Linux User and Group Management

linux is a multi-user and multitasking OS. In Linux, you can create any number of user account and groups. A user is always connected to a particular group and there can be any number of groups as well.

The user home directory by default is created under “/home” directory with the user name. E.g. User techbie has home directory “/home/techbie”, the mail account is created under “/var/spool/mail/”.

Each user and group in the system is identified by a unique no called as ID.

/etc/passwd

The file whare system user account definition is done is /etc/passwd. This file has the following strucutre

#cat /etc/passwd

username:a:500:500:Some Comments:/home/username:/bin/sh

username :

The system account username. It should not start with a number or include uppercase letters

a

The password. As a points to /etc/shadow for the password. An * means the account is disabled. A random group of letters and numbers represents the encrypted password

500

the user ID(UID) for the user

500

the group ID (GID) associated with that user

Some comments

Any information can be used in this field

/home/username

By default, RHEL places new home directories in /home/username

/bin/sh

Default user shell

In order add/delete users to the system this file can be edited directly with vipw or using useradd/userdel commends a described in next sections

/etc/group

The file where system group account definition is done is /etc/group . This file has the following structure

#cat /etc/group groupname:x:500:user1,user2

groupname

The system account groupname user gets this own group. BY default when a user is crated is related to a group with groupname equal to username

x

The group password. An x points to /etc/gshadow for the password as user password on /etc/passwd random group of letters and numbers represents the encrypted password

500

The group ID (GID) associated with user

user1, user2

Lists of users that belong t the group If it’s blank means that there is a username that is identical to the groupname

In order to add/delete groups to the system this file can be edited directly with vigr or using useradd/userdel commands as described in net section

/etc/shadow

The /etc/shadow file is can be read for every user on the system so include the encrypted password there is not a good idea. For this reason the file /etc/shadow accessible to root only is used to store the encrypted password

#/etc/shadow

username: $1sdsew$ed%[email protected] :14860:0:99999:7:::

Username

Username shadow entry, it is related with username account on /etc/passwd

$1sdsew$ed%[email protected]

Encrypted password. An x in the second column of /etc/passwd means that the encrypted password is stored here

14860

Last password changed date. In Linux epoch number if days: number of days after January 1, 1970

0

The values of 0 here means that this user can keep this password forever

99999

The system will ask to user to change his password after 99999 days since account creation

::

The values means the number if days before password expiration when is made a warning is given in this case none

::

the sets the no of days after password expiration when an account is made inactive in this case none

::

the values means the number if days after password expiration when an account is disabled in this case none

Adding user account:

When a user account needs to be added to the system the commend useradd must be used:

# useradd -u 678 -c “Test add user” -d /home/techbie -s /bin/bash techbie

With this command we have created the user account techbie with UID=678 which home directory in /home/techbie and default shell bash. By default the user is assigned to a new created group silicon with GID=678. This values can be changed using the -g option

#cat /etc/passwd

techbie:x:678:678:Test add user:/home/techbie:/bin/bash

Deleting user Account:

When a user account needs to be removed in the system the commend userdel must be used:

# userdel r techbie

With this commend all information about techbie account in removed on the system, including all home directory and mail spool files.

Modifying user Account:

I order to change the parameters of an existing account the commends usermod and/or chage can be used

# usermod e 2016-07-30 techbie

Sets the expiration account day for user “techbie” to 2016-07-30

# usermod G sales techbie

Sets ‘techbie’ account group ownership to sales group

# chage E -1 techbie

Removes any account expiration date for user “techbie”

# usermod expiredate 2016-07-30 techbie

Sets the expiredate for a user account techbie

# passwd d techbie

Disable the user account techbie

# passwd u techbie

Unlock the user account techbie

时间: 2024-11-03 08:11:35

Linux User and Group Management的相关文章

如何删除 EMC存储认到的鬼盘LUNZ disk,在存储上出现initiators storage group "~management"的情况

如何删除 EMC存储认到的鬼盘LUNZ disk # lspvhdisk0          00c3d2b5101a064c                    rootvg          activehdisk1          00c3d2b5dee3325a                    rootvg          activehdisk2          none                                Nonehdisk3         

每天一个linux命令: /etc/group文件详解

Linux /etc/group文件与/etc/passwd和/etc/shadow文件都是有关于系统管理员对用户和用户组管理时相关的文件.linux /etc/group文件是有关于系统管理员对用户和用户组管理的文件,linux用户组的所有信息都存放在/etc/group文件中.具有某种共同特征的用户集合起来就是用户组(Group).用户组(Group)配置文件主要有 /etc/group和/etc/gshadow,其中/etc/gshadow是/etc/group的加密信息文件. 将用户分组

linux 学习随笔-group和user管理

1:/etc/passwd 打开该文件,可以看到每一行内容被分割成了7个字段比如:root:x:0:0:root:/root:/bin/bash 第一个字段表示用户名为root用户 第二个字段存放了该账号的密码,早期unix是存放在这,出于安全考虑,改为存放在/etc/shadow 这里用x替代 第三个字段表示了用户的uid(主) root为0 即最高权限 1-499是系统的管理账号 普通用户从500开始 如flex:x:500:500:flex:/home/flex:/bin/bash 第四个

Enabling Active Directory Authentication for VMWare Server running on Linux《转载》

Enabling Active Directory Authentication for VMWare Server running on Linux Version 0.2 - Adam Breidenbaugh - 2007-06-29 Purpose The purpose of this guide is as follows: Document the steps necessary to enable Active Directory Authentication on a Linu

Linux virtualization and PCI passthrough

Processors have evolved to improve performance for virtualized environments, but what about I/O aspects? Discover one such I/O performance enhancement called device (or PCI) passthrough. This innovation improves performance of PCI devices using hardw

Introduction to Linux

Part 1: Introduction 1. Linux Evolution and Popular Operating Systems The definition of the word Linux depends on the context in which it is used. Linux means the kernel of the system, which is the central controller of everything that happens on the

Neutron 理解(14):Neutron ML2 + Linux bridge + VxLAN 组网

http://www.cnblogs.com/sammyliu/p/4985907.html 1. 基础知识 1.1 VXLAN 和 Linux 以及 Linux bridge 的关系 VXLAN 是一个新兴的SDN 标准,它定义了一种新的 overlay 网络,它主要的创造者是 VMware, Cisco 和 Arista.它被设计来消除虚拟化网络世界中的 VLAN 数目的限制.VXLAN 本身是一个多播标准,但是大多数的企业既不情愿启用多播,而且许多网络设备也不支持多播.因此,许多 VXLA

Linux网络编程基础-socket

一.协议的概念 1. 什么是协议 从应用的角度出发,协议可理解为“规则”,是数据传输和数据的解释的规则. 假设,A.B双方欲传输文件.规定: 第一次,传输文件名,接收方接收到文件名,应答OK给传输方: 第二次,发送文件的尺寸,接收方接收到该数据再次应答一个OK: 第三次,传输文件内容.同样,接收方接收数据完成后应答OK表示文件内容接收成功. 由此,无论A.B之间传递何种文件,都是通过三次数据传输来完成.A.B之间形成了一个最简单的数据传输规则.双方都按此规则发送.接收数据.A.B之间达成的这个相

linux内核网络协议栈架构分析,全流程分析-干货

https://download.csdn.net/download/wuhuacai/10157233 https://blog.csdn.net/zxorange321/article/details/75676063 LINUX内核协议栈分析 目  录 1      说明...4 2      TCP协议...4 2.1       分层...4 2.2       TCP/IP的分层...5 2.3       互联网的地址...6 2.4       封装...7 2.5