File function |
File name |
##User account file
| /etc/passwd |
User password | /etc/shadow |
User group account file | /etc/gruoup |
User group password file | /etc/gshadow |
##(1) User account file——/etc/passwd
passwd
is a text file used to define the user account of the system. Since all users have access to
passwd
has read permission, so only the user account is defined in this file, and the password is not saved.
#
Each line defines a user account information, each line consists of
7
Composed of fields, use between fields
“:”
separated, the format is as follows:
Account Name
:
password
:UID:GID:
personal information
:
Main directory
:Shell
/etc/passwd
Field description in the file
Account name: User login
Linux
The name used by the system.
Password: This was where the password was previously saved in encrypted format, now the password is saved in
/etc/shadow
In the file, here is just the password occupying characters
“x”
or
“*”
. If it is
“x”
, indicating that the password has been
shadow
protection of.
-
UID
: The user's identifier is a numerical value, which is used to distinguish different users. Each user has a
UID
Value:
Super user’s
UID——0
System user’s
UID——1
~
999
For ordinary users
UID——
≥
1000
GID
: The identifier of the basic group where the user is located is a numerical value, which is used to distinguish different groups. The same group has the same
GID
.
Personal information: You can record the user’s complete name, address, office phone number, home phone number and other personal information.
Main directory: similar
Windows
’s personal directory, usually
/home/username
,here
username
is the user name, user Execute
“cd
~
”
The current directory will be switched to the personal home directory when executing the command.
-
Shell
: Define the activated after user login
Shell
, the default is
Bash Shell
(2) User password file——/etc/shadow
#
Each row defines a user information, and each field in the row is marked with
“:”
Separate
,
The format is as follows:
Login name
:
Encrypted password
:
Last modification time
:
Minimum time interval
:
Maximum time interval
:
Warning time
:
Inactivity time
:
Expiration time
:
Logo
The 9 fields in each line of the/etc/shadow file have the meanings of fields
Login name: Login name
Encrypted password: Use SHA-512/SHA -256/MD5
The password encrypted by the algorithm ( $id$, id is 1means md5,5meanssha256, 6 is sha512). If it is empty, it means that the user can log in without a password. If it is "*" means that the account cannot be used to log in to the system, if "!" means The account password has been locked
Last modified time: the date of the last password change,
With distance
1970
Year
1
moon
1
The number of days represents
Minimum time interval: how many days the password cannot be modified. The default value is 0,
means no restrictions
Maximum time interval: The number of days after which the password must be changed. The default value is 99999,
Indicates no restriction
Warning time: How many days in advance to warn the user that the password will expire,
The default value is
7
sky
,0
means no warning
Inactivity time: How many days after the password expires to disable this user
Expiration time: Password expiration date,
With distance
1970
Year
1
moon
1
The number of days in a day is expressed
,
Default is empty
,
means permanently available Flag: reserved for future development
View the last time the user modified the root password Date
(3) User group account file——/etc/group
Every group in the system, in
/etc/group
There is a row of records in the file, and any user can read the user group account information configuration file.
Field description
Groupname: Group Name
Passwd: The encrypted password of the group
GID: It is the system that distinguishes different Group ID
,exist
/etc/passwd
in the domain
GID
The field uses this number to specify the user’s basic group
Userlist: Use "
,
”
Separate user names, the listed members have this group as an additional group.
Assignment:
1. Create the user lockuser, and specify the home directory as /home/lock, and then lock it This user
2. Unlock lockuser and set the password to be changed the next time you log in
3. Create user testuser and set the password, change the user name to normaluser
4. Create a file, query the acl of the file, set the acl user for the file to testuser1 and the permissions to rwx, set the acl mask for the file: permissions to r-x
5. Set suid, set suid for the file (two ways u s and nnnn)
6. Set sgid, set sgid for the file (two ways) One way g s and nnnn) way
7. Set sbit, set sbit for the directory (two ways o t and nnnn) way
Linux Adding Users to User Groups
Through several examples using the Linux command line, I will show you step by step how to add users to user groups on Linux, and How to add users and groups on Linux. These commands should work on any Linux distribution and have been tested on CentOS, Debian, and Ubuntu.
Add a new user to the user group
A Linux user can have a primary group and one or more subsidiary groups (Secondary groups). These groups can be used as arguments to the adduser
command when creating a user.
All commands must be executed as the root
user. On Ubuntu, prepend all commands with sudo
, or run sudo -s
to switch to the root
user.
Add user groups
As a first step, I will add two new user groups, family
and friends
:
groupadd family
groupadd friends
Add a new user to a single user group
Below I will add a new user tom
and also add the user to the user group Groupfamily
. The family
user group will be added as a subordinate group using the -G
parameter.
useradd -G family tom
Add new user to multiple user groups
tom
is now a user in the family
user group. Parameter -G
allows specifying multiple user groups, separated by commas between each user group. If you want to add user tom
to the family
and friends
user groups, use the following command:
useradd -G family,friends tom
Set User Password
Please note that new Linux user tom
does not have a password yet, so cannot log in. To set the password for this user, you can execute the following command:
passwd tom
and enter the new password twice when the command requests it.
In the above example, we added user tom
to the secondary group. The adduser
command automatically created a new primary group and assigned the group Main group.
- Username: tom
- Main group: tom
- Affiliated group: family (or use the second case to add two affiliated groups: family and friends)
Set a new primary group
Maybe you want to set the primary group to family## when adding a
tom user # (Instead of the
tom user group created by default), the affiliated group is
friends, you can use this command:
useradd -g family -G friends tom
Use the man command You can get a detailed description of all command line options of the
useradd command:
man useradd
Add an existing user to the user group
For this task we will use the usermod command.
usermod The command can modify various options of the user, including the user's group membership.
First I will add a third user group colleagues:
groupadd colleagues
using usermod
I will add the colleagues user group as an affiliate group to the user
tom:
usermod -a -G colleagues tom
Command explanation: -a means
append, which can only be used in combination with the
-G option (affiliated group). So in the end we added the
tom user to the
colleagues user group, which is an affiliated group of the user. The
-G option can specify multiple user groups, separated by commas between each user group. For example:
-G group1,group2,group3.
如果想要修改 tom
用户的主组为 family
,可以使用命令:
usermod -g family tom
使用 man
命令可以获取 usermod
命令的所有命令行选项的详细说明:
man usermod
相关推荐:《Linux视频教程》