创建新用户的的命令是 useradd
Usage: useradd [options] LOGIN
useradd -D
useradd -D [options]
Options:
-b, --base-dir BASE_DIR base directory for the home directory of the
new account
-c, --comment COMMENT GECOS field of the new account
-d, --home-dir HOME_DIR home directory of the new account
-D, --defaults print or change default useradd configuration
-e, --expiredate EXPIRE_DATE expiration date of the new account
-f, --inactive INACTIVE password inactivity period of the new account
-g, --gid GROUP name or ID of the primary group of the new
account
-G, --groups GROUPS list of supplementary groups of the new
account
-h, --help display this help message and exit
-k, --skel SKEL_DIR use this alternative skeleton directory
-K, --key KEY=VALUE override /etc/login.defs defaults
-l, --no-log-init do not add the user to the lastlog and
faillog databases
-m, --create-home create the user's home directory
-M, --no-create-home do not create the user's home directory
-N, --no-user-group do not create a group with the same name as
the user
-o, --non-unique allow to create users with duplicate
(non-unique) UID
-p, --password PASSWORD encrypted password of the new account
-r, --system create a system account
-R, --root CHROOT_DIR directory to chroot into
-s, --shell SHELL login shell of the new account
-u, --uid UID user ID of the new account
-U, --user-group create a group with the same name as the user
-Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user mapping
常用的一些选项
实例
useradd -d /home/sam -m sam
不指定用户组的话,默认用户组就是名为用户名的用户组
root@debian:~# groups sam
sam : sam
useradd -s /bin/sh -d /home/sam1 -m -g group0 -G group1,group2 sam1
删除用户账号的命令是 userdel
Usage: userdel [options] LOGIN
Options:
-f, --force force removal of files,
even if not owned by user
-h, --help display this help message and exit
-r, --remove remove home directory and mail spool
-R, --root CHROOT_DIR directory to chroot into
-Z, --selinux-user remove any SELinux user mapping for the user
实例
userdel sam1
但是一般我们使用选项 -r,将用户的主目录一起删除
userdel -r sam1
修改用户账号的属性的命令是 usermod
Usage: usermod [options] LOGIN
Options:
-c, --comment COMMENT new value of the GECOS field
-d, --home HOME_DIR new home directory for the user account
-e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE
-f, --inactive INACTIVE set password inactive after expiration
to INACTIVE
-g, --gid GROUP force use GROUP as new primary group
-G, --groups GROUPS new list of supplementary GROUPS
-a, --append append the user to the supplemental GROUPS
mentioned by the -G option without removing
him/her from other groups
-h, --help display this help message and exit
-l, --login NEW_LOGIN new value of the login name
-L, --lock lock the user account
-m, --move-home move contents of the home directory to the
new location (use only with -d)
-o, --non-unique allow using duplicate (non-unique) UID
-p, --password PASSWORD use encrypted password for the new password
-R, --root CHROOT_DIR directory to chroot into
-s, --shell SHELL new login shell for the user account
-u, --uid UID new UID for the user account
-U, --unlock unlock the user account
-v, --add-subuids FIRST-LAST add range of subordinate uids
-V, --del-subuids FIRST-LAST remove range of subordinate uids
-w, --add-subgids FIRST-LAST add range of subordinate gids
-W, --del-subgids FIRST-LAST remove range of subordinate gids
-Z, --selinux-user SEUSER new SELinux user mapping for the user account
常用的 -d, -m, -g, -G, -s等等,跟useradd里面选项还有事一样的
实例
root@debian:~# usermod -d /home/sam_new -m -s /bin/bash -g group3 sam
root@debian:~# groups sam
sam : group3
将用户sam的主目录挪到/home/sam_new, 登陆shell改为 /bin/bash, 用户组改为group3
Usage: gpasswd [option] GROUP
Options:
-a, --add USER add USER to GROUP
-d, --delete USER remove USER from GROUP
-h, --help display this help message and exit
-Q, --root CHROOT_DIR directory to chroot into
-r, --remove-password remove the GROUP's password
-R, --restrict restrict access to GROUP to its members
-M, --members USER,... set the list of members of GROUP
-A, --administrators ADMIN,...
