Lecture on Linux Account Management

Posted by Iank1968 on Thu, 16 Jan 2020 21:17:57 +0100

1. Manage user accounts

1. Overview of user accounts

Linux controls access to resources based on user identity.

2. User Account Management

1) User Account

Super user (root);
Ordinary users;
Program user;
UID (User IDentify) user identification number;

(1) User account file/etc/passwd

The /etc/passwd file is used to hold basic information such as user name, host directory, login Shell, and so on; each line corresponds to a user's account record.As follows:

(2) User account file/etc/shadow

The /etc/shadow file is used to store the user's password, account validity, etc. Each line corresponds to a user's password record.As follows:

3. Add user accounts

The format of commands and common options for adding user accounts is as follows:

Examples of applications:

<!--Establish bob User, management group is root，Additional groups are root，Specify the host directory as/bob-->
[root@centos01 ~]# useradd -d /bob -g root -G root bob
[root@centos01 ~]# tail -2 /etc/passwd
dhcpd:x:177:177:DHCP server:/:/sbin/nologin
bob:x:1001:0::/bob:/bin/bash
<!--Establish tom User, no need to create host directory, account can not log on to system-->
[root@centos01 ~]# useradd -M -s /sbin/nologin tom
[root@centos01 ~]# tail -2 /etc/passwd
bob:x:1001:0::/bob:/bin/bash
tom:x:1002:1002::/home/tom:/sbin/nologin

4. Set/change user password passwd

The basic command format syntax and common options for setting/changing user passwords are as follows:

Examples of applications:

[root@centos01 ~]# passwd Bob <!--Account Setting Password-->
Change the password of the user bob.
New password: <!--Enter password-->
Invalid password: Password did not pass dictionary check - oversimplification/systematization
 Re-enter the new password: <!--Determine the password-->
passwd: All authentication tokens have been successfully updated.
[root@centos01 ~]# passwd-l Bob <!--Lock User-->
Lock the password of the user bob.
passwd: Operation successful
 [root@centos01 ~]# passwd-S Bob <!--Check if the user is locked-->
Bob LK 2020-01-11 0 99999 7-1 (password locked).)
[root@centos01 ~]# passwd-u Bob <!--Unlock User-->
Unlock the password of the user bob.
passwd: Operation successful
 [root@centos01 ~]# passwd-S Bob <!--Check if user status is unlocked-->
Bob PS 2020-01-11 0 99999 7-1 (Password set, using SHA512 algorithm).)
[root@centos01 ~]# passwd-d Bob <!--Empty account password-->
Clear the user's password bob.
passwd: Operation successful
 [root@centos01 ~]# userdel-r Bob <!--Delete account and host directory-->
[root@centos01 ~]# tail -2 /etc/passwd
dhcpd:x:177:177:DHCP server:/:/sbin/nologin
tom:x:1002:1002::/home/tom:/sbin/nologin

5. Initial profile of user account

The file is copied from the / etc/skel directory when you create a new user account; the primary user initial profile is as follows:

~/.bash_profile: Executes at every login.
~/.bashrc: executed each time a new Bash environment is entered.
~/.bash_logout: Executes every time you log out.

2. Management Group Accounts

1. Overview of group accounts

Basic group (private group);
Additional groups (public groups);
GID: Group ID

1) Group Account Document/etc/group

The /etc/group file is used to save basic group account information; as follows:

[root@centos01 ~]# cat /etc/group
root:x:0:
bin:x:1:
daemon:x:2:
sys:x:3:
adm:x:4:
tty:x:5:
............         <!--Omit some content here-->

2) Group Account Document/etc/gshadow

The /etc/gshadow file is used to save password information for group accounts; as follows:

[root@centos01 ~]# cat /etc/gshadow
root:::
bin:::
daemon:::
sys:::
adm:::
tty:::
............         <!--Omit some content here-->

2. Add group account groupadd

The basic format of the Add Group Account command is as follows:

Examples of applications:

[root@centos01 ~]# groupadd -g 200 accp
[root@centos01 ~]# tail -3 /etc/group
tcpdump:x:72:
test:x:1000:
accp:x:200:
[root@centos01 ~]# groupadd benet
[root@centos01 ~]# tail -3 /etc/group
dhcpd:x:177:
tom:x:1002:
benet:x:1003:

3. Add and remove group members gpasswd

Set group account password and add/remove group members; basic format and common options for commands are as follows:

Examples of applications:

[root@centos01 ~]# Gpasswd-a bob benet<!--Join users to a group (create bob users yourself)-->
//Adding user'bob'to the'benet' group
[root@centos01 ~]# tail -2 /etc/group
tom:x:1002:
benet:x:1003:bob
[root@centos01 ~]# Gpasswd-M tom, Lisi benet <!--Bulk add users to benet group-->
[root@centos01 ~]# tail -2 /etc/group
benet:x:1003:tom,lisi
lisi:x:1004:
[root@centos01 ~]# Gpasswd-d tom benet <!--Exit tom user from benet group-->
//Removing user "tom" from the "benet" group
[root@centos01 ~]# tail -2 /etc/group
benet:x:1003:lisi
lisi:x:1004:

4. Delete group account groupdel

The basic format of the delete group account command is as follows:

Examples of applications:

[root@centos01 ~]# Groupdel benet <!--Delete benet group-->

5. Specify groups when adding user accounts

The'-g'option in the useradd command specifies the user's base group name (or GID number); the'-G' option specifies the user's additional group name (or GID number).

Examples of applications:

<!--Establish bob User, management group is root，Additional groups are root，Specify the host directory as/bob-->
[root@centos01 ~]# useradd -d /bob -g root -G root bob
[root@centos01 ~]# tail -2 /etc/passwd
dhcpd:x:177:177:DHCP server:/:/sbin/nologin
bob:x:1001:0::/bob:/bin/bash

6. Query account information

1) id command

id is used to query user identity; the basic syntax format of the command is as follows:

Examples of applications:

[root@centos01 ~]# ID Bob <!--View user details-->
uid=1003(bob) gid=0(root) group=0(root),1005(benet)

2) groups command

The groups command is used to query the groups to which the user belongs; the basic syntax of the command is as follows:

Examples of applications:

[root@centos01 ~]# Groups Bob <!--Query the group the user belongs to-->
bob : root benet

3) finger command

The finger command is used to query the details of a user's account; the basic syntax of the command is as follows:

4) users, w, and who commands

users, w, and who commands are used to query user information that is logged on to the host.Examples of applications are as follows:

[root@centos01 ~]# users
root
[root@centos01 ~]# w
 01:57:23 up 53 min,  1 user,  load average: 0.00, 0.01, 0.01
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
root     pts/0    192.168.100.254  01:04    3.00s  0.05s  0.00s w
[root@centos01 ~]# 
[root@centos01 ~]# who
root     pts/0        2020-01-17 01:04 (192.168.100.254)

_________

Topics: Linux shell

Programmer Think

Lecture on Linux Account Management

1. Manage user accounts

1. Overview of user accounts

2. User Account Management

1) User Account

(1) User account file/etc/passwd

(2) User account file/etc/shadow

3. Add user accounts

4. Set/change user password passwd

5. Initial profile of user account

2. Management Group Accounts

1. Overview of group accounts

1) Group Account Document/etc/group

2) Group Account Document/etc/gshadow

2. Add group account groupadd

3. Add and remove group members gpasswd

4. Delete group account groupdel

5. Specify groups when adding user accounts

6. Query account information

1) id command

2) groups command

3) finger command

4) users, w, and who commands

Hot Topics