user account User related commands group classification
1. User account
super user: root is the supreme
local user: created by the administrator, the permissions are subject to certain restrictions, and they have complete permissions in their own host directory.
System users: generally do not log in to the system to maintain a service The program runs normally. (Application user)
Question: In Windows, is the administrator user the highest privileged user?
Not The classification of
users
is based on the location of the account: local account, remote (domain) account. LDAP, NIS domain server
According to the function of the account: Super user (root) UID: 0
Ordinary user is divided into the following two types:
System user UID: 1-999 In rhel6, it is 1-499, which is generally a built-in account in the system. It is not used to log in to the operating system. It is mainly built to meet the needs of its own system management. It is also called a
pseudo . Local user UID: 1000+ 500 in rhel6, also called custom user, created by the root administrator for users to log in and operate . Note : UID is the identity of each user, similar to each person's ID number. Configuration File name Account information Password information Password file description User information file /etc/passwd /etc/shadow Contains password information corresponding to users in passwd User group file /etc/group /etc/gshadow Contains group encryption information
2. User-related commands
add user
syntax: useradd username
Common parameters:
-u UID
-d home directory
-g start group # can only have one
-G additional group # can have multiple
-s login shell
Note: A user can only belong to one starting group, and one starting sister can contain multiple users. All
user account information is stored in the /etc/passwd file.
This file saves all the information of each system account in the following format (fields are separated by ":")
/etc/passwd The role of each field:
[root@xuegod72 ~]# head -1 /etc/passwd
root:x: 0:0:root:/root:/bin/bash
Username: Password placeholder: UID : GID : User description: User home directory ("~" in bash represents that) : The shell used after login
Any one of linux The operation of the command must have the identity of a user.
Specify
user UID [root@xuegod72 ~]# useradd -u 1100 sunwukong
[root@xuegod72 ~]# id #View the user's uid and
specify the user's home directory
[root@xuegod72 ~]# useradd -u 1100 -d /tmp/sunwukong sunwukong
The starting group of the specified user
[root@xuegod72 ~]# useradd -u 1100 -d /tmp/sunwukong -g xitianqujing sunwukong
[root@xuegod72 ~]# useradd -u 1100 -d /tmp/sunwukong -g 12345 sunwukong
specified user Additional group
[root@xuegod72 ~]# useradd -u 1100 -d /tmp/sunwukong -g 12345 -G shenxia meihouwang sunwukong
specified user's login shell
[root@xuegod72 ~]# useradd -s /sbin/nologin zabbix
created user's Another command
[root@xuegod72 ~]# adduser honghaier
delete user
Syntax: userdel [parameter] username
Parameters :
-r home directory together with the host directory
[root@xuegod72 ~]# userdel -r honghaier
password file
location: /etc /shadow
add password:
[root@xuegod72 ~]# passwd sunwukong
[root@xuegod72 ~]# tail -k /etc/shadow
sunwukong:$6$.BTyNB8Q397zR.KY$412……M8ZHWiidd/:16274: 0 : 99999 : 7 : : :
Username: Encrypted password: Date of last password change: Cannot be modified for a few days after modification (0 can be modified at will): Password expiration time: how many days in advance warning: grace days: account expiration time: reserved
Another
way to add a password [root@xuegod72 ~]# echo 123456 | passwd --stdin sunwukong
Modify user information
Syntax: usermod [parameter] username
Commonly used Parameters:
-u UID
-d host directory
-g start group # can only have one
-G additional group # can have multiple
-s login shell
to modify UID
[root@xuegod72 ~]#usermod -u 1024 sunwukong
modify the shell
[root@xuegod72 ~]#usermod -s /bin/bash sunwukong
modify the starting group
[root@xuegod72 ~]#usermod -g yaojing sunwukong
3. Group classification
according to the location of the account: local group, remote (domain) Groups such as LDAP, NIS
function according to the account: super user group (root) GID: 0
common user group
System user group GID: 1-999 redhat6 is 1-499
local user group GID: 1000+ redhat6 is
the configuration file of 500+ group
/etc/group
[root@xuegod72 ~]# grep rm /etc/group
rm:x:1000: rm
group name: group password placeholder: GID: group member (username)
[root@xuegod72 ~]# groupadd yaojing
[root@xuegod72 ~]# groupadd -g 1111 yaojing
[root@xuegod72 ~]# groupdel yaojing
control add User rules files
When a new user account is added, the following actions are performed by default
• Its home directory is created (usually "/home/username", unless you specify it)
• Some hidden files such as .bash_logout, .bash_profile and .bashrc are copied to the user's home directory.
• A group with the same name as the user will be created (note: unless you specify a group for the newly created user)
to solve the problem of abnormal display after the template file is deleted.
Environment preparation
[root@xuegod72 home]# ls -a /home/ bajie
. .. .bash_logout .bash_profile .bashrc .mozilla
[root@xuegod72 home]# cd bajie/
[root@xuegod72 bajie]# ls
[root@xuegod72 bajie]# rm -rf *
[root@xuegod72 bajie]# ls -a
. . . bash_logout .bash_profile .bashrc .mozilla
[root@xuegod72 bajie]# rm -rf .bash*
[root@xuegod72 bajie]# ls -a
. ..
[root@xuegod72 bajie]# exit
logout
There are stopped jobs.
[root@xuegod72 bajie]# cd
[root @xuegod72 ~]#
[root@xuegod72 ~]#
[root@xuegod72 ~]# su - bajie
-bash-4.2$
restore:
[root@xuegod72 ~]# cp /etc/skel/.bash* /home/bajie
[ root@xuegod72 ~]# ls -a /home/bajie
. .bash_history .bash_profile .cache
.. .bash_logout .bashrc .config
[root@xuegod72 ~]# su - bajie
Last login: Wed Oct 12 21:58:31 CST 2016 on pts/2
[bajie@xuegod72 ~]$
When switching users:
[root@xuegod72 ~]# su – aaa
Note:
Add -, the environment variables will be switched together when switching
Do not add -, keep the original environment variables
View
user information related commands id: Display the UID and GID information of the current effective user
[ root@xuegod72 ~]# id sunwukong
w: used to display the list of users who have logged in to the system, and to display the commands and programs being executed
[root@xuegod72 ~]# w
who: Display the information of users currently logged in to the system
[root@xuegod72 ~ ]# who
whoami: print the current valid user name
[root@xuegod72 ~]# whoami
finger: find and display user information
[root@xuegod72 yum.repos.d]# yum -y install finger
[root@xuegod72 yum.repos. d]# finger sunwukong