Linux account management

Others 2022-04-22 14:56:14 views: 0

User Identifiers: UID and GID

 

We know that there are two identity elements, one is the user UID userId and the other is the user group GID group id . For Linux systems, or for machines that are identified by id numbers, then uid and gid are set according to /etc/passwd and /etc/group .

As shown in the figure, we saw the corresponding stored user information of mind in the passwd file. The function of the ll command is equivalent to ls -al. We modified the value of 1000. After returning, we found that only the corresponding user id value was found. Name not shown. Therefore, the system uses the uid as the calibration information, and then goes to the corresponding file to find the corresponding information.

 

 

user account

 

The process of account password verification when logging in to the system is as follows

  1. First locate /etc/passwd to determine whether there is a corresponding account, and if so, read the relevant information such as uid and gid (/etc/group), including the account's home folder and shell settings
  2. Check the password table and compare it with the password in /etc/shadow
  3. If correct, enter the shell control stage

/etc/passwd file structure

This command only displays the contents of the first 5 lines. In theory, the number of lines under the file represents how many account information there are. The 0 number represents the system administrator, so if you set the uid to 0, you have root privileges. , 1-499 is the system user number used by different system services, of which 1-99 is the number used by the system account created by the system itself, 100-499 is the number of the system account added by ourselves, and 500 is the general user . account number

As shown in the figure, all the content is divided according to  :  This symbol, detailed by root

root  x 0 0 root /root /bin/bash
user name  password UID identifier GID identifier User information description User home folder location Shell specifies

/etc/shadow file structure

As shown in the figure, all the content is divided according to  :  This symbol, detailed by root

root $ 6 $ SwcB .. 17651 0 99999 7 null null null
user name password Date of last password change (days since 1/1/1970) The distance field for the number of days that the password cannot be changed 3) The number of days that the password needs to be changed again (distance field three) Number of days to warn before the password needs to be changed again (distance field three) The number of days after the password expires Account expiration date reserved text

/etc/group file structure

As shown in the figure, all the content is divided according to  :  This symbol, detailed by root

root x 0 null
group name Group password (this is for user group administrators) GID members of the group

For groups, there are initial user groups and effective user groups. The initial user group is the group it belongs to when logging in with an account. Generally, when we create a new user with useradd, an initial user with the same user name is created by default. Group, effective user group generally corresponds to the concept when creating a file. That is, which user group of the user does the new file belong to? Use the command groups to view the information of the user group. The first one is the effective user group.

The user group can be switched through newgrp, provided that the user group to which the user belongs is switched. At this time, a new shell is started to provide this function, and the user can switch back to the previous level through exit. The concept of shell will be studied in the future.

newgrp is set through /etc/gshadow. There are four fields under this file: user group name, user group administrator password, user group administrator account, and user name under the user group. The concept of user group administrator is To assist root in user management.

In general, these three files are the core files for managing user information. In passwd, the group name and other information are found in the group through the gid, and the password is found in the shadow through the user name.

 

 

Account management

  • Create user useradd
  • Modify the password passwd , followed by the user name to specify the password to be modified, not to modify the current user password
  • View password parameters, including expiration and other information chage
  • Modify user account related parameters usermod, userdel
  • View the user account related information finger , modify the personal attribute chfn , modify the shell setting chsh, and list the related id information id
  • User group addition, deletion and modification operations groupadd, groupmod, groupdel
  • User group administrators operate gpasswd

refer to:

Brother Bird's Private Kitchen

Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=325077295&siteId=291194637
Recommended
Ranking
error: (-215:Assertion failed) !_img.empty() in function ‘cv::imwrite‘
Database migration between Navicat servers
Minimum number of rotation of the array: Array
balenaEtcher for mac (make a boot disk software) v1.5.67
Custom processing serialization and deserialization in jackson
Mu-en-mask system development software
Mastering Regular Expressions
Find mileage Java--
Web pages can not directly concern the public micro-channel number how to do? A key to arouse public concern number of micro-channel solutions
[CodeForces - 739B] Alyona and a tree Tree + [difference] + bipartite
Daily
More
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)

Code World

© 2018 codetd.com