1. 用户概述
Linux系统支持多用户同时登陆 互相管理不冲突
Windows不支持多用户同时登陆
为什么要有用户?
1. 系统的程序进程需要指定的用户进行运行
2. root管理系统权限太大,需要普通用户进行管理
[ root@CentOS7 ~]
uid= 0( root) gid= 0( root) groups= 0( root)
[ root@CentOS7 ~]
uid= 998( nginx) gid= 996( nginx) groups= 996( nginx)
2.查看用户信息
1.who
who
[ root@zzc ~]
root tty1 2020-08-10 08:09
root pts/0 2020-08-10 08:26 ( 10.0.0.1)
2.whoami
whoami
[ root@zzc ~]
root
3.id
id
[ root@zzc ~]
uid= 0( root) gid= 0( root) groups= 0( root)
[ root@zzc ~]
uid= 1000( zzc) gid= 1000( zzc) groups= 1000( zzc)
4.w
w
[ root@zzc ~]
12:05:37 up 4:00, 3 users, load average: 0.00, 0.01, 0.05
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root tty1 08:09 3:56m 0.05s 0.05s -bash
root pts/0 10.0.0.1 08:26 1.00s 0.27s 0.00s w
root pts/1 10.0.0.1 12:05 9.00s 0.07s 0.04s -bash
5.finger
finger
[ root@CentOS7 ~]
[ root@CentOS7 ~]
Login: root Name: root
Directory: /root Shell: /bin/bash
On since Tue Jul 21 17:49 ( CST) on pts/0 from 10.0.0.1
7 seconds idle
No mail.
No Plan.
6.uptime
uptime
[ root@CentOS7 ~]
19:51:31 up 10:48, 3 users, load average: 0.00, 0.01, 0.05
```bash
CentOS-7
UID
0 --- 超级管理员用户 权限最大
1-200 --- 系统用户,系统默认创建好的 不能登录系统的用户 用来运行系统中的程序和进程
201-1000 --- 系统用户 用户自定义的 运行一些软件程序
1000+ --- 普通用户 可以正常登录系统 但是权限很低
CentOS-6
1-500 系统用户
500+ 普通用户
4. 用户uid和gid
扩展:
用户组:将同一类用户设置为同一个组,如可将所有的系统管理员设置为admin组,便于分配权限,将某些重要的文件设置为所有admin组用户可以读写,这样可以进行权限分配。
每个用户都有一个唯一的用户id,每个用户组都有一个唯一的组id
5. 用户相关的文件
[ root@CentOS7 ~]
-rw-r--r-- 1 root root 860 Jul 20 19:50 /etc/passwd
[ root@CentOS7 ~]
root:x:0:0:root:/root:/bin/bash
第一列: root
第二列: x
第三列: 0
第四列: 0
第五列: root
第六列: /root
第七列: /bin/bash
[ root@CentOS7 ~]
---------- 1 root root 584 Jul 20 19:50 /etc/shadow
[ root@CentOS7 ~]
user01:! ! :18464:0:99999:7:::
第一列: user01
第二列: * 或者 ! !
