zoukankan      html  css  js  c++  java
  • Linux添加用户组和添加用户

    1.用户组

    • 添加组:groupadd 组名
      [root@Server-n93yom ~]# groupadd dev
      [root@Server-n93yom ~]# cat /etc/group | grep dev
      dev:x:10011:
      [root@Server-n93yom ~]#
    • 删除组:groupdel 组名
      [root@Server-n93yom ~]# groupdel dev
      [root@Server-n93yom ~]# cat /etc/group | grep dev
      [root@Server-n93yom ~]#
    • 查询组:cat /etc/group 或者使用管道来精确查询 cat /etc/group | grep dev
      [root@Server-n93yom ~]# cat /etc/group
      root:x:0:
      bin:x:1:
      daemon:x:2:
      sys:x:3:
      adm:x:4:
      tty:x:5:
      disk:x:6:
      lp:x:7:
      mem:x:8:
      kmem:x:9:
      wheel:x:10:
      cdrom:x:11:
      mail:x:12:postfix
      man:x:15:
      dialout:x:18:
      floppy:x:19:
      games:x:20:
      tape:x:30:
      video:x:39:
      ftp:x:50:
      lock:x:54:
      audio:x:63:
      nobody:x:99:
      users:x:100:
      utmp:x:22:
      utempter:x:35:
      ssh_keys:x:999:
      input:x:998:
      systemd-journal:x:190:
      systemd-bus-proxy:x:997:
      systemd-network:x:192:
      dbus:x:81:
      polkitd:x:996:
      tss:x:59:
      dip:x:40:
      postdrop:x:90:
      postfix:x:89:
      sshd:x:74:
      check:x:1000:check
      cfyuser:x:10000:
      consul:x:10002:
      rabbitmq:x:10003:
      mysql:x:10009:
      prometheus:x:10004:
      grafana:x:10005:
      logstash:x:10006:
      nginx:x:995:
      tomcat:x:10008:
      guanbin:x:10010:
      dev:x:10011:

            /etc 目录是专门用来保存 系统配置信息 的目录

            group 是保存组信息的文件

    2.用户

    •  添加用户:useradd -m -g 组 新建用户名            注意:-m 自动建立用户家目录; -g 指定用户所在的组,否则会建立一个和用户名同名的组 
      [root@Server-n93yom ~]# useradd -m -g dev test1
      [root@Server-n93yom ~]#

      dev为用户组,test1为用户名

    • 查询用户:在/etc/passwd文件下存储的是用户的list
      [root@Server-n93yom ~]# cat /etc/passwd
      root:x:0:0:root:/root:/bin/bash
      bin:x:1:1:bin:/bin:/sbin/nologin
      daemon:x:2:2:daemon:/sbin:/sbin/nologin
      adm:x:3:4:adm:/var/adm:/sbin/nologin
      lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
      sync:x:5:0:sync:/sbin:/bin/sync
      shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
      halt:x:7:0:halt:/sbin:/sbin/halt
      mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
      operator:x:11:0:operator:/root:/sbin/nologin
      games:x:12:100:games:/usr/games:/sbin/nologin
      ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
      nobody:x:99:99:Nobody:/:/sbin/nologin
      systemd-bus-proxy:x:999:997:systemd Bus Proxy:/:/sbin/nologin
      systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
      dbus:x:81:81:System message bus:/:/sbin/nologin
      polkitd:x:998:996:User for polkitd:/:/sbin/nologin
      tss:x:59:59:Account used by the trousers package to sandbox the tcsd daemon:/dev/null:/sbin/nologin
      postfix:x:89:89::/var/spool/postfix:/sbin/nologin
      sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
      check:x:1000:1000:check:/home/check:/bin/bash
      cfyuser:x:10000:10000::/home/cfyuser:/bin/bash
      consul:x:10002:10002::/opt/cloudchef/consul:/sbin/nologin
      rabbitmq:x:10003:10003::/etc/rabbitmq:/sbin/nologin
      mysql:x:10009:10009::/home/mysql:/bin/bash
      prometheus:x:10004:10004::/home/prometheus:/sbin/nologin
      grafana:x:10005:10005::/home/grafana:/bin/bash
      logstash:x:10006:10006::/home/logstash:/bin/bash
      nginx:x:997:995:nginx user:/var/cache/nginx:/sbin/nologin
      tomcat:x:10008:10008::/opt/cloudchef/tomcat:/sbin/nologin
      test:x:10010:10010::/home/test:/bin/bash
      test1:x:10011:10011::/home/test1:/bin/bash
    • 只查找test1用户
      [root@Server-n93yom ~]# id test1
      uid=10011(test1) gid=10011(dev) groups=10011(dev)
      [root@Server-n93yom ~]#

      uid为用户id,  gid为组id

    • 修改和创建密码 passwd 用户名    如果不加用户名则默认修改当前登录者的密码
      [root@Server-n93yom ~]# passwd test1
      Changing password for user test1.
      New password:
      BAD PASSWORD: The password is shorter than 8 characters
      Retype new password:
      passwd: all authentication tokens updated successfully.
      [root@Server-n93yom ~]#

