zoukankan      html  css  js  c++  java
  • Linux 命令整理 —— 用户管理

    Linux用户管理以读、写、执行动作为权限,以用户组为单位,限制用户行为。对于文件的的操作,可以限制读、写、执行中的哪一种,也可以限制文件所有者、组用户、组外用户相应的权限。 

    所以,要建立用户,最好先确定其所在的组。 
    一、用户组操作 
    1. 创建用户组——groupadd 

    1. #新增deploy组  
      groupadd deploy  


    2. 修改用户组——groupmod 

    #将用户组deploy更名为deploy1  
    groupmod -n deploy1 deploy  


    注意是将已存在的deploy组更名为deploy1 

    3. 删除用户组——groupdel 

    1. #删除用户组deploy1  
      groupdel deploy1  



    4. 查看用户组——groups /etc/group 
    groups只能查看当前用户所在的组,以下是root用户所在的组。 

    引用
    # groups 
    root bin daemon sys adm disk wheel



    要看所有用户组信息,直接查看/etc/group: 

    引用
    # cat /etc/group 
    root:x:0:root 
    bin:x:1:root,bin,daemon 
    daemon:x:2:root,bin,daemon 
    sys:x:3:root,bin,adm 



    二、用户操作 
    1. 创建用户——useradd 

    引用
    # useradd 
    Usage: useradd [options] LOGIN 
    
    Options: 
      -b, --base-dir BASE_DIR       base directory for the new user account 
                                    home directory 
      -c, --comment COMMENT         set the GECOS field for the new user account 
      -d, --home-dir HOME_DIR       home directory for the new user account 
      -D, --defaults                print or save modified default useradd 
                                    configuration 
      -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE 
      -f, --inactive INACTIVE       set password inactive after expiration 
                                    to INACTIVE 
      -g, --gid GROUP               force use GROUP for the new user account 
      -G, --groups GROUPS           list of supplementary groups for the new 
                                    user account 
      -h, --help                    display this help message and exit 
      -k, --skel SKEL_DIR           specify an alternative skel directory 
      -K, --key KEY=VALUE           overrides /etc/login.defs defaults 
      -m, --create-home             create home directory for the new user 
                                    account 
      -l,                       do not add user to lastlog database file 
      -M,                       do not create user's home directory(overrides /etc/login.defs) 
      -r,                       create system account 
      -o, --non-unique              allow create user with duplicate 
                                    (non-unique) UID 
      -p, --password PASSWORD       use encrypted password for the new user 
                                    account 
      -s, --shell SHELL             the login shell for the new user account 
      -u, --uid UID                 force use the UID for the new user account 
      -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user mapping 


    新建用户deploy,位于deploy组,用于部署工作: 

    1. #-g 组 用户  
      useradd -g deploy deploy  



    新建用户nginx,位于www组,且不可登录,用于启动nginx: 

     
    1. useradd -s /sbin/nologin -g www nginx  



    为用户deploy设置密码: 

    引用
    # passwd deploy 
    Changing password for user deploy. 
    New UNIX password: 
    Retype new UNIX password: 
    passwd: all authentication tokens updated successfully. 


    新建用户test,位于www组,并为其设置密码为1234567890: 

     
    1. useradd -g www -p 1234567890 test  



    2. 修改用户——usermod gpasswd 

    引用
    # usermod 
    Usage: usermod [options] LOGIN 
    
    Options: 
      -a, --append                  append the user to the supplemental GROUPS 
                                    (use only with -G) 
      -c, --comment COMMENT         new value of the GECOS field 
      -d, --home HOME_DIR           new home directory for the user account 
      -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE 
      -f, --inactive INACTIVE       set password inactive after expiration 
                                    to INACTIVE 
      -g, --gid GROUP               force use GROUP as new primary group 
      -G, --groups GROUPS           new list of supplementary GROUPS 
      -h, --help                    display this help message and exit 
      -l, --login NEW_LOGIN         new value of the login name 
      -L, --lock                    lock the user account 
      -m, --move-home               move contents of the home directory to the new 
                                    location (use only with -d) 
      -o, --non-unique              allow using duplicate (non-unique) UID 
      -p, --password PASSWORD       use encrypted password for the new password 
      -s, --shell SHELL             new login shell for the user account 
      -u, --uid UID                 new UID for the user account 
      -U, --unlock                  unlock the user account 
      -Z, --selinux-user    new selinux user mapping for the user account 



    将用户test登录目录设为/home/test,并将其添加到www组: 

    1. usermod -d /home/test -G www test  



    将用户test追加到deploy组: 

     
    1. usermod -a -G deploy test  


    注意:如果没有-a,将直接变更用户所在组,即将用户从原所在组中移除! 

    这时候用gpasswd就比较安全一些!

     
    1. gpasswd -a test deploy  


    将用户test从www组中移除: 

     
    1. gpasswd -d test www  



    3. 删除用户——userdel 
    删除用户test,并移除其登录目录: 

        

     userdel -r test  
  • 相关阅读:
    tail命令语法
    正则表达式示例
    HTTP状态码对照表 HTTP response codes
    linux 源的配置更新
    shell基本语法
    谁偷走了程序员的时间??
    Spring Data JPA 简单查询-接口方法
    GET和POST两种基本请求方法的区别
    您是怎样度过人生的低潮期的
    树莓派中Docker部署.Net Core 3.1 (一)
  • 原文地址:https://www.cnblogs.com/irisrain/p/4346065.html
Copyright © 2011-2022 走看看