歡迎來到Linux教程網
Linux教程網
Linux教程網
Linux教程網
您现在的位置: Linux教程網 >> UnixLinux >  >> Linux基礎 >> 關於Linux

用戶管理操作示例

用戶管理操作示例   Linux用戶管理操作示例 [plain]  #用戶   root 超級用戶,超級管理員,權限無限大   500以下的 系統帳號 系統軟件運行 沒有登錄的權限   500及以上的 普通用戶      hongyi:x:501:501::/home/hongyi:/bin/bash   hongyi:用戶名   x:密碼占位符,沒有可以不使用密碼登錄,有的話必須使用密碼登錄   501:用戶編號   501:用戶所屬組組編號   ::注釋信息,可有可無,可隨便寫,比如Oracle用戶   /home/hongyi:家   /bin/bash:用戶登錄系統默認使用什麼shell      shd:!!:15908::::::   !!:用戶被鎖住,兩把鎖   !:一把鎖   15908:修改這次密碼距離1970.1.1隔多少天   zhink:$6$YJ.smIrY$psvbOkK9YqpsSABEWJLXVIiExUummHIL03NlMmEp1K8gGysgUU3nu1Bk8HzbA.yVJutBtyqlaJSJG.9AJC4.s/:15910:0:99999:7:::   0:密碼最少使用多少天才可以修改   99999:密碼最多可以使用多少天必須修改,否則過期   7:密碼過期時提前多少天給你提示   :   :         [root@larrywen soft]# man shadow   [root@larrywen soft]# man 5 shadow      [root@serv01 test]usermod --help   --修改用戶的編號   [root@serv01 test]# usermod -u 666 zhink      [root@serv01 test]# id zhink   uid=666(zhink) gid=500(hink) groups=500(hink)      --更改用戶zhink為think   [root@serv01 test]# usermod -l think zhink   [root@serv01 test]# id zhink   id: zhink: No such user   [root@serv01 test]# tail -n2 /etc/passwd   hongyi:x:501:501::/home/hongyi:/bin/bash   think:x:666:500::/home/zhink:/bin/bash      --添加編號為666組名為linux的組   [root@serv01 test]# groupadd -g 666 linux   [root@serv01 test]# tail -n1 /etc/group   linux:x:666:      --修改think的組名為linux   [root@serv01 test]# usermod -g linux think   [root@serv01 test]# tail -n1 /etc/passwd   think:x:666:666::/home/zhink:/bin/bash      [root@serv01 test]# id think   uid=666(think) gid=666(linux) groups=666(linux)      --更改用戶think的注釋為this is linux admin   [root@serv01 test]# usermod -c "this is linux admin" think   [root@serv01 test]# tail -n2 /etc/passwd   hongyi:x:501:501::/home/hongyi:/bin/bash   think:x:666:666:this is linux admin:/home/zhink:/bin/bash      [root@serv01 test]# mkdir /rhome   [root@serv01 test]# ls -ld /rhome/   drwxr-xr-x. 2 root root 4096 Jul 24 23:58 /rhome/      --給用戶搬家,失敗   [root@serv01 test]# usermod -m /rhome/think think   usermod: no changes   [root@serv01 test]# tail -n2 /etc/passwd   hongyi:x:501:501::/home/hongyi:/bin/bash   think:x:666:666:this is linux admin:/home/zhink:/bin/bash   [root@serv01 test]# ls /rhome   [root@serv01 test]# ls /home   hongyi  test  zhink      --給用戶think搬家   [root@serv01 test]# usermod -m -d /rhome/think think   [root@serv01 test]# tail -n2 /etc/passwd   hongyi:x:501:501::/home/hongyi:/bin/bash   think:x:666:666:this is linux admin:/rhome/think:/bin/bash   [root@serv01 test]# ls /rhome   think   [root@serv01 test]# ls /home   hongyi  test      #測試禁止登錄   [root@serv01 test]# usermod -s /sbin/nologin think   [root@larrywen Desktop]# ssh [email protected]   [email protected]'s password:    Last login: Thu Jul 25 00:03:44 2013 from 192.168.1.1   This account is currently not available.   Connection to 192.168.1.11 closed.   [root@serv01 test]# usermod -s /bin/bash think   [root@larrywen Desktop]# ssh [email protected]   [email protected]'s password:    Last login: Thu Jul 25 00:03:58 2013 from 192.168.1.1   [think@serv01 ~]$       [root@serv01 test]usermod -p   #md5加密   [root@serv01 test]# grub-md5-crypt    Password:    Retype password:    $1$9gmEH1$TxmCSmV4.uJTjCNVlqnBn.      #修改用戶think的密碼   [root@serv01 test]# usermod -p '$1$9gmEH1$TxmCSmV4.uJTjCNVlqnBn.' think   [root@serv01 test]# passwd think      #修改think的密碼,需要root用戶   [root@serv01 test]# passwd think          #用戶think的密碼失效的最小日期為3   [root@serv01 test]# passwd -n 3 think          #用戶think的密碼失效的最小日期為0   [root@serv01 test]# passwd -n 0 think      #用戶失效的日期,此處設置為3天以後   [root@serv01 test]# passwd -i 3 think      #修改用戶think,2013-09-10過期   [root@serv01 test]# usermod -e "2013-09-10" think      #用戶think的密碼失效的警告日期為3,3天後用戶think在登錄時將受到警告   [root@serv01 test]# passwd -w 3 think      [root@serv01 test]# date   Thu Jul 25 00:25:44 CST 2013   [root@serv01 test]# date -s "2013-07-25 16:26:44"   Thu Jul 25 16:26:44 CST 2013   [root@serv01 test]# date   Thu Jul 25 16:26:45 CST 2013   [root@serv01 test]# tail -n2 /etc/shadow   think:$6$B0kGPvNc$xsRV5MLUUhbc1duBQNzKs8qX0FrrchETVv1Z0J5vzWF97wxGWPhYqgfFYpcCNOsldY2/KNAl7sNswovvsGawl1:15910:0:99999:7:::   [root@serv01 test]# passwd think   Changing password for user think.   New password:    BAD PASSWORD: it is based on a dictionary word   BAD PASSWORD: is too simple   Retype new password:    passwd: all authentication tokens updated successfully.   [root@serv01 test]# tail -n2 /etc/shadow   think:$6$xuDtWPxr$9S2ZcJ0mn4CWXnUZqSZCxcgQz263gNH4dPoKrigwdgd9tuRQ07TkvvOvuDxlupnxjXIDjziIfWPs4txJJ3L2h1:15911:0:99999:7:::      #15911:不需要自己修改   [root@serv01 test]# passwd --help   [root@serv01 test]# passwd -n 3 think   Adjusting aging data for user think.   passwd: Success   [root@serv01 test]# tail -n2 /etc/shadow   think:$6$xuDtWPxr$9S2ZcJ0mn4CWXnUZqSZCxcgQz263gNH4dPoKrigwdgd9tuRQ07TkvvOvuDxlupnxjXIDjziIfWPs4txJJ3L2h1:15911:3:99999:7:::      [root@larrywen Desktop]# ssh [email protected]   [email protected]'s password:    Last login: Thu Jul 25 00:04:23 2013 from 192.168.1.1   [think@serv01 ~]$ passwd   Changing password for user think.   Changing password for think.   (current) UNIX password:    You must wait longer to change your password   passwd: Authentication token manipulation error      [root@serv01 test]# passwd -n 0 think   Adjusting aging data for user think.   passwd: Success      [think@serv01 ~]$ passwd   Changing password for user think.   Changing password for think.   (current) UNIX password:    New password:    BAD PASSWORD: it is too simplistic/systematic   New password:    Retype new password:    passwd: all authentication tokens updated successfully.      [root@serv01 test]# date   Thu Jul 25 16:33:27 CST 2013   [root@serv01 test]# date -s "2013-07-30"   Tue Jul 30 00:00:00 CST 2013      passwd      [root@serv01 test]# date -s "2013-08-25"   [root@larrywen Desktop]# ssh [email protected]   [email protected]'s password:    Warning: your password will expire in 0 days   Last login: Thu Jul 25 16:29:24 2013 from 192.168.1.1      [root@serv01 test]# date -s "2013-09-01"   Sun Sep  1 00:00:00 CST 2013      [root@larrywen Desktop]# ssh [email protected]   [email protected]'s password:    You are required to change your password immediately (password aged)   Last login: Tue Aug 20 00:00:28 2013 from 192.168.1.1   WARNING: Your password has expired.   You must change your password now and login again!   Changing password for user think.   Changing password for think.   (current) UNIX password:       [root@serv01 test]# passwd -i 3 think   Adjusting aging data for user think.   