      设置好密码后,使用此账号和密码登录

      ➜  ~ ssh test1@192.168.85.163
      test1@192.168.85.163's password:
      Last failed login: Mon Jul 22 17:00:05 CST 2019 from 192.168.1.53 on ssh:notty
      There were 3 failed login attempts since the last successful login.
      [test1@Server-n93yom ~]$
    • 设置用户不能修改密码
      [root@Server-n93yom ~]# passwd -l test1     //在root下,禁止test1用户修改密码的权限
      Locking password for user test1.            //锁住test1不能修改密码
      passwd: Success
      [root@Server-n93yom ~]# su test1            //切换用户
      [test1@Server-n93yom root]$ passwd          //修改密码
      Changing password for user test1.
      Changing password for test1.
      (current) UNIX password:
      passwd: Authentication token manipulation error  //没用权限修改密码
      [test1@Server-n93yom root]$
    • 清除密码
      [root@Server-n93yom ~]# passwd -d test1    //删除test1的密码
      Removing password for user test1.
      passwd: Success
      [root@Server-n93yom ~]# passwd -S test1     //查看test1的密码
      test1 NP 2019-07-22 0 99999 7 -1 (Empty password.)   //密码为空
      [root@Server-n93yom ~]#
    • passwd 帮助命令
      [root@Server-n93yom ~]# passwd --help
      Usage: passwd [OPTION...] <accountName>
        -k, --keep-tokens       keep non-expired authentication tokens
        -d, --delete            delete the password for the named account (root only)
        -l, --lock              lock the password for the named account (root only)
        -u, --unlock            unlock the password for the named account (root only)
        -e, --expire            expire the password for the named account (root only)
        -f, --force             force operation
        -x, --maximum=DAYS      maximum password lifetime (root only)
        -n, --minimum=DAYS      minimum password lifetime (root only)
        -w, --warning=DAYS      number of days warning users receives before password
                                expiration (root only)
        -i, --inactive=DAYS     number of days after password expiration when an account
                                becomes disabled (root only)
        -S, --status            report password status on the named account (root only)
        --stdin                 read new tokens from stdin (root only)
      
      Help options:
        -?, --help              Show this help message
        --usage                 Display brief usage message
      [root@Server-n93yom ~]#

    3.设置密码失效时间

    • 可以编辑/etc/login.defs来设定几个参数,以后设置口令默认就按照参数设定为准:
      PASS_MAX_DAYS   99999
      PASS_MIN_DAYS   0
      PASS_MIN_LEN    5
      PASS_WARN_AGE   7
    • 当然在/etc/default/useradd可以找到如下2个参数进行设置:

      # useradd defaults file
      GROUP=100
      HOME=/home
      INACTIVE=-1
      EXPIRE=
      SHELL=/bin/bash
      SKEL=/etc/skel
      CREATE_MAIL_SPOOL=yes

      通过修改配置文件,能对之后新建用户起作用,而目前系统已经存在的用户,则直接用chage来配置。

    • chage [选项] 用户名

      chage命令是用来修改帐号和密码的有效期限。

      -m:密码可更改的最小天数。为零时代表任何时候都可以更改密码。
      -M:密码保持有效的最大天数。
      -w:用户密码到期前,提前收到警告信息的天数。
      -E:帐号到期的日期。过了这天,此帐号将不可用。
      -d:上一次更改的日期。
      -i:停滞时期。如果一个密码已过期这些天,那么此帐号将不可用。
      -l:例出当前的设置。由非特权用户来确定他们的密码或帐号何时过期。
    • chage -l root 查root账号的信息

      [root@Server-n93yom ~]# chage -l root
      Last password change                    : Jul 22, 2019
      Password expires                    : never
      Password inactive                    : never
      Account expires                        : never
      Minimum number of days between password change        : 0
      Maximum number of days between password change        : 99999
      Number of days of warning before password expires    : 7
      [root@Server-n93yom ~]#
    • chage -M 60 test  设置密码过期时间为60天
    • chage -I 5 test    设置密码失效时间为5天
    • 以test1账号为例,再查一次信息账号信息
      [root@Server-n93yom ~]# chage -l test1
      Last password change                    : Jul 22, 2019
      Password expires                    : Sep 20, 2019
      Password inactive                    : Sep 25, 2019
      Account expires                        : never
      Minimum number of days between password change        : 0
      Maximum number of days between password change        : 60
      Number of days of warning before password expires    : 7

      从上述命令可以看到,在密码过期后5天,密码自动失效,这个用户将无法登陆系统了。 

  • 相关阅读:
    nginx之location匹配优先级和安全问题
    nginx--->高并发优化
    高并发处理方案
    检查Linux服务器性能
    浅谈Nginx负载均衡和F5的区别
    大数据不仅仅是海量数据
    自己实现C++的string类
    hihoCoder题目之Magic Box
    vim入门之配色方案(colorscheme)设置
    新开通博客,很是高兴
  • 原文地址:https://www.cnblogs.com/guanbin-529/p/11227069.html
Copyright © 2011-2022 走看看