Linux用户组介绍：如何添加新组，新组成员和更改组

最新推荐文章于 2024-08-13 02:10:37 发布

cumian9828

最新推荐文章于 2024-08-13 02:10:37 发布

阅读量3.8k

点赞数 3

文章标签： linux java python 数据库运维

原文链接：https://www.freecodecamp.org/news/linux-user-groups-explained-how-to-add-a-new-group-a-new-group-member-and-change-groups/

版权

本文介绍了Linux用户组的概念，包括主要组和次要组，详细讲解了如何创建用户组、添加用户、将用户加入或移出组，并强调了用户组在权限管理中的作用。

摘要由CSDN通过智能技术生成

Linux allows multiple users to have access to the system at one time. Setting permissions protects users from each other. Users can be assigned to groups that are created for users who share privilege, security, and access. Files and devices may be granted access based on a specific user or a group of users.

Linux允许多个用户一次访问系统。设置权限可以保护用户彼此之间。可以将用户分配到为共享特权，安全性和访问权的用户创建的组。可以基于特定用户或一组用户来授予文件和设备访问权限。

Groups are often used to give members certain permissions to modify a file or directory.

组通常用于授予成员某些权限来修改文件或目录。

The two main types of groups are primary groups and secondary groups. A user's primary group is the default group the account is associated with. Directories and files the user creates will have this Group ID. A secondary group is any group(s) a user is a member of other than the primary group.

组的两种主要类型是主要组和次要组。用户的主要组是与该帐户关联的默认组。用户创建的目录和文件将具有此组ID。次要组是用户不是主要组的成员的任何组。

建立群组 (Creating groups)

Let's create two groups called "writers" and "editors". Use the groupadd command like this ( You may have to use sudo at the beginning so you have the appropriate permission to create a group):

让我们创建两个组，分别称为“作家”和“编辑者”。像这样使用groupadd命令(您可能必须在开始时使用sudo ，因此您具有创建组的适当权限)：

groupadd writers
groupadd editors

建立使用者 (Creating users)

You may already have users to add to your group. If not, here is the basic syntax to create a user with the useradd command:

您可能已经有用户要添加到您的组中。如果没有，这是使用useradd命令创建用户的基本语法：

useradd [options] username

Here is the command to create a user named "quincy". The -m will create the user's home directory to match the username. The -p p4ssw0rd creates a password for the user of "p4ssw0rd".

这是创建名为“ quincy”的用户的命令。 -m将创建用户的主目录以匹配用户名。 -p p4ssw0rd为“ p4ssw0rd”用户创建密码。

useradd -m quincy -p password

The user will be able to change their password with the passwd command. They will have to enter their current password and then their new password.

用户将可以使用passwd命令更改其密码。他们将必须输入当前密码，然后输入新密码。

将用户添加到组 (Adding a user to a group)

You can use the usermod command to add a user to a group. Here is how to add the user "quincy" to the group "writers". The -a parameter means "append" and the -G parameter adds a group as a secondary group.

您可以使用usermod命令将用户添加到组中。这是将用户“ quincy”添加到“ writers”组的方法。 -a参数表示“追加”， -G参数将一个组添加为辅助组。

usermod -a -G writers quincy

When a user is created with the adduser command, the user is automatically assigned to a primary group with the same name as the username. So currently the user "quincy" has a primary group of "quincy" and a secondary group of "writers".

使用adduser命令创建用户时，该用户将自动分配adduser用户名相同名称的主组。因此，当前用户“ quincy”具有主要组“ quincy”和次要组“ writer”。

You can also add a user to many groups at once by separating the group names with commas. -G group1,group2,group3.

您还可以通过用逗号分隔组名来一次将用户添加到多个组。 -G group1,group2,group3 。

The following command changes the primary group of the user quincy to "editors":

以下命令将用户昆西的主要组更改为“编辑者”：

usermod -g editors quincy

从辅助组中删除用户 (Removing a user from a secondary group)

To remove a user from a secondary group you need to overwrite the current groups of a user with a new set of groups that does not contain the group that is being removed.

要从辅助组中删除用户，您需要用一组不包含要删除的组的新组覆盖用户的当前组。

First, use the id command to check what secondary groups a user belongs to:

首先，使用id命令检查用户属于哪个二级组：

id -nG quincy

Let's say that this returns editors writers indicating that quincy is part of the "editors" and "writers" group. If you want to remove the "writers" group, use this command:

假设这返回了editors writers表明昆西是“编辑者”和“作家”组的一部分。如果要删除“作家”组，请使用以下命令：

usermod -G editors quincy

That command sets the secondary group of quincy to "editors". Since the -a flag was not used, the previous set of groups was overwritten.

该命令将昆西的第二组设置为“编辑器”。由于未使用-a标志，因此先前的组已被覆盖。