第三列: 18464
第四列: 0
第五列: 99999
第六列: 7
第七列: 10
第八列: 20391231
第九列: 空
6. 用户管理命令
创建用户的命令 useradd adduser
[ root@qls ~]
-rwxr-x---. 1 root root 118232 Oct 31 2018 /usr/sbin/useradd
[ root@qls ~]
lrwxrwxrwx. 1 root root 7 Jul 6 02:13 /usr/sbin/adduser -> useradd
修改用户的命令 usermod
删除用户的命令 userdel
查看用户的命令 id who whoami w
useradd 创建用户
useradd == adduser
选项:
-u
-g
-G
-d
-c
-s
-r
-M
[ root@CentOS7 ~]
[ root@CentOS7 ~]
user01:x:1000:1000::/home/user01:/bin/bash
[ root@CentOS7 ~]
user01:! ! :18464:0:99999:7:::
[ root@CentOS7 ~]
[ root@CentOS7 ~]
user02:x:555:1001:test:/opt/user02:/bin/bash
[ root@CentOS7 ~]
total 192
-rw-r--r--. 1 root root 192841 Jul 20 16:43 nginx-org
drwx------ 2 user02 user02 62 Jul 21 14:50 user02
[ root@CentOS7 ~]
[ root@CentOS7 ~]
user03:x:665:665::/home/user03:/bin/bash
[ root@CentOS7 ~]
total 0
drwx------ 2 user01 user01 62 Jul 21 16:40 user01
[ root@CentOS7 ~]
[ root@CentOS7 ~]
user04:x:664:664::/home/user04:/sbin/nologin
[ root@CentOS7 ~]
total 0
drwx------ 2 user01 user01 62 Jul 21 16:40 user01
[ root@CentOS7 ~]
[ root@CentOS7 ~]
user05:x:1001:1002::/home/user05:/sbin/nologin
[ root@CentOS7 ~]
total 0
drwx------ 2 user01 user01 62 Jul 21 16:40 user01
usermod 修改用户信息
usermod
选项:
-u
-g
-a
-G
-m
-d
-c
-s
-l
-L
-U( 大写)
[ root@CentOS7 ~]
[ root@CentOS7 ~]
user123:x:6666:1001:123:/opt/user01:/bin/bash
[ root@CentOS7 ~]
uid= 6666( user123) gid= 1001( user02) groups= 1001( user02) ,665( user03) ,664( user04)
[ root@CentOS7 ~]
user01:x:1000:1000::/home/user01:/bin/bash
[ root@CentOS7 ~]
[ root@CentOS7 ~]
uid= 6666( user123) gid= 1001( user02) groups= 1001( user02)
[ root@CentOS7 ~]
user123:x:6666:1001:123:/opt/zzc:/bin/bash
[ root@CentOS7 ~]
user05:x:6667:6667::/home/user05:/sbin/nogin
[ root@CentOS7 ~]
[ root@CentOS7 ~]
user05:x:6667:6667::/home/user05:/bin/bash
[ root@CentOS7 ~]
[ root@CentOS7 ~]
[ root@CentOS7 ~]
Changing password for user user05.
New password:
BAD PASSWORD: The password is a palindrome
Retype new password:
passwd: all authentication tokens updated successfully.
[ C:\~] $ ssh user05@10.0.0.100
Connecting to 10.0.0.100:22.. .
Connection established.
To escape to local shell, press 'Ctrl+Alt+]' .
Last failed login: Tue Jul 21 15:38:11 CST 2020 from 10.0.0.1 on ssh:notty
There were 2 failed login attempts since the last successful login.
