will/etc/shadow the password bar! Take it off.

-E YYYY-MM-DD: Indicates the user account expiration date;

-F INACTIVE: set inactivity period;

Usermod usage is the same as useradd, except that it is used to change the user's properties.

C. Deleting a user

Userdel test # So deleted, the user is not, but the user's home directory also has

Userdel-r Test # So delete, the user and home directory are not

Groupadd Add user group: Groupadd-g 1110 groupname #指定用户组的 UID and establish

Groupmod Modify user group: Group-n group_name: New name-G GID: New GID;

Groupdel Deleting a user group: Groupdel Group

3. Group Password: gpasswd

GPASSWD [OPTION] GROUP

-A User: Adds the user to the specified group;

-D User: Remove users from the specified group

-A user1,user2,...: Set up a list of users with administrative rights

NEWGRP command: Temporarily switch base Group, if user does not belong to this group, need group password

[[email protected] ~]# gpasswd-a test rootadding user test to group Root[[email protected] ~]# gpasswd-d test Rootremovi NG user test from group root

4. Configuration of password and password files

Linux provides an integrated system management tool, userconf, that can be used to manage user accounts.

The user account itself is defined in/etc/passwd. The Linux system contains a/etc/passwd companion file, called/etc/shadow. The file is not like/etc/passwd and is readable only for the root user and contains encrypted password information.

[Email protected] ~]# CAT/ETC/PASSWD | Head-n 6root:x:0:0:root:/root:/bin/bashbin:x:1:1:bin:/bin:/sbin/nologindaemon:x:2:2:daemon:/sbin:/sbin/ nologinadm:x:3:4:adm:/var/adm:/sbin/nologinlp:x:4:7:lp:/var/spool/lpd:/sbin/nologinsync:x:5:0:sync:/sbin:/bin/ Sync[[email protected] ~]# Cat/etc/shadow |head-n 6root:$6$wc1tihr1jeisus0/$ 3xpgdigjun9xn9.n0aa9syat05di.ifshcsvwcx3vzjubmjfabsumpxhuvc3c1er1wv7xvzjk1z83qf4yuakq/:16923:0:99999:7:::bin:* : 15980:0:99999:7:::d aemon:*:15980:0:99999:7:::adm:*:15980:0:99999:7:::lp:*:15980:0:99999:7:::sync:* : 15980:0:99999:7:::

Each line defines the password information for a special account, and in the same way, each field is separated by:. The first field defines a special user account associated with this shadow entry. The second field contains an encrypted password. The remaining fields are described in the following table:

Field 3 number of days since 1/1/1970 the password has been modified
Field 4 The number of days before the password is allowed to be modified (0 means "can be modified at all times")
Field 5 The number of days before the system will force the user to modify to a new password (1 means "never modify")
The number of days that the user will be warned of expiration before field 6 password expires (-1 means "no warning")
Field 7 The number of days that the system automatically disables the account after the password expires (-1 means "never disabled")

Field 8 The number of days that the account is disabled (-1 means "The account is enabled") Field 9 reserved for future use

The information file for the group in the Save system is/etc/group

Grouping users is a means of managing and controlling access to users in a Linux system. Each user belongs to a group of users, a group can have multiple users, and a user can belong to a different group. When a user is a member of more than one group at the same time, the primary group that the user belongs to is recorded in the/etc/passwd file, which is the default group to which the login belongs, and the other groups are called additional groups. When a user accesses a file that belongs to an additional group, you must first use the NEWGRP command to make yourself a member of the group you want to access. All the information for the user group is stored in the/etc/group file. The format of this file is also similar to the/etc/passwd file, which is separated by a colon by a number of fields, which are:
Group Name: password: Group identification number: List of users in the group
(1) "Group name" is the name of the user group, consisting of letters or numbers. The same name as the login in/etc/passwd, the group name should not be duplicated.
(2) The "Password" field holds the password word after the user group is encrypted. General Linux System user groups do not have a password, that is, this field is generally empty, or *.
(3) The "group identification number" is similar to the user identification number and is an integer that is used internally by the system to identify the group.

(4) "Group user list" is a list of all users belonging to this group, separated by commas "," between different users. This user group may be the user's primary group, or it may be an additional group.

[Email protected] ~]# Cat/etc/group | Head-n 6root:x:0:bin:x:1:bin,daemondaemon:x:2:bin,daemonsys:x:3:bin,admadm:x:4:adm,daemontty:x:5:

5. Create users in batches

NewUsers passwd format files for batch creation of users

CHPASSWD Bulk modification of user passwords

Create user files First

[email protected] ~]# cat users.txthehe:x:2000:2000::/home/hehe:/bin/bashhehe1:x:2001:2001::/home/hehe1:/bin/ bashhehe2:x:2002:2002::/home/hehe2:/bin/bashhehe3:x:2003:2003::/home/hehe3:/bin/bashhehe4:x:2004:2004::/home/ Hehe4:/bin/bash

Then create the user with NewUsers

[Email protected] ~]# newusers users.txt[[email protected] ~]# cat/etc/passwd | Tail-n 6test:x:1111:1111::/home/test:/bin/shhehe:x:2000:2000::/home/hehe:/bin/bashhehe1:x:2001:2001::/home/ Hehe1:/bin/bashhehe2:x:2002:2002::/home/hehe2:/bin/bashhehe3:x:2003:2003::/home/hehe3:/bin/bashhehe4:x : 2004:2004::/home/hehe4:/bin/bash

After creating a good user, you cannot log in, because Linux requires a password to log on to the system as a user, with the CHPASSWD command, to set a password for the user

[email protected] ~]# cat Pass.txthehe:123456hehe1:123456hehe2:123456hehe3:123456hehe4:123456[[email protected] ~]# Cat Pass.txt | chpasswd

The password is set, but the user is logged on abnormally, and as mentioned above, add the configuration file to the user's home directory

[Email protected] skel]# cp-r/etc/skel/. [^.]  */home/hehe[[email protected] skel]# cd/home/hehe[[email protected] test]# ls-a.  .. . bash_logout. Bash_profile. bashrc. gnome2. Mozilla

6. Common Small Commands

PS aux view System User process

Getent passwd User name View user's information

Groupmems-l-G group name see what users are inside the group

ID User name View UID GID Group

Users and Groups