Centos下添加/删除用户

useradd具体参数

[root@yhwang ~] useradd -h
Usage: useradd [options] LOGIN
       useradd -D
       useradd -D [options]

Options:
  -b, --base-dir BASE_DIR       base directory for the home directory of the
                                new account
  -c, --comment COMMENT         GECOS field of the new account
  -d, --home-dir HOME_DIR       home directory of the new account
  -D, --defaults                print or change default useradd configuration
  -e, --expiredate EXPIRE_DATE  expiration date of the new account
  -f, --inactive INACTIVE       password inactivity period of the new account
  -g, --gid GROUP               name or ID of the primary group of the new
                                account
  -G, --groups GROUPS           list of supplementary groups of the new
                                account
  -h, --help                    display this help message and exit
  -k, --skel SKEL_DIR           use this alternative skeleton directory
  -K, --key KEY=VALUE           override /etc/login.defs defaults
  -l, --no-log-init             do not add the user to the lastlog and
                                faillog databases
  -m, --create-home             create the user's home directory
  -M, --no-create-home          do not create the user's home directory
  -N, --no-user-group           do not create a group with the same name as
                                the user
  -o, --non-unique              allow to create users with duplicate
                                (non-unique) UID
  -p, --password PASSWORD       encrypted password of the new account
  -r, --system                  create a system account
  -R, --root CHROOT_DIR         directory to chroot into
  -s, --shell SHELL             login shell of the new account
  -u, --uid UID                 user ID of the new account
  -U, --user-group              create a group with the same name as the user
  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user mapping

 useradd创建的账户的默认值

[root@yhwang ~]# useradd -D
GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=
SHELL=/bin/bash
SKEL=/etc/skel
CREATE_MAIL_SPOOL=yes

　　1）新用户添加到GID为100的公共组
　　2）新用户的HOME目录将会位于/home/username
　　3）新用户账户密码在过期后不会被禁用
　　4）新用户账户未被设置为某个日期后就过期
　　5）新用户账户将bash shell作为默认shell
　　6）系统会将/etc/skel目录下的内容复制到用户的HOME目录下
　　7）系统为该用户账户在mail目录下创建一个用于接收邮件的文件

userdel具体参数

[root@yhwang ~]# userdel -h
Usage: userdel [options] LOGIN

Options:
  -f, --force                   force some actions that would fail otherwise
                                e.g. removal of user still logged in
                                or files, even if not owned by the user
  -h, --help                    display this help message and exit
  -r, --remove                  remove home directory and mail spool
  -R, --root CHROOT_DIR         directory to chroot into
  -Z, --selinux-user            remove any SELinux user mapping for the user

useradd添加账户和userdel删除账户

[root@yhwang ~]# useradd tom
useradd: warning: the home directory already exists.
Not copying any file from skel directory into it.
Creating mailbox file: File exists
[root@yhwang ~]# tail -1 /etc/passwd
tom:x:500:500::/home/tom:/bin/bash
[root@yhwang ~]# userdel -r tom
[root@yhwang ~]# useradd tom
[root@yhwang ~]# tail -1 /etc/passwd
tom:x:500:500::/home/tom:/bin/bash

 passwd具体参数

[root@yhwang ~]# passwd --help
Usage: passwd [OPTION...] <accountName>
  -k, --keep-tokens       keep non-expired authentication tokens
  -d, --delete            delete the password for the named account (root only)
  -l, --lock              lock the password for the named account (root only)
  -u, --unlock            unlock the password for the named account (root only)
  -e, --expire            expire the password for the named account (root only)
  -f, --force             force operation
  -x, --maximum=DAYS      maximum password lifetime (root only)
  -n, --minimum=DAYS      minimum password lifetime (root only)
  -w, --warning=DAYS      number of days warning users receives before
                          password expiration (root only)
  -i, --inactive=DAYS     number of days after password expiration when an
                          account becomes disabled (root only)
  -S, --status            report password status on the named account (root
                          only)
  --stdin                 read new tokens from stdin (root only)

Help options:
  -?, --help              Show this help message
  --usage                 Display brief usage message

 passwd设置修改账户密码

[root@yhwang ~]# passwd tom
Changing password for user tom.
New password: 
BAD PASSWORD: it is WAY too short
BAD PASSWORD: is a palindrome
Retype new password: 
passwd: all authentication tokens updated successfully.

[root@yhwang ~]# echo "tom"|passwd --stdin tom
Changing password for user tom.
passwd: all authentication tokens updated successfully.

赋予root权限

方法一

修改 /etc/sudoers 文件，找到下面一行，把前面的注释（#）去掉

## Allows people in group wheel to run all commands
%wheel    ALL=(ALL)    ALL

然后修改用户，使其属于root组（wheel），命令如下：

[root@yhwang ~] usermod -g root tom

 修改完毕，现在可以用tom帐号登录，然后用命令 su - ，即可获得root权限进行操作。

方法二

修改 /etc/sudoers 文件，找到下面一行，在root下面添加一行，如下所示：

## Allow root to run any commands anywhere
root    ALL=(ALL)     ALL
tom   ALL=(ALL)     ALL

 修改完毕，现在可以用tom帐号登录，然后用命令 su - ，即可获得root权限进行操作。

方法三

修改 /etc/passwd 文件，找到如下行，把用户ID修改为 0 ，如下所示：

## 修改前

tom:x:500:500:tom:/home/tom:/bin/bash

## 修改后

tom:x:0:500:tom:/home/tom:/bin/bash

 保存，用tom账户登录后，直接获取的就是root帐号的权限。

参考资料

http://www.centoscn.com/CentOS/config/2014/0810/3471.html