1、configure umask in /etc/bashrc
2、when the home directory is created, default configuration files are copied into it from the /etc/skel/
directory.
3、useradd [options] username
Option | Description |
---|---|
-c 'comment ' | comment can be replaced with any string. This option is generally used to specify the full name of a user. |
-d home_directory | Home directory to be used instead of default /home/ . |
-e date | Date for the account to be disabled in the format YYYY-MM-DD. |
-f days | Number of days after the password expires until the account is disabled. If 0 is specified, the account is disabled immediately after the password expires. If -1 is specified, the account is not be disabled after the password expires. |
-g group_name | Group name or group number for the user's default group. The group must exist prior to being specified here. |
-G group_list | List of additional (other than default) group names or group numbers, separated by commas, of which the user is a member. The groups must exist prior to being specified here. |
-m | Create the home directory if it does not exist. |
-M | Do not create the home directory. |
-N | Do not create a user private group for the user. |
-p password | The password encrypted with crypt . |
-r | Create a system account with a UID less than 1000 and without a home directory. |
-s | User's login shell, which defaults to /bin/bash . |
-u uid | User ID for the user, which must be unique and greater than 999. |
groupadd
[
options
]
group_name
Option | Description |
---|---|
-f , --force | When used with -g gid and gid already exists, groupadd will choose another unique gid for the group. |
-g gid | Group ID for the group, which must be unique and greater than 999. |
-K , --key key =value | Override /etc/login.defs defaults. |
-o , --non-unique | Allow to create groups with duplicate. |
-p , --password password | Use this encrypted password for the new group. |
-r | Create a system group with a GID less than 1000. |
Description | |
---|---|
-d days | Specifies the number of days since January 1, 1970 the password was changed. |
-E date | Specifies the date on which the account is locked, in the format YYYY-MM-DD. Instead of the date, the number of days since January 1, 1970 can also be used. |
-I days | Specifies the number of inactive days after the password expiration before locking the account. If the value is 0, the account is not locked after the password expires. |
-l | Lists current account aging settings. |
-m days | Specify the minimum number of days after which the user must change passwords. If the value is 0, the password does not expire. |
-M days | Specify the maximum number of days for which the password is valid. When the number of days specified by this option plus the number of days specified with the-d option is less than the current day, the user must change passwords before using the account. |
-W days | Specifies the number of days before the password expiration date to warn the user. |
7、commands
-
chage(1) — A command to modify password aging policies and account expiration.
-
gpasswd(1) — A command to administer the
/etc/group
file. -
groupadd(8) — A command to add groups.
-
grpck(8) — A command to verify the
/etc/group
file. -
groupdel(8) — A command to remove groups.
-
groupmod(8) — A command to modify group membership.
-
pwck(8) — A command to verify the
/etc/passwd
and/etc/shadow
files. -
pwconv(8) — A tool to convert standard passwords to shadow passwords.
-
pwunconv(8) — A tool to convert shadow passwords to standard passwords.
-
useradd(8) — A command to add users.
-
userdel(8) — A command to remove users.
-
usermod(8) — A command to modify users.