Linux is a multiuser operating system that users can perform multiple use of system resources within their purview, interference between multiple users. From window system is a multi-user operating system win7, win7 Intuitively it seems only a single user, but after switching to a guest user executes the shutdown findings suggest that another user is using, which is more intuitive user experience.
User and group concept
Like the windows, the system requires the user to log in and password under linux, generally differentiated root super user and ordinary users, of which the root user has the highest authority, and can be managed as well as rights to the ordinary user's password assignment. Public behavior of user groups of different users sucked abstracted to form a group, as long as the members of this group have access to user groups have the resources to have.
The relationship between users and user groups
The relationship between users and groups, similar to database tables and table relationships, that there is one to one, one to many and many to many relationships.
(1) a user corresponding to a user group
(2) a user can belong to several user groups, a user can have multiple user groups
In linux, / etc / passwd, / etc / shadow and / etc / group file is saved three user and user group information, the operation of these three documents can be achieved to create users and user groups, modify, and delete and user group management for users.
Users and groups operations
The following operations are based centos6.5.
User-related
(1) The user creates the useradd [options]} {user name, common options are
[amdha02 the root @ ~ ]] # the useradd the Usage: the useradd [Options] the LOGIN
the Options: -C, - Comment the COMMENT Specifies a description -d, --home- the dir HOME_DIR new user's home directory, and generally used in conjunction with -m - G, - GID the gROUP specify the new user's primary group, not shown in the / etc / group in -G, - groups the gROUPS specify additional new user group, / group displayed in the / etc -m, --create- Home If you do not create a directory user's home directory -r, - system variables added to the system, will be used when adding users to install mysql mysql -s, - shell sHELL Specifies the user's login shell, the default is / bin / bash -u , --uid UID specified user uid
With no options, the default will add a user group, centos default user create user uid 500 from the start, and create a work space in the / home directory.
Create a user zhangshan, designated work space, the main group, additional group and shell program
Create a pseudo-user, specify the shell program for the / sbin / nologin, so users can not log in.
You can give pseudo-user password. 
Users can not switch to prompt the user is available.
(2) the user to modify the usermod [options] {username}, and add users similar to the above common options, in addition -aG option, the user group is added on behalf of the current user.
Modify the normal user lisi
Adding additional modifying group lisi
(3) the user to delete userdel [options] {username}, commonly used for the -r option, if not delete the user retains the user's home directory, if coupled with the -r option will remove the user's home directory.
Delete lisi, and delete working directory
(4) Password Management passwd [options] {username}, commonly used options to -l, -u and -d, respectively, on behalf of the account is locked, unlock accounts and delete the user password, no arguments is to change the password.
Modify password zhangsan
Lock zhangsan password, you can not remote login, in addition, remove the password can not remote login.
Use zhangsan remote login, failed
Zhangsan unlock password, re-connect remote login, ok
(5) the user switches su {} username and su - {username}, both of which can be switched, switching the former difference is still in the current directory, and the latter will switch to the new user's home directory
User group of related
(1) the user group to create the groupadd [options]} {User group name, the main options are as follows.
The Usage: the groupadd [Options] the GROUP the Options: -g, --gid new user group id specifies the GID group
-o, --non-unique and with the use of -g, represents a new group of users the system can duplicate existing group id
Create hadoop user group, a user creates hdfs groups, and use the same, and a group id hadoop
Check / etc / group information
(2) groups to modify groupmod [Option]} {User group name, the main options are as follows.
The Usage: groupmod [Options] the GROUP the Options: -g, - GID modify the GID group id of the new group -n, --new- name NEW_GROUP modify the user group name -o, --non-unique and used in conjunction with -g, It represents a new group of users the system can duplicate the existing group id
Hdfs modify user group name for the hive
(3) remove a user group groupdel {} User group name, if the deleted user group specified by the user based group, can not be deleted, but if the additional set of users may be deleted, and the relationship between the user and withdrawn.
Delete hadoop group, hadoop group advance to modify the main group of zhangsan
Delete group hive, hive group advance to modify an additional group of zhangsan
(4) switching the user group newgrp {} User group name, if a user belongs to a plurality of groups of users, if users want to access the contents of the other groups, groups need to switch.
Created in the home directory zhangsan two files belong to user groups and yangchaolin hadoop user groups, and group permissions are set to read-only, due zhangsan belongs to two groups, so that both can read documents
However, if the set of permissions in hadoop group as the unreadable, the switch to the user group can not read the file hadoop 1, but can read the file 2
passwd, shadow and group file specification
passwd
The following information is etc / passwd file in the user's root, is divided into seven sections, separated by a colon used.
root:x:0:0:root:/root:/bin/bash
(1) root: user name, do not use: - + /
(2) x: password, here is encrypted.
(3) 0: uid, root user is 0, the other segments divided according to different system versions
(4)0:group id,主组id
(5) root: Account descriptions, here meaning the root account, the general added their own accounts if you add the -c option without null
(6) / root: home directory, users log in the default workspace, and the current default only the root user can access
(7) / bin / bash: a user-specified shell interpreter
group
The following information is the / etc / group group of the root, it contains four segments, separated by a colon.
root:x:0:jerry
(1) root: User group name, the root group
(2) x: a user group code, generally not set
(3) 0: group group id, root is the group id 0
(4) jerry: the group member list, here is the root as an additional user group, the group master does not show
shadow
The following information is the root of the / etc / shadow, comprising 8 segments, separated by a colon.
root:$6$:18180:0:99999:7:::
(1) root: Username
(2) $ 6 $: a user password, there is generally MD5 encrypted password
(3) 18180: represents the number of days since the password you created, from January 1, 1970 start
(4) 0: The last and the next time interval to change the password, 0 represents not changed
(5) 99999: Creating a password from the beginning of time, the maximum number of days effective
(6) 7: 7 days before the password expires, to remind the user to change the password
(7) here is empty, if there are number represents the password expires still allowed to log within N days
(8) survival here empty, passwords, is an absolute number of days, not allowed to log on after the expiry
Reference Hirofumi: