Linux User Management

The Linux operating system is very cumbersome to manage multiple users, so it becomes simple to manage users with the concept of groups. Each user can be in an independent group, and each group can also have zero users or multiple users. .
Linux system users are identified based on user ID. The default ID length is 32 bits, and the default ID number starts from 0. However, in order to be compatible with the old system, the user ID is limited to less than 60,000. Linux users are divided into three types, respectively as follows:

 root user (ID 0)

 System user (ID 1-499)

Ordinary users (ID 500 and above)

Each file or folder in the Linux system has a user and group to which it belongs. Use the id command to display the current user's information, and use the passwd command to modify the current user's password. The characteristics of Linux operating system users are as follows:

Each user has a UserID, the operating system actually reads the UID, not the user name;

Each user belongs to a main group and one or more subsidiary groups. A user has 31 subsidiary groups at most;

Each group has a GroupID;

Each process runs as a user, who can have resource control authority over the process;

Each login user has a designated Shell environment.

  Linux user management
Linux users can perform daily management and maintenance on the operating system. The related configuration files are as follows:

/etc/passwd save user information

 /etc/shdaow save user password (stored in encrypted form)

 /etc/group save group information

 /etc/login.defs user attribute restrictions, password expiration time, maximum password length and other restrictions

 /etc/default/useradd Display or change the default useradd configuration file

If you need to create a new user, you can use the command useradd, and execute the command useradd test1 to create the test1 user. At the same time, a group test1 with the same name will be created. By default, the user belongs to the main group test1.

The Useradd test1 command creates user test1 by default, and will operate according to the following steps:

 Add user information in the /etc/passwd file;

If you use the passwd command to create a password, the password will be encrypted and stored in /etc/shdaow;

 Create a home directory for test1: /home/test1;

 Copy the file starting with .bash in /etc/skel to the /home/test1 home directory;

 Create the test1 group with the same user name, and the test1 user belongs to the same name group test1 by default;

 The test1 group information is stored in the /etc/group configuration file.

When using the useradd command to create a user, the following parameters can be supported:

 

Usage: useradd [options] login

useradd -D

useradd -D [options]

 

Options:

-b, --base-dir BASE_DIR specifies the home directory of the new account;

 

-c, --comment COMMENT GECOS field of the new account;

 

-d, --home-dir HOME_DIR The home directory of the new account;

 

-D, --defaults display or change the default useradd configuration;

 

-e, --expiredate EXPIRE_DATE The expiration date of the new account;

 

-f, --inactive INACTIVE The password inactive period of the new account;

 

-g, --gid GROUP The name or ID of the main group of the new account;

 

-G, --groups GROUPS additional group list for new accounts;

 

-h, --help display this help information and launch;

 

-k, --skel SKEL_DIR Use this directory as the skeleton directory;

 

-K, --key KEY=VALUE Do not use the default value in /etc/login.defs;

 

-l, --no-log-init Do not add this user to the database of recent logins and login failures;

 

-m, --create-home creates the user's home directory;

 

-M, --no-create-home do not create the user's home directory;

 

-N, --no-user-group do not create a group with the same name;

 

-o, --non-unique allows creating users with duplicate UIDs;

 

-p, --password PASSWORD The new account password after encryption;

 

-r, --system create a system account;

 

-R, --root CHROOT_DIR chroot the directory;

 

-s, --shell SHELL The login shell of the new account;

 

-u, --uid UID The user ID of the new account;

 

-U, --user-group create a group with the same name as the user;

 

-Z, --selinux-user SEUSER Specify SEUSER for SELinux user mapping.

Linux group management
  All Linux or Windows systems have the concept of groups, which can be used to manage users more conveniently. The concept of groups is applied to various industries. For example, companies use department, function, or geographic area classification to manage members, which are mapped on the Linux system , You can also create users and manage them with the concept of groups.

The Linux group has the following characteristics:

 Each group has a group ID;

 Group information is stored in /etc/group;

 Every user has at least one main group and can also have 31 subsidiary groups.

Groups are managed through the commands groupadd, groupdel, and groupmod. The detailed parameters are as follows:

 

groupadd usage

-f, --force If the group already exists, exit successfully;

And if the GID already exists, cancel -g;

-g, --gid GID use GID for the new group;

-h, --help display this help information and launch;

-K, --key KEY=VALUE Do not use the default value in /etc/login.defs;

-o, --non-unique allows to create groups with duplicate GIDs;

-p, --password PASSWORD to use this encrypted password for the new group;

-r, --system create a system account;

groupmod usage

-g, --gid GID change the group ID to GID;

-h, --help display this help information and launch;

-n, --new-name NEW_GROUP renamed to NEW_GROUP;

-o, --non-unique allows the use of duplicate GIDs;

-p, --password PASSWORD change the password to (encrypted) PASSWORD;

groupdel usage

groupdel admin delete the admin group;