Basic concepts of users and permissions
basic concept
User is an important part of Linux system work, user management includes user and group management
In a Linux system, whether it is a local machine or a remote login system, each system must have an account and have different permissions for different system resources.
In Linux, you can specify different permissions for each user on different files or directories
Permissions for files/directories include:
Group
In order to facilitate user management, the concept of group is proposed, as shown in the following figure
In practical applications, you can set permissions for groups in advance, and then add different users to the corresponding groups, so you don't need to set permissions for each user in turn
ls -l extension
ls-l can view the detailed information of the files in the folder, from left to right:
Permission , the first character if it is d means the directory
The number of hard links , in layman's terms, is how many ways there are to access the current directory/file
The owner , the owner of the file/directory in the home directory is usually the current user
Group , in Linux, many times, the group name and the user name will be the same
size
time
name
Simple to use chmod
chmod can modify user/group permissions on files/directories
The command format is as follows:
Tip: The above method will modify the owner/group permissions at one time
root
The root account in the Linux system is usually used for system maintenance and management , and has all access rights to all resources of the operating system
In most versions of Linux, it is not recommended to log in to the system directly with the root account .
During the Linux installation process, the system will automatically create a user account, and this default user is called "standard user"
sudo
su is the abbreviation of substitute user, which means to use the identity of another user
The sudo command is used to execute commands as other identities, the default identity is root
When the user uses sudo, he must first enter the password, and then the validity period , after which the password must be re-entered
If it is an authorized user trying to use sudo, a warning email will be sent to the administrator
Group management terminal commands
Tip: Terminal commands for creating/deleting groups need to be executed through sudo
hint:
Group information is stored in the /etc/group file
The /etc directory is a directory specially used to store system configuration information
In practical applications, you can set permissions for groups in advance, and then add different users to the corresponding groups , so you don't need to set permissions for each user in turn
User Management Terminal Commands
Tip: Terminal commands for creating users/deleting users/modifying other users ' passwords need to be executed through sudo
Create User/Set Password/Delete User
hint:
When creating a user, if you forget to add the -m option to specify the new user's home directory, the easiest way is to delete the user and recreate it
Create a user, by default a group name with the same name as the user name will be recreated
User information is stored in the /etc/passwd file
View user information
passwd file
The /etc/passwd file stores user information, which consists of 7 pieces of information consisting of 6 semicolons, which are
1. Username
2. Password (x, represents the encrypted password)
3.UID (User ID)
4. GID (Group ID)
5. User full name or local account
6. Home Directory
7. The Shell used for login is the terminal command used after login. Ubuntu defaults to dash
usermod command
usermod can be used to set the user 's primary group/additional group and login shell. The command format is as follows:
Main group : usually specified when creating a new user, the group corresponding to the GID in the fourth column of etc/passwd
Additional group : The last column in etc/group represents the user list of the group, which is used to specify additional permissions for the user
Tip: After setting the user's additional group, you need to log in again to take effect!
Note: The user added by useradd by default does not have permission to use sudo to execute commands as root. You can use the following command to add the user to the sudo additional group
which command
hint:
/etc/passwd is the file used to save user information
/usr/bin/passwd is the program used to modify user passwords
The which command can view the location of the executed command, for example:
bin和sbin
In Linux, most executable files are stored in /bin, /sbin, /usr/bin, /usr/sbin
/bin (binary) is the binary executable file directory, mainly used for specific applications
/sbin (system binary) is a binary code storage directory dedicated to system administrators, mainly used for system management
/usr/bin (user commands for applications) some software installed later
/usr/sbin (super user commands for applications) some management programs for super users
hint:
The cd terminal command is built into the system kernel and has no separate file, so the location of the cd command cannot be found with which
switch user
su does not accept the user name, you can switch to root, but it is not recommended because it is not safe
Modify file permissions
The command format is as follows:
When chmod sets permissions, you can simply use three numbers to correspond to the permissions of the owner/group and other users