passwd: Success   [root@serv01 test]# tail -n1 /etc/shadow   think:$6$7yd/Qbel$uAzY/GJKpo7J9aPOy62axAYvWK.tQCRN9WQj4KVpsQM0D1ILeaA2JqiTa/BXvSsMipC5GLtKtkiyYLVNFe6dy1:15911:3:30:7:3::   [root@serv01 test]# usermod -f 10 think   [root@serv01 test]# tail -n1 /etc/shadow   think:$6$7yd/Qbel$uAzY/GJKpo7J9aPOy62axAYvWK.tQCRN9WQj4KVpsQM0D1ILeaA2JqiTa/BXvSsMipC5GLtKtkiyYLVNFe6dy1:15911:3:30:7:10::      #修改過期時間   [root@serv01 test]# usermod -e "2013-09-10" think   [root@serv01 test]# tail -n1 /etc/shadow   think:$6$7yd/Qbel$uAzY/GJKpo7J9aPOy62axAYvWK.tQCRN9WQj4KVpsQM0D1ILeaA2JqiTa/BXvSsMipC5GLtKtkiyYLVNFe6dy1:15911:3:30:7:10:15958:   [root@serv01 test]# date   Sun Sep  1 00:03:45 CST 2013   [root@serv01 test]# date -s "2013-09-20"   Fri Sep 20 00:00:00 CST 2013      [root@larrywen Desktop]# ssh [email protected]   [email protected]'s password:    Your account has expired; please contact your system administrator   Connection closed by 192.168.1.11         [root@serv01 test]# passwd --help   Usage: passwd [OPTION...] <accountName>     -k, --keep-tokens       keep non-expired authentication tokens     -d, --delete            delete the password for the named account (root   only)     -l, --lock              lock the named account (root only)     -u, --unlock            unlock the named account (root only)     -f, --force             force operation     -x, --maximum=DAYS      maximum password lifetime (root only)     -n, --minimum=DAYS      minimum password lifetime (root only)     -w, --warning=DAYS      number of days warning users receives before   password expiration (root only)     -i, --inactive=DAYS     number of days after password expiration when an   account becomes disabled (root only)     -S, --status            report password status on the named account (root   only)     --stdin                 read new tokens from stdin (root only)      Help options:     -?, --help              Show this help message     --usage                 Display brief usage message      [root@serv01 test]# tail -n1 /etc/group   linux:x:666:   [root@serv01 test]# groupadd --help      #添加oracle用戶到編號為668的組   [root@serv01 test]# groupadd -g 667 oracle   [root@serv01 test]# tail -n2 /etc/group   linux:x:666:   oracle:x:667:      #創建用戶時給用戶添加組,可以使用組名或者組的編號   [root@serv01 test]# useradd -g oracle oracle01   [root@serv01 test]# useradd -g 667 oracle01      [root@serv01 test]# useradd -g oracle oracle01   [root@serv01 test]# id oracle01   uid=667(oracle01) gid=667(oracle) groups=667(oracle)      #添加用戶時加入到多個組   [root@serv01 test]# useradd -g oracle -G linux oracle01   [root@serv01 test]# usermod --help   #添加用戶oracle01到linux組   [root@serv01 test]# usermod -G linux oracle01   [root@serv01 test]# id oracle01   uid=667(oracle01) gid=667(oracle) groups=667(oracle),666(linux)      [root@serv01 test]# tail -n2 /etc/group   linux:x:666:oracle01   oracle:x:667:      #主組      #添加組   [root@serv01 test]# groupadd dba   [root@serv01 test]# tail -n2 /etc/group   oracle:x:667:   dba:x:668:   #修改用戶的主組   [root@serv01 test]# usermod -g dba oracle01   [root@serv01 test]# id oracle01   uid=667(oracle01) gid=668(dba) groups=668(dba),666(linux)   [root@serv01 test]# tail -n2 /etc/passwd   