1.usermod
usermod USERNAME
选项
-c --coment
: 修改用户commet-d --home
: 修改家目录 -m移动家目录到此目录-g --gid
: 基本组id-G --groups GROUP1,GROUP2...
: 附加组 以,隔开 加入-a选项追加组 否则覆盖原来的附加组-l --login
: 登录用户名-L --lock
: 锁定用户不能登录-p --password
: 修改密码-s --shell
: 修改shell-u --uid
: 修改uid-U --unlock
: 解锁账户
例子
创建user2:
[root@localhost home]# useradd user2
[root@localhost home]# cat /etc/passwd|grep user2
user2:x:4005:4005::/home/user2:/bin/bash
修改user2 uid为5000
[root@localhost home]# usermod -u 5000 user2
[root@localhost home]# !cat
cat /etc/passwd|grep user2
user2:x:5000:4005::/home/user2:/bin/bash
修改user2 comment:
[root@localhost home]# usermod -c "this is new user2 comment" user2
[root@localhost home]# !cat
cat /etc/passwd|grep user2
user2:x:5000:4005:this is new user2 comment:/home/user2:/bin/bash
修改user2基本组为mygroup:
[root@localhost home]# usermod -g mygroup user2
[root@localhost home]# cat /etc/passwd|grep user2
user2:x:5000:503:this is new user2 comment:/home/user2:/bin/bash
[root@localhost home]# cat /etc/group|grep mygroup
mygroup:x:503:
修改user2附加组为user3,user4:
[root@localhost home]# usermod -G user3,user4 user2
[root@localhost home]# cat /etc/group|grep user2
user3:x:504:user3,user2
user4:x:505:user3,user2
user2:x:4005:
修改user2附加组为user3,user4,user5 使用-a选项追加一个user5附加组:
[root@localhost home]# usermod -aG user5 user2
[root@localhost home]# cat /etc/group|grep user2
user3:x:504:user3,user2
user4:x:505:user3,user2
user5:x:506:user3,user2
user2:x:4005:
修改user2用户名为user2newname:
[root@localhost home]# usermod -l user2newname user2
[root@localhost home]# cat /etc/passwd|grep user2
user2newname:x:5000:503:this is new user2 comment:/home/user2:/bin/bash
修改user2newname shell为/etc/tcsh:
[root@localhost home]# usermod -s /bin/tcsh user2newname
[root@localhost home]# cat /etc/passwd|grep user2
user2newname:x:5000:503:this is new user2 comment:/home/user2:/bin/tcsh
锁定用户user2newname不登录:
## 加密码
[root@localhost home]# passwd user2newname
Changing password for user user2newname.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
## 锁定用户 ssh输入密码无法登录
[root@localhost home]# usermod -L user2newname
ssh user2newname@192.168.17.173
user2newname@192.168.17.173's password:
Permission denied, please try again.
## 解锁用户 ssh
[root@localhost home]# usermod -U user2newname
2.chsh 修改用户登录默认shell
chsh USERNAME
例子
[root@localhost home]# cat /etc/shells
/bin/sh
/bin/bash
/sbin/nologin
/bin/dash
/bin/tcsh
/bin/csh
[root@localhost home]# chsh user3
Changing shell for user3.
New shell [/bin/bash]: /bin/tcsh
Shell changed.
# 成功修改shell为/bin/tcsh
[root@localhost home]# cat /etc/passwd|grep user3
user3:x:1000:503:user3_name,user3_office,13776531050,57865497:/home/user3_new_home:/bin/tcsh
3.chfn 修改用户注释信息
chfn USERNAME
例子
[root@localhost home]# chfn user3
Changing finger information for user3.
Name []: user3_name
Office []: user3_office
Office Phone []: 13776531050
Home Phone []: 57865497
Finger information changed.
[root@localhost home]# finger user3
Login: user3 Name: user3_name
Directory: /home/user3_new_home Shell: /bin/bash
Office: user3_office, +1-377-653-1050 Home Phone: 57865497
Last login Thu Feb 16 20:29 (CST) on pts/1 from 192.168.17.1
No mail.
No Plan.
# comment以,分割
[root@localhost home]# cat /etc/passwd|grep user3
user3:x:1000:503:user3_name,user3_office,13776531050,57865497:/home/user3_new_home:/bin/bash
4.passwd 修改密码
passwd USERNAME
选项
--stdin
: 标准输入密码-l
: 锁定用户-u
: 解锁账户-d
: 删除密码
例子
修改user3密码为a123456:
[root@localhost home]# echo "a123456"|passwd --stdin user3
Changing password for user user3.
passwd: all authentication tokens updated successfully.
[root@localhost home]# cat /etc/shadow|grep user3
删除user3密码:
[root@localhost home]# cat /etc/shadow|grep user3
user3:$6$CDPD9so4$bpLPRIR3YT.0xp8OBjn.GDklx.vNvyXqihrlRA5g2lRQ4CfQKH6/hOYNRc4sc1hR7Xakh.ZhjpuIDhV0Lksy/0:17213:0:99999:7:::
[root@localhost home]# passwd -d user3
Removing password for user user3.
passwd: Success
[root@localhost home]# cat /etc/shadow|grep user3
user3::17213:0:99999:7:::
5.pwck
命令用来验证系统认证文件/etc/passwd和/etc/shadow的内容和格式的完整性。
6.groupadd 创建组
选项
-g GID
:-r
: 添加为系统组
例子
新增组id为489名为nginx的系统组
[root@localhost home]# groupadd -g 489 -r nginx
[root@localhost home]# tail -1 /etc/group
nginx:x:489:
7. groupmod 修改组
选项
-g GID
:-n GROUPNAME
: 修改组名
例子
修改nginx 组id为490
[root@localhost home]# groupmod -g 490 nginx
[root@localhost home]# !tail
tail -1 /etc/group
nginx:x:490:
修改nginx组名为nginxnewname
[root@localhost home]# groupmod -n nginxnewname nginx
[root@localhost home]# !tail
tail -1 /etc/group
nginxnewname:x:490:
8.groupdel 删除组
gpasswd GROUPNAME
9.gpasswd 为组加密码
gpasswd GROUPNAME
组加密码 用户切换改组输入密码就可以切换基本组为该组
如果用户的附加组包含切换的组 就不需要输入密码
例子
为组mygroup添加密码
[root@localhost home]# gpasswd mygroup
Changing the password for group mygroup
New Password:
Re-enter new password:
添加用户hadoop, 此时hadoop基本组默认为hadoop:
[root@localhost home]# useradd hadoop
[hadoop@localhost ~]$ id
uid=1001(hadoop) gid=503(mygroup) groups=503(mygroup),1001(hadoop) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
切换用户为hadoop,临时切换基本组为mygroup 输入组密码切换成功
[root@localhost home]# su - hadoop
[hadoop@localhost ~]$ newgrp mygroup
Password:
[hadoop@localhost ~]$ id
uid=1001(hadoop) gid=503(mygroup) groups=503(mygroup),1001(hadoop) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
exit退出 切换基本组为原来的hadoop组:
[hadoop@localhost ~]$ exit
exit
[hadoop@localhost ~]$ id
uid=1001(hadoop) gid=1001(hadoop) groups=1001(hadoop) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
10.newgrp 切换用户当前基本组
11.chage
选项
-d --lastday
: 最近一次的修改时间-E --expiredate
: 过期时间-I --inactive
: 非活动时间-m --mindays
: 最短使用期限-M --maxdays
: 最长使用期限-W --warndays
: 警告时间-l --list
: 列出用户以及密码的有效期