Webmin --- user management tools in Linux

Article Title: Webmin --- user management tools in Linux. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.

I. User management basics

In Linux, there are multiple ways to manage users, including using the editing tool Vi and emacs to operate on/etc/passwd, or directly using user management commands such as addusr and deleusr, and using the pwconv command to make/etc/passwd consistent with the shadow file. Let's take a look at the common operations of user management in Linux.

1. Add users

There are three processes for adding users:

(1) write the entry items of the new user into the/etc/passwd file.

(2) create a HOME directory for the new Login User.

(3) Add an entry for the new user in/etc/group.

When a new entry is written to the/etc/passwd file, you can set the password to NOLOGIN to avoid logon to the new user. A new user is generally independent of a new group. The GID number is the same as the UID number (unless he wants to join a new group that already exists). The UID number must be different from other users, the HOME directory is usually set in the/usr or/home directory, and a directory named by the user login name is created as its main directory.

2. delete a user

Deleting a user is the opposite of adding a user. First, you can delete the user's entry items in the/etc/passwd and/etc/group files, and then delete the user's HOME directory and all files.

Rm-r/usr/loginname: Delete the entire user directory.

The crontab file in/usr/spool/cron/crontabs should also be deleted.

3. Move the user to another system

This is a complicated problem, not just copying the user's files and the user's entry items in the/etc/passwd file. The first problem is that the UID and GID of the user may already be used in another system. In this case, you must assign another UID and GID to the user to be moved, however, if you change the UID and GID of a user, you must search for all files of the user and change the original UID and GID of the file to the new UID and GID. You can use the find command to complete this modification:

Find.-user olduid-exec chown newuid {};

Find.-group oldgid-exec chgrp newgid {};

You may need to remove the following files for the user:

/Usr/mail/user and/usr/spool/cron/crontabs/user.

If the user is not removed from the system administrator's system, check the directory structure running program of the user. An insecure system user may have a SUID/SGID program that exists with other files of the user, and the SUID/SGID program may belong to another user in other systems. In this case, if you use the cpio or tar command to copy the user's directory structure to the system, the SUID/SGID program will also copy to the system without any warning information. The SUID/SGID license for such files should be deleted before users are allowed to use the new system. In short, it is safer to always check the files of The Migrated Users. You can also run the su command to enter the user's account header and copy the user file. In this way, the owner of the file is the user rather than the root user. These operations are a little too complex. Of course, using adduser and deleuser is not very simple. Next, I will introduce a Linux Remote Management Software webmin, which provides users with a WEB-based management interface, which not only simplifies user management, more importantly, it integrates the management of the entire Linux system into a unified management interface.

[1] [2] [3] Next page