Content
13.8 RECAP
-
Linux operating system above, on account of the group, in fact, the record is UID / GID numbers only;
-
Account user / group and the UID / GID corresponding to the reference / etc / passwd and / etc / group files two
-
/ etc / passwd file structure separated by a colon, is divided into seven fields, namely "the account name, password, UID, GID, full name, home directory,
shell ' -
UID 0 and non-0 only two types of non-0, compared to the general account. Generally divided into account the system account (1 to 999) and by an account can log
(greater than 1000) -
Account password has been moved to the / etc / shadow file, the file permissions for root only be changed. The document is divided into nine fields, in the
capacity as "account name, password encryption, password modifiers date, minimum password change date, maximum demand password change date, before the password expires police
report several days, password expiration days, the account expiration date, reserved not used. " -
It can support multiple user groups, which in the new file new file will affect the group who is a valid group. Written / etc / passwd, the first
four fields, known as initial group. -
And users to create, change parameters, delete the relevant instructions: useradd, usermod, userdel, etc., establish password was passwd;
-
And establish a group, modify, delete the relevant instructions: groupadd, groupmod, groupdel and so on;
-
Observation group and the effective switching group are: groups and newgrp instruction;
-
useradd directives referenced file has: / etc / default / useradd, /etc/login.defs, / etc / skel / etc.
-
Detailed observation of the user's password parameters, you can use 'chage -l account "to deal with;
-
User-instruction to modify parameters are: chsh, chfn the like, there are instructions observed: id, finger, etc.
-
ACL functions require file system support, CentOS 7 does have a preset XFS support ACL function!
-
ACL rights management can be a single individual or group, but the ACL startup needs the support of the file system;
-
ACL settings can use setfacl, review the use getfacl;
-
Identity can be used to switch su, sudo can also be used, but those using sudo, visudo setting command must to be used;
-
PAM module can be validated procedures of certain programs! Associated with the PAM module configuration file located /etc/pam.d/* and / etc / security / *
-
The above system account to log in the case of queries, using w, who, last, lastlog the like;
-
The user can use the online chat write, under the wall, offline using mail to send mail!
Daily Task
Eventually, you'll get old, and I will be crowned king!