Summary of Linux system user management commands

User and Group Management

1. Basic concepts of users and groups

Users and groups:
. Every process (running program) on the system runs as a particular user.
. Every file is owned by a particular user.
. Access to files and directories are restricted by user.
. The user associated with a running process determines the files and directories accessible to that process.

The role of users

(1) View the currently logged in user information:

[root@192 ~]# id 

(2) View the owner of the file:

[root@192 ~]# ls -l /home 

(3) View the username of the running process:

[root@192 ~]# ps axu 

User group information storage file

(1) User basic information file:

[root@192 ~]# cat /etc/passwd

/etc/passwd (colon-separated into 7 columns)
root : x : 0 : 0 : root : /root : /bin/bash
Username: x : uid : gid : Description: HOME : shell

System convention: RHEL7
uid: 0 privileged user
uid: 1~499 system user
uid: 1000+ ordinary users
The root user

meaning:
.uid is 0
. all power
. This user has the power to override normal privileges on the file system
. Installing or removing software and to manage system files and directories
. Most devices can only be controlled by root

(2) User password information file:

[root@192 ~]# cat /etc/shadow 

/etc/shadow (colon-separated into 9 columns)
root : $ 6$ FSPVbNE… : : 0 : 99999 : 7 : : :
1) "Login name" is the user account that matches the login name in the /etc/passwd file

2) The "Password" field stores the encrypted user password. If it is empty, the corresponding user has no password and does not need a password when logging in;
An asterisk indicates that the account is locked;
Double exclamation marks indicate that the password has expired;
Those starting with $ 6$ indicate that they are encrypted using SHA-512;
$ 1$ indicates that it is encrypted using MD5;
$ 2$ is encrypted using Blowfish;
$5$ is encrypted with SHA-256;

3) "Last modification time" indicates the number of days from a certain moment to the last time the user changed the password. The starting time may be different for different systems. For example, in SCOLinux, the starting point is January 1, 1970.

4) "Minimum time interval" refers to the minimum number of days required between two password changes.

5) "Maximum time interval" refers to the maximum number of days a password remains valid.

6) The "Warning Time" field indicates the number of days from when the system starts warning the user to when the user's password officially expires.

7) “Inactivity time” refers to the maximum number of days that a user can remain valid without logging in. (Soft limit. The number of days after the expiration date the account cannot be used.)

8) The "Expiration Time" field gives an absolute number of days. If this field is used, it will give the life span of the corresponding account. After the expiration, the account is no longer a valid account and can no longer be used to log in. (Hard limit.)

9) Retention

(3) Group information file:

[root@192 ~]# cat /etc/group

/etc/group (colon-separated into 4 columns)
root : x : 0 :
Group name: Group password: Group ID: Group members (Group members are empty by default)

2. User/Group Management

user

(1) Create a user without specifying options:

[root@192 ~]# useradd user01 

summary:
If no options are specified when creating a user, the system will create a group with the same name as the user as the user's Primary Group.

(2) Create user-specified options:

[root@192 ~]# useradd user02 -u 1503 //Create user user02 and specify uid
[root@192 ~]# useradd user03 -d /aaa //Create user user03 and specify the home directory 

(3) Deleting a user:

[root@192 ~]# userdel -r user02

(4) User password:

Method 1: Root changes the password of other users (user03).

[root@192 ~]# passwd user03 

Method 2: User (user03) logs in and changes the password himself.

[user03@192 ~]$ passwd 

(5) Group member management:

Note: usermode -G group name user name

[root@192 ~]# usermod -G hr user03 

(6) Other option management:

[root@192 ~]# usermod -s /sbin/nologin user03

Modify the login shell to restrict user03 from logging in

User Groups

(1) Create a group without specifying options:

[root@192 ~]# groupadd db 

(2) Create a group to specify options:

[root@192 ~]# groupadd net01 -g 2000 //Add group net01 and specify gid 2000 

(3) View group information:

[root@192 ~]# grep 'net01' /etc/group //View the information of group net01 in /etc/group 

(4) Delete a group

[root@192 ~]# groupdel net01 //Delete group net01

Because it has been deleted, it is not displayed when viewing.

Classification

(1) Basic group/main group

The basic group of the user with the same name is automatically created when the user is created, and is displayed in /etc/passwd

(2) Additional group

Other groups the user is a member of.

Command Summary

1 useradd is the command to create a user.
2 usermod is a command to modify users.
3 groupadd is the command to create a group.
4 -u specifies the user's UID.
5 -g specifies the user's basic group.
6 -G specifies additional groups for the user.
7 /etc/passwd can view the user's basic group.
8 /etc/group You can view the user's additional groups.

This concludes this article about the summary of Linux system user management commands. For more relevant Linux system user management commands, please search 123WORDPRESS.COM’s previous articles or continue to browse the following related articles. I hope everyone will support 123WORDPRESS.COM in the future!