User and group and authority management

Users and groups

User profile

• A file for storing user information /etc/passwd
  guest：x：1000:1000:guest:/home/guest:/bin/bash
  name ： Password placeholder ：UID:GID: The user instructions ： User home directory ： Logon shell Environmental Science
  shell Environmental Science ： bin/bash Users can log in /sbin/nologin Can not login

Group information profile

• File for storing group information /etc/group
  guest:x：1000:guest
  Group name ： Group password placeholder ：GID： As a member of the additional group （aa,bb,cc）（ user name ）
  Here, the basic group members are omitted （ Cannot see basic group members ）
  Ordinary users who create virtual machines are special , This ordinary user guest Put this guest Groups are both basic groups and additional groups

Group concept

• Each user can only have one basic group , There can be several additional groups , But a basic group can have multiple users , Basic groups and additional groups are relative to users , There are no fixed basic groups and additional groups , For some users, the same group is an additional group, but for others, it may be a basic group
  Each user will automatically create a user with the same name GID Basic group of

Password profile

• File to store user password /etc/shadow
  guest:$6$s3tZVocXr7Bf8GMy$VC5.yaZdpEz5J33zgxhVDTA6G0PuB/3xQWW0K5IwXxGjIkwTyyBrNFEMxzZbYEd2etIKjZAAYT.7/EZCcJvme1::0:99999:7:::
  Field 1： The name of the user account
  Field 2： Encrypted password string information
  Field 3： Last time the password was changed （ distance 1970 year 01 month 01 The number of days in a day is 14495）
  Field 4： The minimum number of days a password is valid , The default value is 0
  Field 5： The maximum number of days a password is valid , The default value is 99999
  Field 6： Warn the user how many days in advance that the password will expire , The default value is 7
  Field 7： How many days after this password has expired
  Field 8： Account expiration time , The default value is empty （ Indicates at a distance 1970 year 01 month 01 It will expire in a few days ）
  Field 9： Keep field （ not used ）
  Field to ： Separate

  Store user group password file /etc/gshadow

Create user commands

 Create user commands   useradd
useradd  aa  
-u   Appoint UID Number to the user    
useradd -u 1020  cc
-d   Specify the host Directory             
useradd  -d  /dd（ Location ） -m dd     The default home directory is home Inside , Users of the new creation key dd Put the home directory in /dd, Absolute path must be used 
-e   Specify account expiration time       
useradd -e 2021-09-07  ee   Create a 2021-09-07 Invalid users 
-g   Specifies the user's base group name    
useradd -g  qq  fff   Create a new user    The user is called fff   The basic group is qq
-G   Specifies the additional group name of the user    
useradd  fff  -G  qq   Create a new user    The user is called fff   Additional set for qq
-M   Do not create home directory when creating users    
useradd  -M  hh    Create a user without a home directory hh
-s    Specify the login for the user shell Program ,/bin/bash You can log in. ,/sbin/nologin Can't log in 
useradd -s /sbin/nologin  ll     （-s Want to follow shell Program path , It doesn't matter where the user name is placed ）

 The newly created user changes the password ：
passwd abc
 Change user  abc  Password  
 new   password ：

 Check whether the current user exists   And current user information 
tail -1  /etc/shadow（passwd,group）
id aa    

 Be careful ：
 Use useradd when , If you don't add any parameter options later , for example ：#sudo useradd test The user created will be the default “ 3 without ” user ： Nothing Home Directory, No password , Three no system Shell

Create users manually

 Create users manually 
 a. modify passwd Add a line at the end 
 b. modify shadow Add a line at the end 
 c. modify group Add a line at the end 
 d. New user home directory 
 d. Copy skel Catalog , hold skel Copy the file to the home directory of the new user 
 cp -r /etc/skel/ /home/hive

Create group command

groupadd

 Create a group named qq Group 
groupadd qq  

-g  Specify the group when creating the Group ID
groupadd -g 1010 qq  

Password command

passwd

 change aa User password 
passwd aa  

 Delete aa Password 
passwd -d  aa   

-S   Check whether the password is locked 
passwd -S abc
abc PS 2022-06-24 0 99999 7 -1 ( The password has been set , Use  SHA512  Algorithm .)

