user
root
The most privileged user in Linux. The account we registered is not a root user and has insufficient permissions, such as not being able to create new files in the root directory.
Each user only has the maximum authority under his own home, and other places only have read-only, execute authority, and no modification authority.
You can log in through su [-] root(it seems that the default password is 1234556, but mine is not, I don’t know if it’s a problem with the new version or I didn’t pay attention when setting up the virtual machine) or , sudo su [-] [root]and switch to the root user by default, and you can change the user name. We already know that we can temporarily gain permission through the sudo command.
exitOr ctrl+d to return to the previous user. Ordinary users need passwords to switch users, but root switches do not.
sudo
Root is not safe, or sudo is safer to execute a single command. Of course, users need to have sudo permission to use it.
sudoers file editor
Every once in a while using the sudo command requires re-entering the password. Can it be configured so that no manual input is required?
There is a sudoers file, which is stored under etc/sudoers. Can be sudo visudoedited .
After opening, it is still edited through the nano editor. But the difference is that the modified content will not be directly modified in the original file, but will be saved in the tmp file first.
Then the system will detect the syntax of the sudoers file, and if there is a syntax error, it will ask you whether to save or re-modify. Be sure not to save the wrong edits! ! ! Because if the sudoers file is wrong, the sudo command cannot be used in the future, and if you want to modify the sudoers file, you need to use the sudo command, and you can't change it.
Add a sentence:
%adm ALL=(ALL)NOPASSWD:ALL, where adm is the username. It means that all users in the adm group do not need a password when using sudo, and this is true for any command.
Users and Usergroups
Users and user groups can be configured in linux, and each user can be in multiple groups.
Permissions can be set for a user or for a user group.
user
useradd [-g -d] userName
-g: Specify the group you are in. If not specified, a group with the same name will be automatically created and joined. If a group with the same name already exists, -g must be added.
-d: Specify the user's home path, if not specified, it will automatically be under /home/userName.
userdel [-r] userName
-r: Delete the home directory.
id [userName]View users, and view yourself by default.
user group
groupadd groupName
groupdel groupName
usermod -aG userName groupName
Use getent passwdor view the contents of /etc/passwd, line by line:
用户名:密码(x 代表有密码):userId:groupId:desc:家目录(该用户初次登录时处于哪个目录):该用户使用的 shell 。
getent groupView group information.
permissions
ls -lThe file list can also view permissions.
The first column: the permission control information of the file.
The third column: belongs to the user.
The fourth column: belongs to the user group.
There are 10 bits of file permission control information, and their respective meanings are:
Let’s expand after the soft link~
r: read. w: Write (add, delete, rename folders, create files in folders). x: Execute (cd this folder).
chmod change permissions
chmod [-R] 权限 文件或文件夹
-R means to apply this permission to all subcontents in the folder.
Permissions look like u=rwx, g=rx, o=x.
When a file permission is rwxrwxrwx, this file will be displayed in red ls -lin .
Quickly modify permissions method:
For example, we want to set a file to rwx rx x, that is, binary 7 5 1, chmod 715 test.txt.
chown Change permission control
Change the owner of a file or folder directly.
chown [-R] [user]:[userGroup] 文件或文件夹, -R also means iteration.
chown usr test.txt
chown :usrGroup test.txt
However, ordinary users do not have permission to execute this command, only the root user can execute it.