Last login: Tue Jul 21 15:35:55 2020
[ user05@CentOS7 ~] $
userdel 删除用户
userdel
选项:
-r
[ root@CentOS7 ~]
total 1016
drwx------ 2 user123 user02 62 Jul 21 16:40 user01
drwx------ 2 user02 user02 62 Jul 21 16:47 user02
[ root@CentOS7 ~]
[ root@CentOS7 ~]
total 1016
drwx------ 2 6666 user02 62 Jul 21 16:40 user01
drwx------ 2 user02 user02 62 Jul 21 16:47 user02
[ root@CentOS7 ~]
[ root@CentOS7 ~]
total 0
drwx------ 2 user06 user06 62 Jul 21 17:45 user06
[ root@CentOS7 ~]
total 0
-rw-rw---- 1 user02 mail 0 Jul 21 16:47 user02
-rw-rw---- 1 user05 mail 0 Jul 21 16:55 user05
-rw-rw---- 1 user06 mail 0 Jul 21 17:45 user06
-rw-rw---- 1 6666 mail 0 Jul 21 16:40 user123
[ root@CentOS7 ~]
[ root@CentOS7 ~]
total 0
[ root@CentOS7 ~]
total 0
-rw-rw---- 1 user02 mail 0 Jul 21 16:47 user02
-rw-rw---- 1 user05 mail 0 Jul 21 16:55 user05
-rw-rw---- 1 6666 mail 0 Jul 21 16:40 user123
[ root@CentOS7 ~]
userdel: user user02 is currently used by process 8333
[ root@CentOS7 ~]
user02 8333 0.0 0.1 161364 2348 ? S 17:42 0:00 sshd: user02@pts/1
root 8389 0.0 0.0 112708 976 pts/0 R+ 17:46 0:00 grep --color= auto 8333
[ root@CentOS7 ~]
用户创建相关的文件
[ root@CentOS7 ~]
-rw-r--r--. 1 root root 2028 Oct 30 2018 /etc/login.defs
[ root@CentOS7 ~]
-rw-r--r--. 1 root root 119 Oct 30 2018 /etc/default/useradd
[ root@CentOS7 ~]
MAIL_DIR /var/spool/mail
PASS_MAX_DAYS 99999
PASS_MIN_DAYS 0
PASS_MIN_LEN 5
PASS_WARN_AGE 7
UID_MIN 1000
UID_MAX 60000
SYS_UID_MIN 201
SYS_UID_MAX 999
GID_MIN 1000
GID_MAX 60000
SYS_GID_MIN 201
SYS_GID_MAX 999
CREATE_HOME yes
UMASK 077
USERGROUPS_ENAB yes
ENCRYPT_METHOD SHA512
[ root@CentOS7 ~]
GROUP= 100
HOME= /home
INACTIVE= -1
EXPIRE=
SHELL= /bin/bash
SKEL= /etc/skel
CREATE_MAIL_SPOOL= yes
用户命令行故障
[ root@CentOS7 ~]
Changing password for user test.
New password:
BAD PASSWORD: The password is a palindrome
Retype new password:
passwd: all authentication tokens updated successfully.
[ root@CentOS7 ~]
-bash-4.2$
-bash-4.2$
-bash-4.2$ pwd
/home/test
-bash-4.2$ cp -a /etc/skel/.bash* ./
Permission denied
[ root@CentOS7 ~]
[ root@CentOS7 ~]
drwx------ 2 root root 6 Jul 21 10:53 /home/test
[ root@CentOS7 ~]
-bash-4.2$ cd /home/test
-bash-4.2$ pwd
/home/test
-bash-4.2$ cp -a /etc/skel/.bash* ./
-bash-4.2$ logout
用户的密码信息
[ root@CentOS7 ~]
[ root@CentOS7 ~]
Changing password for user root.
New password:
[ root@CentOS7 ~]
Changing password for user qls01.
New password:
BAD PASSWORD: The password is a palindrome
Retype new password:
passwd: all authentication tokens updated successfully.
[ root@CentOS7 ~]
[ root@CentOS7 ~]
Changing password for user qls01.
passwd: all authentication tokens updated successfully.
$RANDOM
[ root@CentOS7 ~]
28241
[ root@CentOS7 ~]
6c8a1df9e12e9c553d0f9a397b860f4e -
[ root@CentOS7 ~]
64091f6823
[ root@CentOS7 ~]
df0676f775
[ root@CentOS7 ~]
Changing password for user qls01.
passwd: all authentication tokens updated successfully.
[ root@CentOS7 ~]
b676039b3f
[ root@CentOS7 ~]
Changing password for user qls01.
passwd: all authentication tokens updated successfully.
[ root@CentOS7 ~]
7d53328b61
tee
-a
[ root@CentOS7 ~]
选项:
-l
-d
-c
-C
-s
[ root@CentOS7 ~]
gC} 2atTf9
[ root@CentOS7 ~]
sv_^WF85J@DF5Ng5| 3{ f3/ng
[ root@CentOS7 ~]
9px3Sesrx[ ybtbvElubxxltj
[ root@CentOS7 ~]
uimYw\Z4amzffhti0eljucgg
[ root@CentOS7 ~]
impossible to generate 24-character password with 2 numbers, 2 lowercase letters, 2 uppercase letters and 24 special characters.