-l    Lock the corresponding user password 
[passwd -l abc
 Lock the user  abc  Password  .
passwd:  Successful operation 

-u   Unlock password 
passwd -u abc
 Unlocking users  abc  Password .
passwd:  Successful operation 

-f   mandatory 

 Password placeholder position, if any ！  ！！ It means that the password is locked         
 Create a new user without setting a password , Then the password of this user is locked , except root Users can switch users , Other users cannot switch users 
 Common use to change your password , First, you need to unlock the password , And then use root Set the password , The password is required to be eight mixed characters , Then switch back to ordinary users to change their passwords 

Change user

usermod

-l   rename user    After changing the user name, the group name of the user has not been modified 
usermod aa -l ab

-u   Change user UID
-d   Change user home directory 
-e   Change the user expiration time   
-g   Change the user's base group     After changing the basic group passwd and group and shadow Cannot Query Base Group , View the long format information of this user's home directory file 
-G   Change the user's additional groups 
-s   Change the user's shell Login environment 

Delete user

 userdel
 
  Delete aa user 
 userdel  aa 
 
 -r  Delete the user's home directory when deleting the user    
 userdel -r  aa
 
 userdel Deleting users will delete both users and groups    But if the corresponding basic group has other group members , Then this group will not be deleted 
 This group can be deleted if it is attached 

jurisdiction

Permission format

 View file and directory permissions   
ls -l file  ls-dl Catalog   
-rw-------. 1 root root 1687 9 month   10 18:42 anaconda-ks.cfg
-  Ordinary documents 
rw-    The authority of the owner    Have the right to fill in the corresponding letters （ The order rwx）  - On behalf of no authority 
---    Group permission 
---    Permissions of other users           （ The permission part of the file length format has nine characters in total, and three groups represent . Belong to . Generic group . Other users . Permissions on this file ）
1      The number of current subdirectories 
root  Belong to 
root  Generic group 
1687  Size of files and directories 
9 month   10 18:42   Last modified time 
anaconda-ks.cfg   file name 

File permission command

chmod   Change access permissions 
ugoa    Current owner   Current group    Other users    All users 
+ - =   increase    Delete    Override the original permissions 
rwx     Read write execute 

 Example ：
chmod  ugoa  +-= rwx aaa.txt
chmod  a=rwx aa.txt

-R      Recursively modify the permissions of all children in the specified directory     
chmod  -R  a=rwx aa

 Digital rights 
rwx They correspond to each other 421
 Belong to / Generic group / other , Each option corresponds to a rwx That is to say 421, The three options add up to rwxrwxrwx, You can use numbers to correspond , The maximum sum of each option is 7
 It can also be represented by numbers rwx jurisdiction 

 Example ：
chmod 777 abc.txt

User permissions

 Change the ownership permissions of files and directories 
chown
 Format ： chown   Belong to : Generic group    File or directory 

 Change owner 
chown  root abc.txt
 Change genus group 
chown  :de  abc.txt
 Change the owner and group 
chown  root:de  abc.txt

Local mount

Mount command

 command     Parameters    Mount disk      Mount point 
mount -o  /dev/hda1  /mnt

 Uninstall the disc 
umont  /dev/sr0  

 Reload fstab file 
mount -a

To mount temporarily

mount -o  /dev/hda1 /mnt      Failure after restart 

Permanently mount

 route ：/etc/fstab
vim /etc/fstab
 Mount disk               Mount point           Format       Mount parameters       Backup      Self inspection 
/dev/sda8      /mnt/winG        ntfs    defaults     0      0