linux默认csh修改命令,修改shell 将当前shell（默认是bash B SHELL ）改为csh C SHELL...

切换用户：su

[root@node203 ~]# su - linsco   //由超级管理员用户切换成普通用户

[linsco@node203 ~]$ su root

[linsco@node203 ~]$ su -         //由普通用户切换成超级管理员用户

Password:

查看用户的UID，GID

[root@node203 home]# id root

uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)

[root@node203 home]# id linsco

uid=501(linsco) gid=501(linsco) groups=501(linsco)

用户分为：root用户，虚拟用户和普通用户

检查用户身份：

who:查询当前在线的用户

groups :查询当前用户所属的组

id:显示当前用户的信息

finger:查询用户信息

whoami：显示当前用户

w:查询当前用户的信息

/etc/passwd //是系统识别用户的一个文件

root:x:0:0:rsc,runhow,0592-5213966,15932836339:/root:/bin/bash

rscpass:x:100:507:ruanshengchang,runhow health,18859224109,18859224109:/home/rscpass:/bin/bash

root：用户名

x:   用户的密码，X表示密码被映射到/etc/shadow文件中

100:标识用户的UID,root的UID为0

查看UID最大值：/etc/login.defs

如果将别的用户的UID修改为0，那么此用户就有root的权限

507:组群标识号

:/home/rscpass:用户宿主目录

:/bin/bash:用户使用的shell

Usage: passwd [OPTION...]

-k, --keep-tokens       keep non-expired authentication tokens

-d, --delete            delete the password for the named account (root only)  //删除密码   -d 用户名,不要密码就可以进入

-l, --lock              lock the named account (root only)               //暂时锁定指定的用户账户

-u, --unlock            unlock the named account (root only)         //解除锁定

-f, --force             force operation

-x, --maximum=DAYS      maximum password lifetime (root only)

-n, --minimum=DAYS      minimum password lifetime (root only)

-w, --warning=DAYS      number of days warning users receives before

password expiration (root only)

-i, --inactive=DAYS     number of days after password expiration when an

account becomes disabled (root only)

-S, --status            report password status on the named account (root    //显示用户的状态

only)

--stdin                 read new tokens from stdin (root only)

Help options:

-?, --help              Show this help message

--usage                 Display brief usage message

/etc/shadow    //所有系统用户密码文件

root:$1$qwzTSMfi$U3F3sK6/X9FsKuk8DdqD5.:15388:0:99999:7:::

rscpass:$1$pIPEe9Vn$0f1eKKi5TPzb6Rr.lY8Mi/:15389::::::

rpc:!!:15388:0:99999:7:::

rscpass:用户名，与/etc/passwd的用户名相同

$1$pIPEe9Vn$0f1eKKi5TPzb6Rr.lY8Mi:加密的密码

!!:代表此用户不能登录

!qewadfxcvweadsf:以!开头的用户已锁定

*:代表

useradd - create a new user or update default new user information

authconfig  更改密码的存放方式

添加用户；

#useradd tond  //添加用户

#passwd tond  //设置密码

系统添加用户的标准步骤

编辑/etc/passwd与/etc/group

创建用户主目录

从/etc/skel拷贝文件与目录

让新用户获得其主目录与文件的拥有权限

组新用户一个密码

设置用户UID

#useradd -u 550 tong

#useradd -G root tong

-u:设置UID

-d:设置用户宿主目录,不是系统的目录/home/

-g:设置属于那个组

-s:设置shell类型      禁止用户登陆/sbin/nologin

-n:禁止系统建立与用户名同名的用户组

-l:参数设置用户名

-e:禁用账号的日期,YYYY-MM-DD

-f:天数 口令过期后，帐号禁用前的天数

-M,                       do not create user's home directory(overrides /etc/login.defs)

-m, --create-home             create home directory for the new user

-r,                       create system account

修改用户帐户：

usermod -d /home/kkk  tond

-d:修改宿主目录

-i:修改用户帐号名称

-L:锁定用户密码，使其无效

Options:

-a, --append                  append the user to the supplemental GROUPS

(use only with -G)

-c, --comment COMMENT         new value of the GECOS field   //设定用户全名,用finger查看   usermod -c '***' 用户名

