Linux 命令整理 —— 用戶管理

時間 2019-12-11

標籤 linux 命令整理用戶管理欄目 Linux 简体版

原文原文鏈接

Linux用戶管理以讀、寫、執行動做爲權限，以用戶組爲單位，限制用戶行爲。對於文件的的操做，能夠限制讀、寫、執行中的哪種，也能夠限制文件全部者、組用戶、組外用戶相應的權限。

因此，要創建用戶，最好先肯定其所在的組。
1、用戶組操做
1. 建立用戶組——groupadd linux

```
#新增deploy組  
groupadd deploy  
```

2. 修改用戶組——groupmod nginx

#將用戶組deploy改名爲deploy1  
groupmod -n deploy1 deploy

注意是將已存在的deploy組改名爲deploy1

3. 刪除用戶組——groupdel shell

#刪除用戶組deploy1  
groupdel deploy1

4. 查看用戶組——groups /etc/group
groups只能查看當前用戶所在的組，如下是root用戶所在的組。安全

引用

# groups 
root bin daemon sys adm disk wheel

要看全部用戶組信息，直接查看/etc/group： app

引用

# cat /etc/group 
root:x:0:root 
bin:x:1:root,bin,daemon 
daemon:x:2:root,bin,daemon 
sys:x:3:root,bin,adm

2、用戶操做
1. 建立用戶——useradd ide

引用

# useradd 
Usage: useradd [options] LOGIN 

Options: 
  -b, --base-dir BASE_DIR       base directory for the new user account 
                                home directory 
  -c, --comment COMMENT         set the GECOS field for the new user account 
  -d, --home-dir HOME_DIR       home directory for the new user account 
  -D, --defaults                print or save modified default useradd 
                                configuration 
  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE 
  -f, --inactive INACTIVE       set password inactive after expiration 
                                to INACTIVE 
  -g, --gid GROUP               force use GROUP for the new user account 
  -G, --groups GROUPS           list of supplementary groups for the new 
                                user account 
  -h, --help                    display this help message and exit 
  -k, --skel SKEL_DIR           specify an alternative skel directory 
  -K, --key KEY=VALUE           overrides /etc/login.defs defaults 
  -m, --create-home             create home directory for the new user 
                                account 
  -l,                       do not add user to lastlog database file 
  -M,                       do not create user's home directory(overrides /etc/login.defs) 
  -r,                       create system account 
  -o, --non-unique              allow create user with duplicate 
                                (non-unique) UID 
  -p, --password PASSWORD       use encrypted password for the new user 
                                account 
  -s, --shell SHELL             the login shell for the new user account 
  -u, --uid UID                 force use the UID for the new user account 
  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user mapping

新建用戶deploy，位於deploy組，用於部署工做： ui

#-g 組 用戶  
useradd -g deploy deploy

新建用戶nginx，位於www組，且不可登陸，用於啓動nginx： this

```
useradd -s /sbin/nologin -g www nginx  
```

爲用戶deploy設置密碼： spa

引用

# passwd deploy 
Changing password for user deploy. 
New UNIX password: 
Retype new UNIX password: 
passwd: all authentication tokens updated successfully.

新建用戶test，位於www組，併爲其設置密碼爲1234567890： code

```
useradd -g www -p 1234567890 test  
```

2. 修改用戶——usermod gpasswd

引用

# usermod 
Usage: usermod [options] LOGIN 

Options: 
  -a, --append                  append the user to the supplemental GROUPS 
                                (use only with -G) 
  -c, --comment COMMENT         new value of the GECOS field 
  -d, --home HOME_DIR           new home directory for the user account 
  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE 
  -f, --inactive INACTIVE       set password inactive after expiration 
                                to INACTIVE 
  -g, --gid GROUP               force use GROUP as new primary group 
  -G, --groups GROUPS           new list of supplementary GROUPS 
  -h, --help                    display this help message and exit 
  -l, --login NEW_LOGIN         new value of the login name 
  -L, --lock                    lock the user account 
  -m, --move-home               move contents of the home directory to the new 
                                location (use only with -d) 
  -o, --non-unique              allow using duplicate (non-unique) UID 
  -p, --password PASSWORD       use encrypted password for the new password 
  -s, --shell SHELL             new login shell for the user account 
  -u, --uid UID                 new UID for the user account 
  -U, --unlock                  unlock the user account 
  -Z, --selinux-user    new selinux user mapping for the user account