Linux user management and file permissions

A, Linux User Management

       Different user permissions Linux system is not the same.

       root user: This user is unique, and has all the permissions system.

       general user

       Virtual User

       In Linux, user account has its own identity and unique UID

       In the Linux system UID is 0, that is super user, such as to set the administrator user, you can modify the UID is 0, it is recommended to use sudo

        UID Linux system users to install the service program will create a unique user is 1 to 999, is responsible for running

        From the beginning of 1000 the average user UID: Created by Administrator (CentOS 7), a maximum range of 1000 to 60000

        UID user id number; the GID user group id number; the root user group id number is 0

   1. Common command interpreter

        / Bin / sh default

        / Bin / bash default

        / Sbin / nologin virtual users

   2. The user profile information

       / Etc / passwd: User Information

     

  

       / Etc / shadow: the user password information

       / Etc / group: group information

       / Etc / gshadow: user group password information

       /etc/sk

  3. User Management Commands

     

      1) useradd command

          This command is used to create a new user in Linux. After the account built, then use passwd to set the account password, and userdel Delete account 

          -c <Note>: plus notes text. Note the text is saved in the memo field of the passwd;
          -d <login directory>: start directory of the specified user login;
          -D: change the default value;
          -e <expiration date>: Specifies the account expiration date;
          - f <buffer days>: Specifies the number of days after the password expires i.e. close the account;
          -g <group>: group the user belongs;
          -G <group>: an additional group specific user belongs;
          -m: automatically create the user's login directory;
          -M: Do not automatically create the user's login directory;
          -n: cancel establish a user name in the name of the group;
          -r: create a system account;
          -s <shell>: when a user logs being shell used;
          -u <UID>: specified user id.

      Create a user process:

       a. useradd user_account

       b. The system reads /etc/login.defs (user-defined file), rules, and / etc / default / useradd (default user profile) defined in the two documents create a new user

       c. passwd and / etc / group file, add the user and group information to / etc /, shadow and / etc / gshadow password information to add the / etc /

       d. Create a user home directory based on information / etc / default / useradd file configuration

       e. to copy all the files to the new user's home directory / etc / skel in

      

      

     Create a user-related directory / etc / skel

        This directory is for basic environmental variable file new users need, when you add a new user, all files are automatically copied to the home directory of this directory, and the default is a hidden file, beginning with point

     

    

    

    

   

    -D parameter is used to modify the defaults configuration file / etc / default / useradd file

    useradd -D parameter options

   

    2) usermod command        

          This command is used to modify the user information already existing systems, the user can not use the modified

    3) userdel command

          Delete users and related documentation (Advisory Notes / etc / passwd user information rather than directly delete users)

         userdel (option) (parameters)

         -f: Force delete users, even if the user is currently logged

         -r: delete users at the same time, delete all files related to the user

        

   4) groupadd command

        This command is used to create a new workgroup, a new workgroup information will be added to the file system     

        Syntax
        groupadd - Create a new group
        groupadd [-ggid [-o]] [ -r] [-f] group [[]]

        Options
           -g: Specifies the id of the new working group;
           -r: create a system working group, group ID workgroup system is less than 500;
           -K: cover profile "/ect/login.defs";
           -o: allows you to add the group ID number of working groups is not unique.

        

      5) groupdel command

           Deleting User Groups

       

      6) passwd command

           passwd command to change user passwords and expiration time, root user can modify the ordinary      

           Syntax
           passwd (option) (parameter)
           option
           -d: delete the password, only the system administrator to use;
           -f: enforcement;
           -k: set up only after the password expired before being updated;
           the -l: Lock password ;
           -s: list relevant information requiring passwords, only the system administrator to use;
           -u: to unlock the account has been locked.
           -i: How many days to disable the account password expiration
          -x: Set x days can change the password
          -n: setting may not change the password n days
          -e: password to expire immediately, forcing the user to change the password
          -w: users receive a warning before the password expires number of days

       

       

         Batch command to update the password

         a. Review the user information about the current machine

             tail /etc/passwd

         b. Batch change the password, ctrl + d input end

            chpasswd

      7) the user query related commands

            id command

            to check the user id and group commands and corresponding uid, gid information

      8)whoami、who、w、last、lastlog

            whoami: display can be used to view the current logged-on user

             w: displays the user currently logged on

          

            last, lastlog view detailed user login information

            last: command displays a list of users logged on and login time

            lastlog: command displays all current machine closest to the user login information

         

         

     9) Linux user identity switch command

          su command for switching to a specific user

          root switch ordinary users without password

          Switching ordinary users to other users, the user needs to be output password

         

        

         visudo command

          For editing / etc / sudoers file, and provides a syntax check for configuration commands sudo

         Configuring user sudo rights to oldboy

       

         sudo configuration file

      

        Sudo configuration that is aimed to make easy operation and maintenance work (the problem of inadequate permissions), do not threaten the system security

        sudo command is used to execute commands in other capacities, the default identity for the root. Sudo user executable instructions provided in / etc / sudoers in. Ordinary users do not need the root password with root privileges

        

        After configuring the / etc / sudoers file, you can mention the right to user commands, sudo command

        Root performs switching operation using sudo su -, need to enter the current user's password

        

Guess you like

Origin www.cnblogs.com/jiawei2527/p/12650675.html