-d, --home HOME_DIR           new home directory for the user account //更改用户的家目录

-e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE //设定用户密码过期时间

eg:usermod -e "2009-01-01" linsco

-f, --inactive INACTIVE       set password inactive after expiration

to INACTIVE //设置密码过期后多久就关闭这个帐号

-g, --gid GROUP               force use GROUP as new primary group  //更改用户的GID

eg:[root@node203 home]# usermod -g root rsc  //修改用户rsc的GID

eg:[root@node203 home]# usermod -g 503 rsc  //修改用户rsc的GID  不能修改加入不存在的组

-G, --groups GROUPS           new list of supplementary GROUPS //将用户添加组里面

eg:# usermod -G root rsc //将rsc用户加入到root组中  #id rsc 查看

-h, --help                    display this help message and exit

-l, --login NEW_LOGIN         new value of the login name

-L, --lock                    lock the user account //锁定用户

-m, --move-home               move contents of the home directory to the new

location (use only with -d)

-o, --non-unique              allow using duplicate (non-unique) UID

-p, --password PASSWORD       use encrypted password for the new password

-s, --shell SHELL             new login shell for the user account  //更改用户默认使用的SHELL

eg:# usermod -s /bin/csh rsc

-u, --uid UID                 new UID for the user account //更改用户的UID

eg:# usermod -u 503 rsc

-U, --unlock                  unlock the user account//解除用户锁定   查看用户是否锁定：# passwd -S rsc

-Z, --selinux-user    new selinux user mapping for the user account

eg:

#useradd -u 600 -g tom -G boobooke zl

新建用户zl,设定uid为600,初始群组为tom,加入到boobooke群组中

#useradd gmy1 -s /bin/csh

userdel [-r] [用户名]//删除或禁止用户帐户

Options:

-f, --force                   force removal of files, even if not owned by user

-h, --help                    display this help message and exit

-r, --remove                  remove home directory and mail spool  //删除用户时，一起删除用户家目录

eg:

userdel -r tond

Pwck//校验用户配置文件/etc/passwd和/etc/shadow内容是否合法,完整

[root@localhost ~]# pwck

user adm: directory /var/adm does not exist

user news: directory /etc/news does not exist

user uucp: directory /var/spool/uucp does not exist

user gopher: directory /var/gopher does not exist

user pcap: directory /var/arpwatch does not exist

user sabayon: directory /home/sabayon does not exist

user gaga: no group 510

user gaga: directory /home/gaga does not exist

pwck: no changes

chage //管理用户口令的进效

Usage: chage [options] user

选项   用户名

Options:

-d, --lastday LAST_DAY        set last password change to LAST_DAY

-E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE

-h, --help                    display this help message and exit

-I, --inactive INACTIVE       set password inactive after expiration

to INACTIVE

-l, --list                    show account aging information

-m, --mindays MIN_DAYS        set minimum number of days before password

change to MIN_DAYS

-M, --maxdays MAX_DAYS        set maximim number of days before password

change to MAX_DAYS

-W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS

组 管 理

/etc/group    //系统用户所在的组

格式：group_name:passwd:GID:user_list

root:x:0:root

root:用户组名称

X:已设置密码

0:组群号

root:组群成员

/etc/gshadow    //是etc/group的加密信息文件

root:::root

daemon:x::root,bin,daemon

jishubu:!::

root：组群名称

!:没有设置密码

root,bin,daemon:组的成员

Groupadd [-g gid [-o] ] [-f]  [组群名]

Options:

-f, --force                   force exit with success status if the specified

group already exists

-r,                       create system account

-g, --gid GID                 use GID for the new group    // groupadd -g 5600 test

-h, --help                    display this help message and exit

-K, --key KEY=VALUE           overrides /etc/login.defs defaults

-o, --non-unique              allow create group with duplicate //可以指定不唯一的组ID值，与-g一起使用

(non-unique) GID

eg:

groupadd hello

groupadd -g 800 hello

Groupmod [-g ] [-n 新组群名称] [组群名称]

groupmod [-g gid [-o]] [-n name] group

-g GID  组ID值

-n 组群名                 更改组名

-o, --non-unique              allow create group with duplicate //可以指定不唯一的组ID值，与-g一起使用

eg:

[root@localhost home]# groupmod -g 509 hello

[root@localhost home]# cat /etc/group | grep hello

hello:x:509:

