本文档详细介绍了如何使用Linux命令进行用户与组管理,包括创建、修改和删除用户及组的操作方法。涵盖了useradd、groupadd等命令的使用及其选项说明,并提供了密码过期策略的设置方法。
1、configure umask in /etc/bashrc
2、when the home directory is created, default configuration files are copied into
it from the /etc/skel/ directory.
3、useradd [options] username
| Option | Description |
|---|---|
-c 'comment' |
comment can
be replaced with any string. This option is generally used to specify the full name of a user. |
-d home_directory |
Home directory to be used instead of default /home/. |
-e date | Date for the account to be disabled in the format YYYY-MM-DD. |
-f days |
Number of days after the password expires until the account is disabled. If 0 is specified,
the account is disabled immediately after the password expires. If -1 is specified,
the account is not be disabled after the password expires. |
-g group_name | Group name or group number for the user's default group. The group must exist prior to being specified here. |
-G group_list | List of additional (other than default) group names or group numbers, separated by commas, of which the user is a member. The groups must exist prior to being specified here. |
-m | Create the home directory if it does not exist. |
-M | Do not create the home directory. |
-N | Do not create a user private group for the user. |
-p password |
The password encrypted with crypt. |
-r | Create a system account with a UID less than 1000 and without a home directory. |
-s |
User's login shell, which defaults to /bin/bash. |
-u uid | User ID for the user, which must be unique and greater than 999. |
groupadd[options]group_name| Option | Description |
|---|---|
-f, --force |
When used with -g gid and gid already
exists, groupadd will choose another unique gid for
the group. |
-g gid | Group ID for the group, which must be unique and greater than 999. |
-K, --key key=value |
Override /etc/login.defs defaults. |
-o, --non-unique | Allow to create groups with duplicate. |
-p, --password password | Use this encrypted password for the new group. |
-r | Create a system group with a GID less than 1000. |
| Description | |
|---|---|
| -d days | Specifies the number of days since January 1, 1970 the password was changed. |
| -E date | Specifies the date on which the account is locked, in the format YYYY-MM-DD. Instead of the date, the number of days since January 1, 1970 can also be used. |
| -I days | Specifies the number of inactive days after the password expiration before locking the account. If the value is 0, the account is not locked after the password expires. |
| -l | Lists current account aging settings. |
| -m days | Specify the minimum number of days after which the user must change passwords. If the value is 0, the password does not expire. |
| -M days | Specify the maximum number of days for which the password is valid. When the number of days specified by this option plus the number of days specified with the-d option is less than the current day, the user must change passwords before using the account. |
| -W days | Specifies the number of days before the password expiration date to warn the user. |
7、commands
-
chage(1) — A command to modify password aging policies and account expiration.
-
gpasswd(1) — A command to administer the
/etc/groupfile. -
groupadd(8) — A command to add groups.
-
grpck(8) — A command to verify the
/etc/groupfile. -
groupdel(8) — A command to remove groups.
-
groupmod(8) — A command to modify group membership.
-
pwck(8) — A command to verify the
/etc/passwdand/etc/shadowfiles. -
pwconv(8) — A tool to convert standard passwords to shadow passwords.
-
pwunconv(8) — A tool to convert shadow passwords to standard passwords.
-
useradd(8) — A command to add users.
-
userdel(8) — A command to remove users.
-
usermod(8) — A command to modify users.
扫一扫
1万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
