The basic command arrangement of user management in Linux system

Time:2021-3-5

Let’s get to know the privilege management of Linux. What we recognize is not your user name and password, but your uid and GID. To put it bluntly, it’s your user ID and group ID

Copy code

The code is as follows:

>cat /etc/passwd</p>
<p>root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh

The top 0 is the user ID, and the group ID is also 0. Of course, it’s my current user root
When a user logs in, he or she will go to / etc / passwd according to your user name, such as my root. If he or she doesn’t have this user, he or she will go to / etc / shadow to find the corresponding uid password, and finally log in

Copy code

The code is as follows:

root : x : 0 : 0: root : /root: /bin/bash
Root # user name
X # represents the password, which is now stored in / etc / shadow
0 # user’s UID</p>
Root # user information column description
/Root home directory
/Bin / bash # supports shell</p>
>cat /etc/shadow
root:$6$5SjcaJAS$EH0r0LsApaWsmpoz5Zoz4iSavI7nr./VVmUi5GnFYLsScVS7fTWz9JK7E8..bNajM7jV2qBBn9fck5oiGzx0N1:16147:0:99999:7::: </p>
$…… It’s very long. That’s the code
16147? Date of password change
0 # the date when the password can be changed is the change date of the last 16147, and 0 is the change date at any time
99999 # number of days for password change
7 # password warning, that is, the password is about to expire. Windows users should have seen it
The seventh has no value. This is the password expiration date
The eighth field is the account expiration date
Field 9? Reserved

General Command

Useradd – G user secondary group

Copy code

The code is as follows:

>usermod -G users xiaowei
>grep xiaowei /etc/shadow /etc/passwd /etc/group
/etc/shadow:xiaowei:!:16147:0:99999:7:::
/etc/passwd:xiaowei:x:1001:1001::/home/xiaowei:/bin/sh
/etc/group:users:x:100:xiaowei
/etc/group:xiaowei:x:1001:

Groups supported by groups

Copy code

The code is as follows:

> groups
root xiaowei

Newgrp switch group

Copy code

The code is as follows:

>newgrp xiaowei
>id
uid=0(root) gid=1001(xiaowei) groups=0(root),1001(xiaowei)

Useradd add add account
Useradd [- U uid] [- G initial group] [- G secondary group] [- mm] [- C Description column] [- D home directory absolute path] [- s shell] user account name

Options and parameters:
-U: followed by uid, a set of numbers. Directly specify a specific uid to this account;
-G: the following group name is the initial group we mentioned above
The GID of this group will be placed in the fourth field of / etc / passwd.
-G: the group name that follows is the group that the account can also join.
This option and parameter will modify the related data in / etc / group!
-M: compulsory! Do not create user home directory! (default value of system account)
-M: compulsory! To create user home directory! (default value of general account)
-C: This is the description in the fifth column of / etc / passwd
-D: specify a directory to be a home directory instead of using the default value. Be sure to use absolute path!
-R: create a system account with a limited uid (refer to / etc/ login.defs )
-S: followed by a shell. If not specified, the default is / bin / bash
-E: followed by a date in the format of “yyyy-mm-dd”. This item can be written into the eighth field of shadow,
That is, the configuration items of the account expiration date;
-F: it is followed by the seventh field of shadow to specify whether the password will be invalid. 0 means immediate failure,
– 1 is never invalid (the password will only expire and it is forced to be reconfigured at login. )

Copy code

The code is as follows:

#Add a widuuweb user with uid of 800 and ID 1001 to create a home directory. It is described as test home directory / root / test. Login is not allowed
> useradd -u 800 -g 1001 -m -c test -d /root/test -s /sbin/nologin widuuweb
> grep widuuweb /etc/passwd
widuuweb:x:800:1001:test:/root/test:/sbin/nologin