oracle01:x:667:668::/home/oracle01:/bin/bash   test:x:668:667::/home/test:/bin/bash         [root@serv01 test]# id oracle01   uid=667(oracle01) gid=668(dba) groups=668(dba),666(linux)   #修改用戶的副組,覆蓋以前的   [root@serv01 test]# usermod -G oracle oracle01   [root@serv01 test]# id oracle01   uid=667(oracle01) gid=668(dba) groups=668(dba),667(oracle)      #副組   #添加用戶到多個組   [root@serv01 test]# usermod -G oracle,linux oracle01   [root@serv01 test]# id oracle01   uid=667(oracle01) gid=668(dba) groups=668(dba),666(linux),667(oracle)      [root@serv01 test]# usermod -G oracle oracle01   [root@serv01 test]# id oracle01   uid=667(oracle01) gid=668(dba) groups=668(dba),667(oracle)   #添加到多個組,不會覆蓋以前的副組   [root@serv01 test]# usermod -a -G linux oracle01   [root@serv01 test]# id oracle01   uid=667(oracle01) gid=668(dba) groups=668(dba),666(linux),667(oracle)      #從oracle組裡刪除指定用戶   [root@serv01 /]# gpasswd -d oracle01 oracle   Removing user oracle01 from group oracle   [root@serv01 /]# id oracle01   uid=667(oracle01) gid=666(linux) groups=666(linux)   [root@serv01 /]# tail -n2 /etc/passwd   think:x:666:666:this is linux admin:/rhome/think:/bin/bash   oracle01:x:667:666::/home/oracle01:/bin/bash      #刪除用戶,不加參數不刪除主目錄   [root@serv01 /]# userdel hongyi   [root@serv01 /]# ls /home   hongyi  learning  oracle01      #刪除用戶,並刪除主目錄   [root@serv01 /]# userdel -r oracle01   [root@serv01 /]# ls /home/   hongyi/   learning/       [root@serv01 /]# tail -n3 /etc/passwd   avahi:x:70:70:Avahi mDNS/DNS-SD Stack:/var/run/avahi-daemon:/sbin/nologin   sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin   think:x:666:666:this is linux admin:/rhome/think:/bin/bash      [root@serv01 /]# tail -n3 /etc/passwd   avahi:x:70:70:Avahi mDNS/DNS-SD Stack:/var/run/avahi-daemon:/sbin/nologin   sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin   think:x:666:666:this is linux admin:/rhome/think:/bin/bash   [root@serv01 /]# tail -n5 /etc/gruop   tail: cannot open `/etc/gruop' for reading: No such file or directory   [root@serv01 /]# tail -n5 /etc/group   sshd:x:74:   hink:x:500:   linux:x:666:   oracle:x:667:   dba:x:668:   [root@serv01 /]# userdel hongyi   userdel: user 'hongyi' does not exist   [root@serv01 /]# rm -rf /home/hongyi   #刪除組linux   [root@serv01 /]# groupdel linux   groupdel: cannot remove the primary group of user 'think'   [root@serv01 /]# userdel -r think   [root@serv01 /]# groupdel dba   [root@serv01 /]# groupdel linux   [root@serv01 /]# groupdel oracle      #集群:指定編號,不重復   #不一樣的機器ID保持一樣 用戶名保持一樣      [root@serv01 /]# groupadd oracle   [root@serv01 /]# groupadd linux   [root@serv01 /]# groupadd dba   [root@serv01 /]# tail -n3 /etc/group   oracle:x:501:   linux:x:502:   dba:x:503:      #一個用戶屬於多個組,添加到多個組   [root@serv01 /]# useradd -g oracle -G linux,dba zhink   [root@serv01 /]# id zhink   uid=500(zhink) gid=501(oracle) groups=501(oracle),502(linux),503(dba)   [root@serv01 /]# groupadd admin   [root@serv01 /]# groupadd oper   [root@serv01 /]# usermod -a -G admin,oper zhink   [root@serv01 /]# id zhink   uid=500(zhink) gid=501(oracle)   groups=501(oracle),502(linux),503(dba),504(admin),505(oper)         [root@serv01 /]# tail -n1 /etc/group   oper:x:505:   #修改組的名字   [root@serv01 /]# groupmod -n opr oper   [root@serv01 /]# tail -n1 /etc/group   opr:x:505:      #修改組的編號   [root@serv01 /]# tail -n1 /etc/group   opr:x:505:   [root@serv01 /]# groupmod -g 666 opr   [root@serv01 /]# tail -n1 /etc/group   opr:x:666:      #一個組裡添加多個成員      [root@serv01 /]# useradd -G admin hongyi   Creating mailbox file: File exists      [root@serv01 /]# id hongyi   uid=501(hongyi) gid=667(hongyi) groups=667(hongyi),504(admin)   [root@serv01 /]# useradd up01   [root@serv01 /]# useradd up02   [root@serv01 /]# useradd up03   [root@serv01 /]# tail -n10 /etc/group   hink:x:500:   oracle:x:501:   linux:x:502:zhink   dba:x:503:zhink   admin:x:504:zhink,hongyi   opr:x:666:   hongyi:x:667:   up01:x:668:   up02:x:669:   up03:x:670:      #追加up01到admin組   [root@serv01 /]# gpasswd -a up01 admin   Adding user up01 to group admin   [root@serv01 /]# tail -n10 /etc/group   hink:x:500:   oracle:x:501:   linux:x:502:zhink   dba:x:503:zhink   admin:x:504:zhink,hongyi,up01   opr:x:666:   hongyi:x:667:   up01:x:668:   up02:x:669:   up03:x:670:      #添加多個用戶到一個組裡,會覆蓋以前的   [root@serv01 /]# gpasswd -M up01,up02,up03 admin   [root@serv01 /]# tail -n10 /etc/group   hink:x:500:   oracle:x:501:   linux:x:502:zhink   dba:x:503:zhink   admin:x:504:up01,up02,up03   opr:x:666:   hongyi:x:667:   up01:x:668:   up02:x:669:   up03:x:670:      rm -rf *      #手動刪除用戶:逆向思維創建用戶      #修改組的密碼   [root@serv01 /]# tail -n1 /etc/gshadow   linux:!::zhink      [root@serv01 /]# gpasswd linux   Changing the password for group linux   New Password:    Re-enter new password:    [root@serv01 /]# tail -n1 /etc/gshadow   linux:$6$Qkm/5/Xju/N/U$cmxuQ0KEcDJzISIhlhEaAkKi/fQSxeqicB3U/mGLk1o02kyCSQMvdu4FI3.UAmiS/kQzjrnBs7Kbg7DriXaCJ1::zhink      useradd zhink   passwd zhink   #以zhink用戶登錄   [root@larrywen Desktop]# ssh [email protected]   [email protected]'s password:    #修改zhink用戶到linux組   [zhink@serv01 ~]$ newgrp linux   Password:    Invalid password.      #RHEL5支持添加到其他組需要密碼,6不支持      #修改用戶up01到linux組,成為該組的管理員   [root@serv01 /]# gpasswd -A up01 linux   [root@serv01 /]# tail -n1 /etc/gshadow   linux:$6$Qkm/5/Xju/N/U$cmxuQ0KEcDJzISIhlhEaAkKi/fQSxeqicB3U/mGLk1o02kyCSQMvdu4FI3.UAmiS/kQzjrnBs7Kbg7DriXaCJ1:up01:   [root@serv01 /]# passwd up01   #以up01用戶登錄,然後把zhink添加到linux組   [root@larrywen Desktop]# ssh [email protected]   [email protected]'s password:    [up01@serv01 ~]$ gpasswd -a zhink linux   Adding user zhink to group linux   [up01@serv01 ~]$ id zhink   uid=500(zhink) gid=501(oracle) groups=501(oracle),502(linux),503(dba)   [root@serv01 /]# tail -n1 /etc/gshadow   linux:$6$Qkm/5/Xju/N/U$cmxuQ0KEcDJzISIhlhEaAkKi/fQSxeqicB3U/mGLk1o02kyCSQMvdu4FI3.UAmiS/kQzjrnBs7Kbg7DriXaCJ1:up01:zhink      #修改up02的密碼   [root@serv01 /]# passwd up02   [root@larrywen Desktop]# ssh [email protected]   #以up02登錄,然後將zhink添加到linux組,發現失敗   [email protected]'s password:    [up02@serv01 ~]$ id zhink   uid=500(zhink) gid=501(oracle) groups=501(oracle),502(linux),503(dba)      [up02@serv01 ~]$ gpasswd -a zhink linux   gpasswd: Permission denied.      #添加用戶時的定義   [root@serv01 /]# vim /etc/default/useradd       [root@serv01 etc]# ls -l /var/mail /var/spool/mail/ -id   417 lrwxrwxrwx. 1 root root   10 Jul 23 00:54 /var/mail -> spool/mail   424 drwxrwxr-x. 2 root mail 4096 Sep 20 17:37 /var/spool/mail/    
Copyright © Linux教程網 All Rights Reserved