The security context of the process:
Process runs in its capacity as originator
Process file access, depending on the user rights to initiate this process of
System users: In order to be able to make that kind of background processes or services processes running in a non-administrator's identity, usually created for this purpose more than ordinary users, such users from the system without logging in, only to let other processes run their identity, so that only You can get general authority
groupadd commands: Add Group
Using the format: groupadd [options] group_name
Common options:
-g GID: Specifies GID; a default GID + 1 group
-r: Create a system group
groupmod command: Modify Group Properties
Using the format: groupmod [Options] GROUP
Common options:
-g GID: Modify GID
-n new_name: Modify the group name
groupdel Command: delete group
Use the format: groupdel GROUP
useradd: Create a user, adduser useradd link is pointing to a file, the same function as useradd
Using the format: useradd [options] login
Common options:
-u, --uid UID: Specifies the UID; default and gid
-g, --gid GROUP: Specifies basic group ID, a group to give this preexisting
-G, --groups GROUP1 [, GROUP2, ... [, GROUPN]]]: Additional specified user belongs to the group, a plurality of groups separated by commas
-c, --comment COMMENT: Notes indicate information
-d, --home HOME_DIR: to specify a path for the user's home directory; rename achieved by copying the / etc / skel directory; specified home directory path in advance if there is, it will not copy the configuration file for the user environment
-s, --shell SHELL: Specifies the user's default shell, available to all shell list is stored in / etc / shells file
-r, --system: Create System User
Note: many default settings configuration file when creating user /etc/login.defs
Other using the format:
useradd -D: Creating a default display configuration user
useradd -D options: Modify the default value of the option
Modify the results stored in the / etc / default / useradd file, but also to modify the default configuration file when creating a user by modifying the file
usermod command: Modify User Attributes
Using the format: usermod [options] Login
Common options:
-u, --uid UID: modify the user ID specified for the new UID here
-g, --gid GROUP: amend the basic group the user belongs
-G, --groups GROUP1 [, GROUP2, ... [, GROUPN]]]: Additional modifying groups the user belongs; original additional groups will be covered
-a, --append: use with -G, for a user to add a new group of additional
-c, --comment COMMENT: modify annotation information
-d, --home HOME_DIR: Modify the user's home directory; user's original file will not be transferred to a new location
-m, --move-home: it can only be used with the -d option for the original home directory to move to a new home directory
-l, --login NEW_LOGIN: modify the user name
-s, --shell SHELL: Modify the user's default shell
-L, --lock: Lock user password, which add a user before the original password string "!"
-U, --unlock: Unlock a user's password
userdel command: delete users
Using the format: userdel [options] Login
Common options:
-r: be deleted when you delete a user whose home directory;
passwd command:
使用格式:passwd [-k] [-l] [-u [-f]] [-d] [-e] [-n mindays] [-x maxdays] [-w warndays] [-i inactivedays] [-S] [--stdin] [username]
(1) passwd: Modify the user's own password
(2) passwd USERNAME: modify the specified user's password, but only root has authority
Common options:
-l, -u: lock and unlock users
-d: Clear user password string
-e DATE: an expiration date, date
-i DAYS: inactive period
-n DAYS: minimum password lifetime
Maximum age password: -x DAYS
-w DAYS: warning period
--stdin:
echo "PASSWORD" | passwd --stdin USERNAME
gpasswd command:
Group password file: / etc / gshadow
Using the format gpasswd [Options] group
-a USERNAME: add a user to a group
-d USERNAME: remove users from a group
newgrp command: temporarily switch group specified base set;
Using the format: newgrp [-] [group]
-: simulates a user logs back on to achieve re-initialize their work environment;
chage command: change user password expiration information
Using the format: chage [options] login
Common options :( reference passwd)
-d
-E
-W
-m
-M
id command: display the user's real and effective ID
Using the format: id [OPTION] ... [USER]
Common options:
-u: Show only active UID
-g: show only the basic set of user ID's
-G: displays only the ID of all groups the user belongs
-n: display the name instead of ID, can not be used alone
su command: switch user
Login type switch: will be re-initialized by reading the target user's profile
su - USERNAME
su -l USERNAME
Nonlogin type switch: do not read the target user's profile is initialized
su USERNAME
Note: No password administrator can switch to any other user;
Common options:
-c 'COMMAND': only specified as the specified user to run a command here;