The user is the identity of the system user, and the user exists as the data identity. The user is stored in the system as several characters plus several system configuration files
System configuration files involved in user information (1) /etc/passwd ###User information
user: password: uid: gid: description: home directory: the shell used by the user
As shown below, enter cat/etc/passwd in the shell window to find out the user's information
(2) View user authentication information
User: Password: Last password modification Time: Minimum validity period: Maximum validity period: Warning period: Inactive period: Account expiration date
Enter cat /etc/shadow to find out user authentication information.
(3) View group information
Group name: group password: group id: additional group members
Enter cat /etc/group to find out group information.
(4) /etc/gshadow ### group authentication information
Enter cat /etc/gshadow to find out the group authentication information.
(5) /home/username ### User home directory
(6) /etc/skel/.* ### User skeleton file
Type cat /etc/skel/.* to find out the user skeleton file.
Note that the following must be emphasized. *
User management
1. User establishment
useradd parameter username
Create a user "hello", as shown below
parameter
-u ##Specify user uid
-g ###Specify the user's initial group information, this group must exist
-G ### Specify additional groups
Appropriate use of surveillance
watch -n 2 'tail -n 1 /etc/passwd /etc/group;ls -l
Through the above experiments, we can clearly see the effect of each parameter
Use userdel -r username to delete users and configurations
As shown in the figure below, id -a westos can display all the information of the user;
Add parameters - u, -g, -G to query the user's uid, initial group id, and all group ids respectively
usermod parameter user -l ##change username -u ## change uid -g ## change gid -G ##change additional group
- aG ##Add additional group - c ##Change description - d ##Change home directory designation - md ##Change home directory designation and home directory name
3. User decentralization
(1) In the system, super users can delegate operations that ordinary users cannot perform to ordinary users
Decentralized power configuration file: /etc/sudoers
Use visudo to enter /etc/sudoers to edit
在100,101行添加##Allow hello to run useradd and userdel on localhost
hello localhost=(root) NOPASSWD:/sbin/useradd, /sbin/userdel
Execute the decentralization command
sudo command## If you execute sudo for the first time, you need to enter the current user password
in /etc/sudoers If the settings are as follows:
test desktop0.example.com=(root) NOPASSWD: /usr/sbin/useradd
- 1
Indicates that the user does not need their own password when calling the sudo command
When we finish editing and save the file, we can use the delegated power, as shown in the following figure
User authentication information
chage 参数 用户
-d ##用户密码组后一次修改的时间,如果设定成0,用户登陆系统后必须修改自己的密码
-m ##最短有效期
-M ##最长有效期
-W ##警告期
-I ##用户非活跃天数
-E ##帐号到期日格式 -E "YYYY-MM-DD"
- 1
- 2
- 3
- 4
- 5
- 6
- 7
The chage command and parameters are used as shown in the following figure
When using the -m parameter to change the shortest validity period to 1 (indicating that the password needs to be changed after one day), if you change the password immediately, you will get the following prompt, indicating that you need to wait for a period of time to change the password
Forgot root password , the
operation procedure is as follows:
1. Restart the system
2. During the system startup phase, press the up and down keys to stop the system from booting
Press E to enter the interface as shown below
Find the linux16 boot entry line, delete the ro option from the end of this line, and change ro to rw, then add the rd.break option
The modified result is shown in the following figure
5.ctrl+x to start the system boot entry after setting
6. After entering the system, execute chroot /sysroot to switch to the real system environment
7.passwd root Change the superuser password
8. Create a file /.autorelabel to let the system scan all files ( touch /.autorelabel)
9.exit twice to automatically restart the system
The operation of steps 6-9 is shown in the figure below.
v