Linux基础入门篇之用户管理
Posted 千锋教育
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Linux基础入门篇之用户管理相关的知识,希望对你有一定的参考价值。
groupadd,groupdel
useradd,usermod,userdel
passwd,chage
1 用户/组基本概念
Users and groups:
. Every process (running program) on the system runs as a particular user.
. Every file is owned by a particular user.
. Access to files and directories are restricted by user.
. The user associated with a running process determines the files and directories accessible to that process.
查看当前登录的用户信息:
[root@tianyun ~]# id
uid=0(root) gid=0(root) groups=0(root)
查看文件的owner:
[root@tianyun ~]# ll /home/
drwx------. 4 alice alice 4096 Jun 2 15:59 alice
drwx------. 2 root root 16384 Jun 1 23:09 lost+found
drwxr-xr-x 2 root root 4096 Jun 2 15:33 tianyun
查看运行进程的username:
[root@tianyun ~]# ps aux |less
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 19360 1536 ? Ss 13:29 0:00 /sbin/init
root 2 0.0 0.0 0 0 ? S 13:29 0:00 [kthreadd]
root 3 0.0 0.0 0 0 ? S 13:29 0:00 [migration/0]
root 4 0.0 0.0 0 0 ? S 13:29 0:00 [ksoftirqd/0]
和用户组相关的一些文件:
/etc/passwd root:x:0:0:root:/root:/bin/bash
用户名:x:uid:gid:描述:HOME:shell
/etc/shadow root:$1$MYG2NDG6$a1wtyr5GDM2esAPjug0YP0:15636:0:99999:7:: :
$id$salt$encrypted
/etc/group root:x:0:
[root@tianyun ~]# man 5 passwd
[root@tianyun ~]# man 5 shadow
[root@tianyun ~]# man 5 group
[root@tianyun ~]# man 3 crypt
加密算法$id:
$1: MD5
$5: SHA-256
$6: SHA-512
系统约定: RHEL6
uid: 0 特权用户
uid: 1~499 系统用户
uid: 500+ 普通用户
The root user
. uid is 0
. all power
. This user has the power to override normal privileges on the file system
. installing or removing software and to manage system files and directorie
. Most devices can only be controlled by root
2 给普通用户提权
以下两种方式都可以将普通用户提升为root
1.
Switching users with su
[alice@tianyun ~]$ useradd u1
-bash: /usr/sbin/useradd: 权限不够
[alice@tianyun ~]$ su - root
password:
[root@tianyun ~]# useradd u1
2.
Running commands as root with sudo
以root身份授权普通用户
[root@tianyun ~]# vim /etc/sudoers
%wheel ALL=(ALL) NOPASSWD: ALL
[root@tianyun ~]# useradd yangyang -G wheel
[root@tianyun ~]# id yangyang
uid=504(yangyang) gid=504(yangyang) 组=504(yangyang),10(wheel)
[yangyang@tianyun ~]$ useradd gougou10
-bash: /usr/sbin/useradd: 权限不够
[yangyang@tianyun ~]$ sudo useradd gougou10
[yangyang@tianyun ~]$ id gougou10
uid=505(gougou10) gid=505(gougou10) 组=505(gougou10)
3 用户/组管理
用户组:
[root@tianyun ~]# groupadd hr
[root@tianyun ~]# groupadd sale
[root@tianyun ~]# groupadd it
[root@tianyun ~]# groupadd fd
[root@tianyun ~]# groupadd market
[root@tianyun ~]# groupadd net01 -g 2000 //添加组net01,并指定gid 2000
[root@tianyun ~]# grep 'net01' /etc/group //查看/etc/group中组net01信息
[root@tianyun ~]# groupdel net01 //删除组net01
用户:
useradd creates users
==创建用户 未指定选项==
[root@tianyun ~]# useradd user01
. 未指定该用户的主组
. 未指定该用户的附加组
. 未指定用户的HOME
. 未指定用户的SHELL
. 未指定用户的UID...
[root@tianyun ~]# grep 'user01' /etc/passwd /etc/shadow /etc/group
/etc/passwd:user01:x:507:512::/home/user01:/bin/bash
/etc/shadow:user01:!!:16589:0:99999:7:::
/etc/group:user01:x:512:
[root@tianyun ~]# id user01
uid=507(user01) gid=512(user01) groups=512(user01)
[root@tianyun ~]# ls /var/spool/mail/user01
/var/spool/mail/user01
小结:
如果创建一个用户时,未指定任何选项,系统会创建一个和用户名相同的组作为用户的Primary Group.
==创建用户 指定选项==
[root@tianyun ~]# useradd user02 -u 503 //创建用户usr02,指定uid
[root@tianyun ~]# useradd user03 -d /aaa //创建用户user03 指定家目录
[root@tianyun ~]# useradd user05 -s /sbin/nologin //创建用户并指定shell
[root@tianyun ~]# useradd user07 -G hr,it,fd //创建用户,指定附加组
[root@tianyun ~]# useradd user10 -u 4000 -s /sbin/nologin
userdel deletes users
==删除用户==
[root@tianyun ~]# userdel user10 //删除用户user10,但不删除用户家目录和mail spool
[root@tianyun ~]# ll -d /home/user10/
drwx------ 3 506 510 4096 09-01 21:14 /home/user10/
[root@tianyun ~]# ll /var/spool/mail/user10
-rw-rw---- 1 506 mail 0 09-01 21:14 /var/spool/mail/user10
[root@tianyun ~]# userdel -r user2 //删除用户user2,同时删除用户家目录和mail spool
==用户密码==
[root@tianyun ~]# passwd alice
[zhuzhu@tianyun ~]$ passwd
usermod modifies existing users
==组成员管理==
注意:只针对已存在的用户
[root@tianyun ~]# usermod -G hr niuniu2 //覆盖原有的附加组
[root@tianyun ~]# usermod -G fd,it niuniu2
[root@tianyun ~]# usermod -aG hr niuniu2 //增加新的附加组
==其它选项管理==
[root@tianyun ~]# usermod -s /sbin/nologin niuniu2
4扩展知识
useradd创建用户时,参照的文件...
[root@tianyun ~]# vim /etc/login.defs
MAIL_DIR /var/spool/mail
PASS_MAX_DAYS 30
PASS_MIN_DAYS 0
PASS_MIN_LEN 5
PASS_WARN_AGE 7
CREATE_HOME yes
ENCRYPT_METHOD SHA512
[root@tianyun ~]# vim /etc/default/useradd
SHELL=/sbin/nologin
Password aging
# chage -m 0 -M 90 -W 7 -I 14 username
chage -d 0 username will force a password update on next login.
chage -l username will list a username's current settings.
chage -E YYYY-MM-DD will expire an account on a specific day.
手动创建用户示例:
[root@tianyun~]# useradd maomao100
[root@tianyun~]# echo 123456 |passwd --stdin maomao100
[root@tianyun~]# chage -d 0 maomao100 //强制用户在下一次登录时修改密码
将多个用户加入到指定的组:
[root@tianyun~]# gpasswd -a jack wheel //usermod -aG hr zhuzhu
[root@tianyun~]# gpasswd -M zhuzhu,maomao100 hr
[root@tianyun~]# gpasswd -d zhuzhu hr
微信名:千锋互联
微信ID:qianfengjiaoyu
快去找小小千要视频吧
微信:jiushiwo233
点击阅读原文抢占试听名额
以上是关于Linux基础入门篇之用户管理的主要内容,如果未能解决你的问题,请参考以下文章