[root@localhost home]# groupadd -r systems

[root@localhost home]# cat /etc/group | grep systems

systems:x:102:

eg:将tom群组名修改为jack

#groupmod -n jack tom

Groupdel [组群名称]

eg:

groupdel hello

Gpasswd//设置组群的密码,一般不设置密码

初始用户群组，有效用户群组

初始用户群组:在新建用户或群组时，默认建立与用户名相同的群组名

有效用户群组：通过newgrp修改过的群组名

Usage: gpasswd [-r|-R] group

gpasswd [-a user] group

gpasswd [-d user] group

gpasswd [-A user,...] [-M user,...] group

eg:

gpasswd -a rscpass root //将rscpass用户加入到root组中

gpasswd -d rscpass root

[root@localhost ~]# gpasswd rscpass  //设置组群密码

[root@localhost ~]# gpasswd -r rscpass//取消密码

mygroup:x:513:  //没有设置密码

test:$1$48IgiHfr$H48yG/UdLGkOGGaF3GjN20:5600:  //设置了密码

newgrp//以另一个组群的身份登录,前题是一个用户属于多个组才可以

Usage: newgrp [-] [group]

eg:

newgrp [组群名]

newgrp rscpass

groups//显示指定用户的组群成员身份

groups [用户名]

eg:

groups root //显示root属于那几个组

[root@localhost ~]# groups root

root : root bin daemon sys adm disk wheel

id//显示用户的ID以及所属组群的ID

id[选项] [用户名]

Usage: id [OPTION]... [USERNAME]

Print information for USERNAME, or the current user.

-a              ignore, for compatibility with other versions

-Z, --context   print only the context of the current process

-g, --group     print only the effective group ID

-G, --groups    print all group IDs

-n, --name      print a name instead of a number, for -ugG

-r, --real      print the real ID instead of the effective ID, with -ugG

-u, --user      print only the effective user ID

--help     display this help and exit

--version  output version information and exit

Without any OPTION, print some useful set of identified information.

eg:

id rscpass

id -g rscpass

id -u rscpass

W //详细查询已登录当前系统的用户

[root@localhost ~]# w --help

w: invalid option -- -

usage: w -hlsufV [user]

-h    skip header

-l    long listing (default)

-s    short listing

-u    ignore uid of processes

-f    toggle FROM field (default on)

-V    display version

Who//显示已登录当前计算机用户的简单信息

[root@localhost ~]# who --help

Usage: who [OPTION]... [ FILE | ARG1 ARG2 ]

-a, --all         same as -b -d --login -p -r -t -T -u

-b, --boot        time of last system boot

-d, --dead        print dead processes

-H, --heading     print line of column headings

-l, --login       print system login processes

--lookup      attempt to canonicalize hostnames via DNS

-m                only hostname and user associated with stdin

-p, --process     print active processes spawned by init

-q, --count       all login names and number of users logged on

-r, --runlevel    print current runlevel

-s, --short       print only name, line, and time (default)

-t, --time        print last system clock change

-T, -w, --mesg    add user's message status as +, - or ?

-u, --users       list users logged in

--message     same as -T

--writable    same as -T

--help     display this help and exit

--version  output version information and exit

Chsh//改变用户的shell类型

[root@localhost ~]# chsh --help

Usage: chsh [ -s shell ] [ --list-shells ] [ --help ] [ --version ]  [ username ]

eg:

chsh  -s /bin/ksh   root

Su//切换用户帐户进行登录

-, -l, --login               make the shell a login shell

-g --group=group             specify the primary group

-G --supp-group=group        specify a supplemental group

-c, --commmand=COMMAND       pass a single COMMAND to the shell with -c

--session-command=COMMAND    pass a single COMMAND to the shell with -c

and do not create a new session

-f, --fast                   pass -f to the shell (for csh or tcsh)

-m, --preserve-environment   do not reset environment variables

-p                           same as -m

-s, --shell=SHELL            run SHELL if /etc/shells allows it

--help     display this help and exit

--version  output version information and exit

/etc/skel目录

新建用户的初始化目录,当新建一个用户，这个目录下的所有文件将复制到新建用户的宿主目录下

/etc/login.defs配置文件

是新用户的一些默认设置

/etc/default/useradd

使用useradd命令的一些规则文件

创建帐户

1.直接修改帐户配置文件来创建帐户

2.执行pwconv来让/etc/passwd和etc/shadow同步

创建组

1.直接修改组帐户配置文件来创建组帐户

2.执行grpconv来让/etc/group和etc/gshadow同步

1.newusers

newusers [input] 批量导入按/etc/passwd格式的文件

创建userfile.txt

2.chpasswd //批量更新用户密码工具

创建userpwdfile.txt

3.pwconv

eg:

newusers  userfile.txt

chpasswd < userpwdfile.txt

pwconv

finger//查找并显示用户

finger [选项]  [用户名]

[root@localhost ~]# finger --help

finger: invalid option -- -

usage: finger [-lmps] [login ...]