User Classification
1 root super administrator
2 system user is a user of a service automatically generated not believe created the computer can not be used to log in only to ensure the normal operation of certain services such as database
3 ordinary users
The user must belong to one and only one main group -g option
A user can belong to zero or more auxiliary group -G option
Linux users and groups the main configuration file:
/ Etc / passwd: users and their attribute information (name, UID, primary group ID, etc.)
/ Etc / group: Group attribute information and
/ Etc / shadow: user passwords and their associated properties file format meaning is as follows:
- Login with name
- Password: general use sha512 encryption
- From January 1, 1970 play time password was last changed
- In a few days the password can be changed (0 indicates that at any time can be changed) How soon will run must change password
- In a few days the password must be changed (99999 represents never expires) maximum use of time
- A few days before password expiration reminder system user (the default one week) few days in advance to inform you
- The account will be locked passwords expire after a few days
- From January 1, 1970 date, number of days accounts fail
Password Expiration Time diagram:
/ Etc / gshadow: group password and their associated properties
When creating a user, if nothing is specified, the default setting will create the user's home directory as the location, file type shell, home directory, default setting is / etc / default / useradd This file is the default settings file
/ etc / skel / there is a template file in the user's home directory, which is what's inside the user's home directory newly created will have it. So we created the user's home directory in the file, the copy is from the past.
/etc/login.defs default user created other settings, such as creating a user ID number ,, time default password, password policies, permissions, etc.
When you create a user password is not set then the column shadow password file is !!, !! representatives prohibit landing system, in the shadow file to delete it !! empty password to login. X or to delete the password in the Passwd file, x represents the password in the shadow file, there is no x, there is no password, you can empty password login. That is, the password field in passwd and shadow long as there is a!, It does not allow landing
User management commands useradd
useradd [options] LOGIN
- -u UID
- Uniqueness with -o -u option, do not check the UID
- -g GID specified user belongs basic group, the group may be a name, you may be GID
- -c comment information "COMMENT" users
- -d HOME_DIR specified path (not present) to the home directory
- -s SHELL specified user's default shell program that you can list in / etc / shells file
- -G GROUP1 [, GROUP2, ...] for the user to indicate the additional group, the group must preexisting
- -N does not create a private group group call the shots, group shots using the users group
- -r Create System User CentOS 6: ID <500, CentOS 7: ID <1000
- -m Create a home directory for users of the system
- -M do not create home directories for non-system users
Some Command Reference
Create a user specifies the type of shell
Additional specified group
Specified uid, main group and additional groups
Specifies the location of the home directory
useradd -r -s / sbin / nologin mysql create -r Specifies to create a system user (id <1000) // -s shell system user to specify the user's home directory is not created by default, you can be created using a home directory -m option
Batch create user
Switch user su - wang a complete switch. root password is not required to switch to the ordinary user, the ordinary user password is required to switch the root user.
Switch to root su -