linux user management (useradd, userdel, usermod, groupadd, groupdel, chage, passwd, chpasswd)

Users manage
a user account configuration file describes the
/ etc / passwd user account information file
/ etc / shadow user account password file
/ etc / group group information file
/ etc / gshadow user group where the password file (basic waste)
/ etc / default / configure default properties useradd new account
/etc/login.defs new user attribute information

Summary:
useradd command modifies the / etc / passwd, / etc / shadow, / etc / group, / etc / gshadow ( while creating users and groups)
passwd command modifies the / etc / Shadow
groupadd command modifies the / etc / group, / etc / gshadow

-------------------------------------------------- -------------------------------------------------- -------------------------------------------------- -------------------------------------------------- -----
when adding a user, modify the four files --------- vary the md5 value
[root @ oldboyedu ~] # md5sum / etc / passwd / etc / shadow / etc / group / etc / gshadow
2fe9f002726ed0a138d67cd44722f1a6 / etc / the passwd
c2ca41415dca17f1a3dc3c286a9b9bff / etc / Shadow
c475144a13d87a400b5e16fe6bd70baf / etc / Group
659ef4f533df0fa7e457f87755fb1c27 / etc / gshadow

[root@oldboyedu ~]# useradd bingbing

[root@oldboyedu ~]# md5sum /etc/passwd /etc/shadow /etc/group /etc/gshadow
39d60eff90ecd0326fe59e6464b464ad /etc/passwd
0aa8d3b157f042876ec0190a2808a377 /etc/shadow
cee8bc6e85f9dfb9dc0a04e452e834f4 /etc/group
cdfd26351f409ee32fca53a22ad15912 /etc/gshadow

[root@oldboyedu ~]# grep bingbing /etc/passwd /etc/shadow /etc/group /etc/gshadow
/etc/passwd:bingbing:x:1004:1006::/home/bingbing:/bin/bash
/etc/shadow:bingbing:!!:17980:0:99999:7:::
/etc/group:bingbing:x:1006:
/etc/gshadow:bingbing:!:

root: x: 0: 0: root: / root: / bin / bash
username and password uid gid user to describe shell user's home directory user login

CentOS7 default shell is bash, bash is an extension of the sh, sh is the soft connection bash
[oldboyedu the root @ ~] # awk -F ":" '{} of NF Print $' / etc / the passwd | Sort | the uniq -C
. 6 / bin / the bash
. 1 / bin / Sync
. 1 / sbin / HALT
18 is / sbin / nologin
. 1 / sbin / the shutdown

[the root @ oldboyedu ~] # CAT / etc / shells
/ bin / SH
/ bin / the bash
/ usr / bin / SH
/ usr / bin / bash

nobody Username
: * Password (post !! is not set password, set a password for the long string)
: 17834 times recently changed the password, the number of days since January 1, 1970 is
: 0 time not modify the password, that is, Change password twice the minimum time interval
: 99999 user must change password for several days, 99,999 days about 270 years, from January 1, 1970 onwards
: 7 tips to change the password of the time, that is seven days before the password expiration prompt to change the password
: number of days between password expires to disable account
: the number of days the user is disabled, since January 1, 1970
: sign, reserved field
---------------------- -------------------------------------------------- -------------------------------------------------- -------------------------------------------------- ---------------------------------
/ etc / group information file group

mail: x: 12: mail, postfix
user group name of the user group password gid Group Memberships
------------------------------- -------------------------------------------------- -------------------------------------------------- -------------------------------------------------- ------------------------
default property configuration / etc / default / useradd new account

[55test the root @ ~] # CAT / etc / default / useradd
# File useradd Defaults
the GROUP = 100 # useradd If no group is specified, and the /etc/login.defs USERGROUPS_ENAB to no use or -N useradd option, this the parameters take effect. Use this when you create a user group ID
HOME = / home # create the user's home directory in this directory
INACTIVE = -1 # after the user account expiration suspended, is not enabled by default -1 means expired suspended
EXPIRE = # account expiration date, default blank, the account never expires
sHELL = / bin / bash # Add the user's default shell
sKEL = / etc / skel # default file (.bash_logout .bash_profile .bashrc) copy path
CREATE_MAIL_SPOOL = yes # create a mail file

This file modification method:
1, useradd -D -s / bin / SH # modify the default shell
2, vim / etc / default / useradd

/ etc / skel provide a user environment variable configuration file, thus adding an environment variable configuration file directory to the new user's home directory
/etc/login.defs new user attribute information
[root @ 55test ~] # cat / etc / login. defs | grep -v "#"

MAIL_DIR / var / spool / mail # mail directory

PASS_MAX_DAYS 99999 # password change the maximum number of days interval
PASS_MIN_DAYS 0 # day intervals the minimum password change
PASS_MIN_LEN 5 # minimum password length
starts before the prompt PASS_WARN_AGE 7 # password expiration days

