-
User Profiles: / etc / passwd
cat / etc / passwd linux user profile view:
* the contents of the user profile is divided into a total of 7 sections, by: a division,
the first segment represents the user name of
the second paragraph of x represents the password stored in / etc / shadow file
third segment represents uid (user ID),
the fourth paragraph on behalf of gid (group of users numbering
in the fifth paragraph by commentary (usually empty or describe user-related comments)
sixth paragraph on behalf of the user's home directory
seventh paragraph on behalf of the user's shell (usually / bin / bash, the system creates user / sbin / nologin, etc., nologin that they can not log in) -
Password configuration file: / etc / Shadow
* password configuration file / etc / passwd file corresponding to the user profile, is divided into 9 sections by: dividing,
the first section represents the user name,
the second section represents the password (two users encrypted the same password, the encrypted value different)
third paragraph date represents the last password change (unit: days, from 1970/01/01 to calculate the number of days the last day to change the password after a number of days)
the fourth paragraph on behalf of two revision of the minimum required number of days in the middle of the password
in the fifth paragraph on behalf of a password is valid maximum number of days
before password expiration on behalf of the sixth paragraph the number of days the user is prompted to start
the seventh paragraph remain valid user account on behalf of the maximum number of days in the case are not logged in
eighth segment represents the user account expiration time
period of the ninth temporarily meaningless, retain the domain -
System backup files
* some files behind the name that appears in the / etc directory plus - symbol of the file system is automatic file backup, restore data for accidentally deleting critical files -
用户组管理
1.增加用户组:groupadd groupname
创建好用户组之后查看用户组配置文件,显示已经创建成功,gid(用户组编号)为1004*
2.创建用户组时指定gid(用户组编号),-g参数
*指定gid时选择1000以上未被使用的数字,1000以下为系统保留gid
3.删除用户组:groupdel groupname
删除用户组时,如组内有用户则不能删除*
-
用户管理
1.创建用户: useradd username
新增用户时如不指定用户组,会创建一个与username相同的组*
2.创建用户时指定用户组: -g 参数
*如下图:创建用户usertest2时,指定用户组为grouptest,创建完成后查看用户配置文件gid为用户组grouptest的gid:1001
**补充:
-u参数:指定用户uid(用户编号)
-d参数:指定用户家目录
-s参数:指定用户shell(/bin/bash、nologin等)
-M参数:在创建用户时,不创建家目录
创建用户命令还可以是:adduser username*
3.删除用户:userdel username
*需要注意在使用该命令删除用户后,不会删除用户家目录,ls /home发现usertest2用户目录还在
4.删除用户的同时删除用户家目录:-r 参数
5.usermod命令:更改用户信息
修改用户uid:usermod -u uid username
修改用户gid:usermod -g gid username
修改用户家目录:usermod -d 目录路径 username
修改用户shell:usermod -s shell路径 username
锁定用户:usermod -L username
解锁用户:usermod -U username
修改用户拓展组:usermod -G groupname username
查看用户拓展组信息:id username,linux中用户可以属于多个组,如下图第三列显示的就是用户拓展组*
给linux01用户添加用户组linux02:
给linux01用户添加多个组(linux02、linux03):
*需要给用户添加多个拓展组时,需要写上所有要添加的组用","分隔开,如果第一次添加linux02组,第二次再添加linux03组,那么linux03组会覆盖linux02组,linux01用户的拓展组就只有linux03
-
用户密码管理
1.更改密码:
root用户更改密码命令:passwd
提示密码难度不够时,再次输入即可更改成功*
普通用户更改密码命令:passwd username
*提示密码长度不够时,再次输入即可更改成功
密码更改成功后查看密码配置文件/etc/shadow中linux01的第二列已经是加密内容:
第二列显示"!!"代表用户未设置密码,不能登录*
当第二列显示 "*"号时代表密码被锁定,也是无法登陆的用户*
2.锁定与解锁用户密码:
锁定密码:passwd -l username
*将刚才创建好密码的用户linux01锁定后查看密码配置文件/etc/shadow第二列密码加密内容前面显示"!!",代表用户密码已被锁定
解锁密码:passwd -u username
解锁用户linux01的密码后,查看密码配置文件显示正常*
**锁定与解锁用户密码还可以使用上文所说的usermod命令,-L 参数:锁定密码,-U 参数:解锁密码
3.stdin参数:
给用户设置密码时,使用stdin参数,可以直接修改无须二次验证,常用语编写shell脚本中
4.一次性修改密码:(在不使用stdin参数时,也可以无需二次验证修改密码)
使用echo -e一次性修改密码,echo命令加上-e参数时,\n可以解析为换行( \t → tab),组合管道符"|"使用可以直接修改密码,无需二次验证*
- Password generation tool: mkpasswd
1. Installation Package expect: -Y yum expect the install
2. Generate a random password:
* input mkpasswd to generate a random password, -l parameter: specifies the length of the generated password, -s parameter: specifies random password generated It contains several special characters
Study Notes day7
Guess you like
Origin blog.51cto.com/14520558/2435215
Ranking