Passwd change password
Passwd [- l] [- u] [– stdin] [- S] [- N days] [- X days] [- W days] [- I date] account < = = root function
Options and parameters:
–Stdin: the data from the previous pipeline can be used as password input, which is helpful for shell script!
-L: lock means to add! To the front of the second column of / etc / shadow to invalidate the password;
-U: opposite to – L, it means unlock!
-S: List password related parameters, that is, most of the information in the shadow file.
-N: followed by the number of days, the fourth field of shadow, how long can not modify the password days
-X: followed by the number of days, the fifth field of shadow, how long must the password be changed
-W: followed by days, field 6 of shadow, warning days before password expiration
-I: followed by “date”, field 7 of shadow, password expiration date

>Passwd – L Xiaowei ᦇ at this time, you can’t log in
>Passwd – U Xiaowei? Unlock and log in
>Passwd Xiaowei enter password change password

#Chage with the same function as passwd – S
Options and parameters:
-l: List the detailed password parameters of the account;
-d: After the date, modify the third field of shadow (the date of the last password change), format yyyy-mm-dd
-E: After the date, modify the eighth field of shadow (account expiration date), format yyyy-mm-dd
-1: After that, modify the seventh field of shadow (password expiration date)
-m: Next to the number of days, modify the fourth field of shadow (minimum password retention days)
-M: After that, modify the fifth field of shadow (how long does the password need to be changed)
-W: After that, modify the sixth field of shadow (warning date before password expiration)

Usermod modify user parameters
-C: followed by the account description, that is, the Description column in the fifth column of / etc / passwd, you can add some account descriptions.
-D: followed by the home directory of the account, that is, modify the sixth column of / etc / passwd;
-E: followed by date, the format is yyyy-mm-dd, which is the eighth field data in / etc / shadow!
-F: followed by the number of days, which is the seventh field of shadow.
-G: followed by the initial group, modify the fourth field of / etc / passwd, which is the GID field!
-G: next to the secondary group, modify the group that the user can support, and modify the / etc / group ~
-A: combined with – G, you can “add secondary group support” instead of “configuration”!
-L: followed by the account name. That is to change the account name, the first column of / etc / passwd!
-S: followed by the actual SHELL file, such as / bin / bash or / bin / CSH, etc.
-U: it’s followed by uid! That is the data in the third column of / etc / passwd;
-L: temporarily freeze the user’s password so that he can’t log in. In fact, only change the password bar of / etc / shadow.
-U: remove the! In the / etc / Shadow Password bar and unfreeze it!

Copy code

The code is as follows:

>usermod -c nihao xiaowei
xiaowei:x :1001:1001:nihao:/home/xiaowei:/bin/sh</p>
>su xiaowei
#Unable to sign in
Cannot execute /sbin/nologin: No such file or directory

Userdel delete user

Copy code

The code is as follows:

>Userdel widuweb # delete user userdel – R widuweb with home directory

id

I used it in the front

Copy code

The code is as follows:

>ID Xiaowei displays the user group information of the user
uid=1001(xiaowei) gid=1001(xiaowei) groups=1001(xiaowei),100(users)

Groupadd add add group

Copy code

The code is as follows:

>Groupadd – G 102 – R Xiaowei # – G group ID optional – R group name
>groupadd widuuweb
> grep widuuweb /etc/group
#widuuweb:x:1003:

Groupmod modify group information

Copy code

The code is as follows:

groupmod [-g gid] [-n group_ [name] group name
>groupmod -g 201 -n widuu xiaowei

Groupdel delete group

Copy code

The code is as follows:

>groupdel widuu

Gpasswd group management

Options and parameters:
: if there are no parameters, it means giving groupname a password (/ etc / gshadow)
-A: give the control of groupname to the subsequent user (the administrator of the group)
-M: add some accounts to this group!
-R: remove the password of groupname
-R: disable the password bar of groupname

Copy code

The code is as follows:

>Gpasswd – a Xiaowei widuu join widuu group
>Gpasswd widuu # set password
>Gpasswd widuu xiaowei1 join group

Recommended Today

Rust and python: why rust can replace Python

In this guide, we compare the rust and python programming languages. We will discuss the applicable use cases in each case, review the advantages and disadvantages of using rust and python, and explain why rust might replace python. I will introduce the following: What is rust? What is Python? When to use rust When to […]