UID_MIN 1000
UID_MAX 60000
SYS_UID_MIN 201
SYS_UID_MAX 999

GID_MIN 1000
GID_MAX 60000
SYS_GID_MIN 201
999 SYS_GID_MAX

CREATE_HOME yes # whether to create a default home directory for the user

UMASK 077 # default umask

USERGROUPS_ENAB yes # default create a user group for the user

ENCRYPT_METHOD SHA512 # default user password encryption method

Second, the user account configuration operation
useradd to add users
-s user login shell
-M do not create home directories
-u specified uid
-g belong to the specified user group
-c add a description
-d specified home directory
-e user login deadline.
[55test the root @ ~] -M # 1555 the useradd -u -s / bin / SH -e '20.19073 million' -C "What" PPL

[55test the root @ ~] # tail -1 / etc / the passwd
PPL: X: 1555: 1555: what: / home / ppl : / bin / sh

[root@ 55test ~]# chage ppl -l
Last password change : Jul 25, 2019
Password expires : never
Password inactive : never
Account expires : May 05, 57250
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7

chage view account password expiration attributes
-l displays property information
-E password expiration
after -I password expires to disable account the number of days interval
-m minimum number of days the password change interval
-M password to modify the maximum number of days between
the number of days before the password expires start -W prompt
[root 55test ~ @] # the chage the -l lili
Last Change password: Sep 21, 2019 # last modification time password
password expires: Nov 20, 2019 # password expiration, expired forced to change the password, -E parameter modification
password inactive: Dec 20 2019 # password suspended time, that password is out of date due account of the time, -I parameter modification, default -1 means stop right
account expires: never # account expiration
Minimum number of days between password change: 7 # password modify interval minimum number of days, -m parameter
maximum number of days between password change: 60 # password changes maximum number of days interval. -M parameters
Number of warning before password expires days of : Number 7 # prompt start before password expiration day, -W parameter

userdel Delete user
work often first with #Comment account to disable the account, delete the account after a period of time
-r delete the user's home directory and home directory file

usermod modify user account properties

-s user login shell
-u specified uid
-g belong to the specified user group
-c add a description
-d specified home directory
-e user login deadline.

[root@ 55test ~]# usermod -u 1556 -g kkk -s /bin/bash -e ' 20200730' -c "what the hell" ppl
[root@ 55test ~]#
[root@ 55test ~]# tail -1 /etc/passwd
ppl:x:1556:1004:what the hell:/home/ppl:/bin/bash
[root@ 55test ~]#
[root@ 55test ~]# chage -l ppl
Last password change : Jul 25, 2019
Password expires : never
Password inactive : never
Account expires : Sep 20, 57277
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7
[root@ 55test ~]#
[root@ 55test ~]# id ppl
uid=1556(ppl) gid=1004(kkk) groups=1004(kkk)

passwd to change the password
--stdin receives a password from the standard input
modified -e to force the next time the user login password
-l locked accounts
-u unlock
-d delete a user password
number of days after the password expires -i disabled accounts

Non-interactively modify the password:
Method One:
[root @ localhost ~] # echo 12345 | --stdin lili passwd
Changing password for the User lili.
Passwd: All authentication tokens Updated successfully.

Method two: (CentOS 6.X executed successfully, CentOS switch user being given the 7.X)
[the root @ localhost ~] # echo 123> Pass
[the root @ localhost ~] # --stdin the passwd KKK <Pass
Changing password for User kkk.
passwd: All authentication tokens Updated successfully

Change password chpasswd batch
method:
the CentOS 6.X
[the root @ localhost ~] # CAT User
Lili: KLL
KKK: KLL
LLL: KLL
[the root @ localhost ~] # chpasswd <User

CentOS 6.X 7.X with the CentOS
[the root @ localhost ~] # CAT User
Lili: KLL
KKK: KLL
LLL: KLL
[55test the root @ ~] # the chpasswd
Lili: KLL paste text here #
KKK: KLL
PPL: # KLL When input of press ctrl + d

方法二：
[root@ 55test ~]# tail -4 /etc/passwd|awk -F ":" '{print $1":ppp"}'|chpasswd

批量创建用户
echo boy{1..10}|xargs -n1|sed 's#.*#useradd &;echo &|passwd --stdin &#'|bash
echo boy{01..10}|xargs -n1|sed -rn 's#(.*)#useradd \1;echo 123456|passwd --stdin \1 #gp'|bash

Batch delete user
echo boy {1..10} | xargs -n1 | sed '. S # * # userdel -r & #' | bash

linux user management (useradd, userdel, usermod, groupadd, groupdel, chage, passwd, chpasswd)

Guess you like