Reference Catalog for Linux learning sequence: https: //www.cnblogs.com/lv1572407/p/11815911.html
Our management operating system user interface, so the whole is very important. So we use this chapter to the user management knowledge.
The first part we only talk about some basic common sense, and delete user-created, deleted files related groups created.
1. superuser
we need to understand what is the superuser, superuser what it means.
(1) any user with UID 0 are treated as root, has all rights superuser.
(2) super-user can overwrite any file in the file system.
(3) super user can manage the software.
(4) most of the root system may be operated device.
......
2. The user and group
followed by the need to understand what users and groups, users and groups What is the relationship.
: The role of the user
(1) each process needs to be performed by the user
(2) Each file requires user as its owner
(3) access to files by setting file
access (4) associated with a user process will determine its files permissions
action group consisting of:
(1) a way to facilitate rights management
(2) and each user has only one primary group, but there may be a plurality of affiliated groups
3. the user and group related files
important documents related to users and groups there passwd, shadow and group.
In fact, there is a name for the gshadow, this document we know of its existence on the line, do not need special study.
3.1 passwd file
First, we have contact with the passwd file, mainly used to store account information.
[mysql1 the root @ ~] -n head. 1 # / etc / the passwd
the root: X: 0: 0: the root: / the root: / bin / the bash
[mysql1 the root @ ~] # man. 5 the passwd
username: password placeholder: UID: GID: user description: home directory: login shell executed
so common shell Linux operating system has what classes it?
[root @ mysql1 ~] # CAT / etc / shells
/ bin / SH
/ bin / bash
/ sbin / nologin
/ bin / Dash
/ bin / tcsh
/ bin / csh
3.2 shadow file
shadow file using information stored passwords, user-related policy information.
[mysql1 the root @ ~] -n head. 1 # / etc / Shadow
the root: $ Bjy294zPcq. 6 $ / $ VQwI51mi6OM3 Zh.8h / GPJ1tTuZigggWruXb0uOxY7YnKML3MnbfogIgfRrAouPgN / QjkRmia.rpphVICROpw7qeL60:. 17972: 0: 99999: :::. 7
[mysql1 the root @ ~] # man 5 shadow
username: visible user name, system login interface.
Password encryption: encryption method for the $ id $ salt $ encrypted. Wherein the salt is randomly generated.
Password was last modified: focus on mastering
the minimum password Modified: Learn
The maximum password Modified: Key master
password expiration warning time: master key
password expiration time available: In general, password expiration warning should appear immediately change your password.
Users expiration time: focus on mastering
reserved field: backup password information field
How do we know this information users do?
One is by looking at the shadow file, another way is to use "chage -l username", to view the associated password policy information.
[mysql1 the root @ ~] -l # the chage the root
Last Change password: On Jun 13 is, 2019
Password Expires: Never
Password inactive: Never
the Account Expires: Never
Minimum Number of Days Change password BETWEEN: 0
the Maximum Number of Days Change password BETWEEN: 99999
Number The of days of warning before password expires: 7
content we mentioned above encryption password for the user $ id $ salt $ encrypted.
Wherein the encryption algorithm represents $ id number; $ Salt is generated before the password encryption random salt; $ ENCRYPTED as encrypted passwords.
Now we see the encryption system, we can understand the relevant information by looking at the crypt function.
Recalling the "Linux help commands" man about the methods section, the function should be in the third chapter.
[mysql1 the root @ ~] # man crypt
ID | Method,
--------------------------------
. 1 | the MD5
. 5 | the SHA -256 (Operating since the glibc 2.7)
. 6 | the SHA-512 (Operating since the glibc 2.7)
3.2 Group file
[mysql1 the root @ ~] -n head. 1 # / etc / Group
the root: X: 0:
[mysql1 the root @ ~] # man. 5 group
group name: group password character stations: the GID: user group affiliated