Manually create an account:
a. Modify passwd and add a line at the end
b. Modify shadow and add a line at the end
c. Modify group and add a line at the end
d. Copy the skel directory
Note: [root@zhg ~]# ls -l /etc/shadow
shows the result: ---------- 1 root root 829 September 30 08:20 /etc/shadow
Note: shadow does not have any permissions for root
[root@zhg ~]# ls -l `which passwd`
shows the result:- rwsr-xr-x. 1 root root 30768 February 22 2012 /usr/bin/passwd
s are special permission bits, which will be discussed in detail later.
Exercise: Manually add user hive, the basic group is hive (5000), and the additional group is mygroup
1. [root@zhg ~]# nano /etc/group
Add
hive:x:5000:
mygroup:x:504:hive in the last line
2. [root@zhg ~]# nano /etc/passwd
add
hive:x:5000:5000:Hive:/home/hive:/bin/bash to the last line
3. [root@zhg ~]# nano /etc/ shadow shadow
Introduction: It involves the calculation of the current number of days:
[root@zhg ~]# date +%s
Display result: 1475831180
[root@zhg ~]# bc
Copy the above number here and divide it by the number of seconds per day 86400 You can calculate the number of days
1475831180/86400
17081 //Indicates the number of days to today.
Division example:
3/5
0 //Because no precision is set, only integers are reserved instead of rounding
scale=2 //Set the precision, that is, keep after the decimal point Two
digits 3/5
.60 //The result is reserved two digits
and adds a line at the end
hive:!!:17081:0:99999:7:::
0: The minimum password expiration date is not limited
99999: The maximum expiration date is not limited
7: The warning time is 7 days
4. [root@zhg ~]# cp -r /etc/skel/ /home/hive
Note: Copy the user's personal environment configuration file
[root@zhg ~]# chown -R hive.hive /home /hive/
Note: Change the directory and the owner and group under the directory
[root@zhg ~]# chmod -R go= /home/hive/
Remarks: Cancel the permissions of the group and other users
5. Verify
[root@zhg ~]# ls -ld /home/hive/
Display result: drwx- ----- 2 hive hive 4096 Oct 7 17:20 /home/hive/
[root@zhg ~]# ls -la /home/hive/
display result: total 20
drwx------ 2 hive hive 4096 Oct 7 17:20 .
drwxr-xr-x. 3 root root 4096 Oct 7 17:20 ..
-rw------- 1 hive hive 18 Oct 7 17:20 .bash_logout
-rw----- -- 1 hive hive 176 Oct 7 17:20 .bash_profile
-rw------- 1 hive hive 124 Oct 7 17:20 .bashrc
[root@zhg ~]# su - hive
[hive@zhg ~]$ id //Indicates that you can log in normally
and display the result: uid=5000(hive) gid=5000(hive) groups=5000(hive),504(mygroup)
Note: hive users can use administrator su to pass, but they cannot log in directly to hive because there is no password.
6. Add a password to the user
[root@zhg ~]# openssl passwd
Password: //The password entered here cannot be seen, here is 123456 as an example
Verifying - Password: //The password entered here cannot be seen, here is the same as The same
encrypted result above: Y8CTe692rHjBc //But no impurities (no salt), how to solve it?
[root@zhg ~]# whatis passwd
shows the result: passwd (1) - update user's authentication tokens
passwd (5) - password file
passwd [sslpasswd] (1ssl) - compute password hashes
Note: The last line is passwd's password encryption command
[root@zhg ~]# man sslpasswd
where -1 (one) is encrypted using md5
-salt string is used to add impurities to the password
[root@zhg ~]# openssl passwd -1 -salt '12345678'
Password: //The password entered here cannot be seen, here is 123456 as an example to
display the result: $1$12345678$0ME5N6oDyoEAwUp7b5UDM/
Finally, copy it to /etc/shadow!
[root@zhg ~]# nano /etc/shadow
Modify the line of hive:
hive:$1$12345678$0ME5N6oDyoEAwUp7b5UDM/:17081:0:99999:7:::