[ root@CentOS7 ~]
$.$} +?; -~] | ) > (
[ root@CentOS7 ~]
Changing password for user qls01.
passwd: all authentication tokens updated successfully.
[ root@CentOS7 ~]
:{ ] ~"/'%[,+" ^*%??%,'?} ~$
6. 用户组的管理
用户组概述
什么是用户组
组分为两类
基本组
附加组
[ root@CentOS7 ~]
-rw-r--r-- 1 root root 573 Jul 21 11:04 /etc/group
[ root@CentOS7 ~]
---------- 1 root root 449 Jul 21 11:04 /etc/gshadow
[ root@CentOS7 ~]
[ root@CentOS7 ~]
root:x:0:
bin:x:1:
daemon:x:2:
mail:x:12:postfix
第一列: root
第二列: x
第三列: 0
第四列:
[ root@CentOS7 ~]
root:::
bin:::
daemon:::
mail:::postfix
第一列: root
第二列: ! 或者空
第三列: 空
第四列: 空
[ root@CentOS7 ~]
[ root@CentOS7 ~]
user01:x:1000:qls01
user03:x:665:qls01
user05:x:1002:qls01
qls01:x:1006:
[ root@CentOS7 ~]
user01:! ::qls01
user03:! ::qls01
user05:! ::qls01
qls01:! ::
groupadd 创建用户组的命令
groupadd
选项:
-g
-r
[ root@CentOS7 ~]
[ root@CentOS7 ~]
user_group01:x:1007:
[ root@CentOS7 ~]
[ root@CentOS7 ~]
user_group02:x:666:
[ root@CentOS7 ~]
[ root@CentOS7 ~]
user_group03:x:664:
groupmod 修改用户组的命令
groupmod
选项:
-g
-n
[ root@CentOS7 ~]
[ root@CentOS7 ~]
user_group01:x:6666:
[ root@CentOS7 ~]
[ root@CentOS7 ~]
new_group:x:6666:
groupdel 删除用户组的命令
groupdel
[ root@CentOS7 ~]
[ root@CentOS7 ~]
[ root@CentOS7 ~]
[ root@CentOS7 ~]
user05:x:1002:qls01
[ root@CentOS7 ~]
user05:x:1001:1002::/home/user05:/bin/bash
test:x:1002:1003::/home/test:/bin/bash
[ root@CentOS7 ~]
uid= 1001( user05) gid= 1002( user05) groups= 1002( user05)
解决:
给这里面的用户重新找个基本组
把用户也一并删除掉
[ root@CentOS7 ~]
groupdel: cannot remove the primary group of user 'user05'
[ root@CentOS7 ~]
[ root@CentOS7 ~]
uid= 1001( user05) gid= 1003( test) groups= 1003( test)
[ root@CentOS7 ~]
gpasswd 用于将一个用户添加到组或者从组中删除
gpasswd
选项:
-d
-a
[ root@zzc ~]
uid= 1001( test) gid= 1001( test) groups= 1001( test) ,1000( zzc)
[ root@zzc ~]
Removing user test from group zzc
[ root@zzc ~]
uid= 1001( test) gid= 1001( test) groups= 1001( test)
[ root@zzc ~]
uid= 1000( zzc) gid= 1000( zzc) groups= 1000( zzc)
[ root@zzc ~]
uid= 1001( test) gid= 1001( test) groups= 1001( test)
[ root@zzc ~]
Adding user zzc to group test
[ root@zzc ~]
uid= 1000( zzc) gid= 1000( zzc) groups= 1000( zzc) ,1001( test)
[ root@zzc ~]
uid= 1001( test) gid= 1001( test) groups= 1001( test)