Linux system is a multi-user and multi-task time-sharing operating system. Any user who wants to use system resources must first apply for an account from the system administrator, and then enter the system with this account.
On the one hand, user accounts can help the system administrator track the users who use the system and control their access to system resources. On the other hand, it can help users organize files and provide security protection for users.
Each user account has a unique username and password.
When a user logs in with the correct user name and password, he or she is able to access the system and his or her home directory.
To realize the management of user accounts, the main tasks to be completed are as follows:
- Add, delete, and modify user accounts.
- User password management.
- User group management.
1. User account management
User account management mainly involves adding, modifying, and deleting user accounts.
Adding a user account is to create a new account in the system and assign resources such as user numbers, user groups, home directories, and login shells to the new account. The newly added account is locked and cannot be used.
1.1. Add a User
The syntax is as follows:
Useradd Option user nameCopy the code
Parameter description:
-
Options:
- -c comment Specifies a comment description.
- -D directory Specifies the home directory of the user. If the home directory does not exist, use the -m option to create a home directory.
- -g User Group Indicates the user group to which the user belongs.
- == -g User group, user group Specifies the additional group to which the user belongs. = =
- -s Shell file Specifies the login Shell of the user.
- -u User ID Specifies the user ID. If -o is selected, the ids of other users can be used repeatedly.
- ==-m Automatically creates the user’s home directory ==
-
User name:
Specify the login name for the new account.
** Test: ** add cheng user, and automatically create this user’s home directory
[root@cheng home]# adduser -m cheng
[root@cheng home]# ls
cheng peng wanli www
Copy the code
Adding a user account is to add a record for the new user in the /etc/passwd file and update other system files such as /etc/shadow and /etc/group.
1.2. Delete a User
If a user account is no longer used, it can be deleted from the system. Deleting a user account means deleting the user record from system files such as /etc/passwd and deleting the home directory of the user if necessary.
Grammar:
Userdel Indicates the user name of the optionCopy the code
The common option is -r, which deletes the user’s home directory.
** Test: ** Delete the cheng user and the user’s home directory
[root@cheng home]# userdel -r cheng
[root@cheng home]# ls
peng wanli www
Copy the code
Deleting a user is to delete records in system files (such as /etc/passwd, /etc/shadow, /etc/group, etc.).
1.3 Modifying a User
Modifying a user account is to change the attributes of the user, such as the user number, home directory, user group, and login Shell, as required.
Grammar:
Usermod Indicates the user name of the optionCopy the code
Common options include -c, -d, -m, -g, -g, -s, -u, and -o. The meanings of these options are the same as those in the useradd command. You can specify new resource values for the user.
In addition, some systems can use the option -l new username
This option specifies a new account that changes the original user name to the new user name.
** Test: ** Modify the user directory
Create a user first
[root@cheng home]# useradd -m cheng
[root@cheng home]# ls
cheng peng wanli www
# Then change the user's directory to cheng1
[root@cheng home]# usermod -d /home/cheng1 cheng
[root@cheng home]# ls
cheng peng wanli www # does not appear in the home directory
Copy the code
It is not displayed in the home directory, but in the /etc/passwd configuration file
Therefore, you need to create the directory before modifying it.
1.4 Switching a User
If the current user is root, switch to the previously created cheng user.
[root@cheng home]# su cheng
[cheng@cheng home]$
Copy the code
# : indicates the superuser
$: indicates a common user
Back to the root directory:
[cheng@cheng home]$ exit
exit
[root@cheng home]#
Copy the code
2. User password management
An important part of user management is the management of user password. The user account does not have a password when it is created, but is locked by the system and cannot be used. You must specify a password for the user account, even if the password is specified.
The Shell command used to specify and change the user password is passwd. Superusers can specify passwords for themselves and other users, and ordinary users can only use it to change their own passwords. The format of the command is:
Passwd Option user nameCopy the code
Available options:
- -l Locks the password, that is, disables the account.
- -u Specifies the password to unlock the account.
- -d Indicates that the account has no password.
- -f Forces the user to change the password at the next login.
Test: Specify a password for user Cheng
[root@cheng home]# passwd cheng
Changing password for user cheng.
# Requires you to enter a new password
New password:
BAD PASSWORD: The password fails the dictionary check - it is too simplistic/systematic
Enter the password again
Retype new password:
passwd: all authentication tokens updated successfully.
Copy the code
== Note: If you enter the password in Linux, == is not displayed
After you specify a password for user cheng, you cannot use the su cheng command to log in to the user. You need to click New on the menu bar, enter the host IP address, user name (cheng), and the password specified above to log in.
Change password:
[cheng@cheng ~]$ passwd
Copy the code
3. Manage user groups
Each user has a user group. The system can centrally manage all users in a user group. Different Linux operating systems have different rules for user groups. For example, a User in Linux belongs to a user group with the same name. The user group is created when the user is created.
User group management involves adding, deleting, and modifying user groups.
== Essence: Adding, deleting, and modifying groups are essentially updates to the /etc/group file. = =
Creating a User Group
Grammar:
Groupadd option user groupCopy the code
The options available are:
- -g GID Specifies the group ID (GID) of the new user group.
test
Example To create a user group, add 1 to the existing maximum group ID
[root@cheng ~]# groupadd wei
Copy the code
Create another user group and specify the group id as 1024
[root@cheng ~]# groupadd -g 1024 wei1
Copy the code
View the created user group:
Deleting a User Group
Grammar:
[root@cheng ~]# groupdel User group
Copy the code
Test: Delete user group wei1
[root@cheng ~]# groupdel wei1
Copy the code
Modify the attributes of a user group
Grammar:
Groupmod option user groupCopy the code
Common options are:
- -g GID Specifies a new group ID for a user group.
- -n New User Group Changes the name of the user group to the new name
Test: Change the id and name of user group WEI to 1024 and wei111
[root@cheng ~]# groupmod -g 1999 -n wei111 wei
Copy the code
Check the effect:
Modification succeeded!
Switching user Groups
If a user belongs to multiple user groups, the user can switch between user groups in order to have the rights of the other user groups
If you are in another root group and you want to switch to the cheng group, run the newgrp command to switch
[root@cheng ~]# newgrp cheng
Copy the code
4. System files related to the user account
Operations on user accounts and user groups are essentially operations on related system files. These files include /etc/passwd, /etc/shadow, /etc/group, etc.
The /etc/passwd file is one of the most important files involved in user management.
Every user on a Linux system has a corresponding line in the /etc/passwd file, which records some basic properties of that user.
This file is readable to all users. It looks something like the following example:
Each record line is divided into seven fields by colons (:). The format and meanings of the fields are as follows:
User name: Password (password): User ID: Group ID: Annotation description: Home directory: login ShellCopy the code
The real encrypted password is stored in the /etc/shadow file, while the password field in the /etc/passwd file contains only one special character, such as “x” or “*”.