In the linux system, whether it is from the local machine or remote login system, each system must have an account, and have different permissions to use different system resources
In Linux, you can specify different permissions for different files or directories for each user
In practical applications, you can set permissions for groups in advance, and then add different users to the corresponding groups, so you don’t need to set permissions for each user in turn
3. User-related configuration files
User information file: /etc/passwd
Password file: /etc/shadow
User group file: /etc/group
User group password file: /etc/gshadow
1./etc/passwd
Each user in the
Linux system has a corresponding record line in the /etc/passwd file, which records some basic attributes of each user
A row of records in /etc/passwd corresponds to a user, and each row of records is separated into 7 fields by a colon (:). The format and specific meaning are as follows:
Username: Password: User Identification Number: Group Identification Number: Annotative Description: Home Directory: Login Shell
User identification number (UID): In fact, the user's authority is determined by the UID number. There are three types of Linux users:
Super user: (root UID=0)
Ordinary user: (UID 500~60000)
Pseudo user: (UID 1~499)
So, we can modify the user’s UID number to modify the user’s type
Pseudo users: These users also have a record in the /etc/passwd file, but cannot log in because their login shell is empty. Their existence is mainly to facilitate system management and meet the requirements of corresponding system processes for file owners.
2./etc/shadow
The record line in /etc/shadow corresponds to the one in /etc/passwd, which is automatically generated by the pwconv command based on the data in /etc/passwd
Its file format is similar to /etc/passwd, consisting of several fields, separated by ":". These fields are
Login name: Encrypted password: Last modification time: Minimum time interval: Maximum time interval: Warning time: Inactivity time: Expiration time: Sign
The pwconv: command is used to turn on the user's projection password. The user and group passwords in the Linux system are stored in files named passwd and group respectively, and these two files are located in the /etc directory. Because the system needs to operate, anyone can read them, causing security breaches.
Projection password changes the password in the file to the shadow and gshadow files in the /etc directory, which can only be read by the system administrator, and the original password is replaced with the "x" character. However, this action is usually done automatically by linux
pwunconv: command is used to close the user's projection password.
3./etc/group
Each user belongs to a certain user group; there can be multiple users in a group, and a user can also belong to different groups.
When a user is a member of multiple groups at the same time, the main group to which the user belongs is recorded in the /etc/passwd file, which is the default group to which the user belongs when logging in, and other groups are called additional groups. When a user wants to access files belonging to an additional group, he must first use the newgrp command to make himself a member of the group he wants to access.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