set the list of administrators for GROUP
常用选项
实例
root@debian:~# groups sam
sam : group3
root@debian:~# gpasswd -a sam group0
Adding user sam to group group0
root@debian:~# groups sam
sam : group3 group0
root@debian:~# groups sam
sam : group3 group0
root@debian:~# gpasswd -d sam group0
Removing user sam from group group0
root@debian:~# groups sam
sam : group3
用户密码管理的命令是 passwd
Usage: passwd [options] [LOGIN]
Options:
-a, --all report password status on all accounts
-d, --delete delete the password for the named account
-e, --expire force expire the password for the named account
-h, --help display this help message and exit
-k, --keep-tokens change password only if expired
-i, --inactive INACTIVE set password inactive after expiration
to INACTIVE
-l, --lock lock the password of the named account
-n, --mindays MIN_DAYS set minimum number of days before password
change to MIN_DAYS
-q, --quiet quiet mode
-r, --repository REPOSITORY change password in REPOSITORY repository
-R, --root CHROOT_DIR directory to chroot into
-S, --status report password status on the named account
-u, --unlock unlock the password of the named account
-w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS
-x, --maxdays MAX_DAYS set maximum number of days before password
change to MAX_DAYS
常用选项
修改密码
root@debian:~# passwd sam
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
如果passwd后面不指定用户名的话,默认修改当前用户的密码
创建一个新用户组的命令是groupadd
Usage: groupadd [options] GROUP
Options:
-f, --force exit successfully if the group already exists,
and cancel -g if the GID is already used
-g, --gid GID use GID for the new group
-h, --help display this help message and exit
-K, --key KEY=VALUE override /etc/login.defs defaults
-o, --non-unique allow to create groups with duplicate
(non-unique) GID
-p, --password PASSWORD use this encrypted password for the new group
-r, --system create a system account
-R, --root CHROOT_DIR directory to chroot into
实例
root@debian:~# groupadd group4
删除一个用户组的命令是groupdel
Usage: groupdel [options] GROUP
Options:
-h, --help display this help message and exit
-R, --root CHROOT_DIR directory to chroot into
实例
root@debian:~# groupdel group4
修改用户组属性的命令是groupmod
Usage: groupmod [options] GROUP
Options:
-g, --gid GID change the group ID to GID
-h, --help display this help message and exit
-n, --new-name NEW_GROUP change the name to NEW_GROUP
-o, --non-unique allow to use a duplicate (non-unique) GID
-p, --password PASSWORD change the password to this (encrypted)
PASSWORD
-R, --root CHROOT_DIR directory to chroot into
sam3@debian:~$ groups
sam3 group0
sam3@debian:~$ mkdir bb
sam3@debian:~$ ls -l
total 8
drwxr-xr-x 2 sam3 sam3 4096 Sep 5 15:19 a
drwxr-xr-x 2 sam3 sam3 4096 Sep 5 15:28 bb
sam3@debian:~$ newgrp group0
sam3@debian:~$ mkdir cc
sam3@debian:~$ ls -l
total 12
drwxr-xr-x 2 sam3 sam3 4096 Sep 5 15:19 a
drwxr-xr-x 2 sam3 sam3 4096 Sep 5 15:28 bb
drwxr-xr-x 2 sam3 group0 4096 Sep 5 15:29 cc
root@debian:~# groups sam3
sam3 : sam3 group0
root@debian:~# id sam3
uid=1005(sam3) gid=1007(sam3) groups=1007(sam3),1003(group0)
sam3@debian:~$ ls -l
total 8
drwxr-xr-x 2 sam3 sam3 4096 Sep 5 15:33 aa
lrwxrwxrwx 1 sam3 sam3 7 Sep 5 15:33 test_ln.sh -> test.sh
-rwxr-xr-x 1 sam3 group0 26 Sep 5 15:32 test.sh
我们看文件aa的权限位
drwxr-xr-x 2 sam3 sam3 4096 Sep 5 15:33 aa
文件的权限描述共10个字符
修改文件的权限位可以用命令chmod
chmod 755 test.sh:赋予test.sh权限rwxr-xr-x
chmod u=rwx,g=rx,o=rx abc:同上u=用户权限,g=组权限,o=不同组其他用户权限
chmod u-x,g+w abc:给abc去除用户执行的权限,增加组写的权限
chmod a+r abc:给所有用户添加读的权限
初始状态
sam3@debian:~$ ls -l
total 12
drwxr-xr-x 2 sam3 sam3 4096 Sep 5 15:33 aa
-rwxr-xr-x 2 sam3 group0 26 Sep 5 15:32 test_hln.sh
lrwxrwxrwx 1 sam3 sam3 7 Sep 5 15:33 test_ln.sh -> test.sh
-rwxr-xr-x 2 sam3 group0 26 Sep 5 15:32 test.sh
root@debian:/home/sam3# chown sam test.sh
root@debian:/home/sam3# ls -l
total 12
drwxr-xr-x 2 sam3 sam3 4096 Sep 5 15:33 aa
-rwxr-xr-x 2 sam group0 26 Sep 5 15:32 test_hln.sh
lrwxrwxrwx 1 sam3 sam3 7 Sep 5 15:33 test_ln.sh -> test.sh
-rwxr-xr-x 2 sam group0 26 Sep 5 15:32 test.sh
root@debian:/home/sam3# chgrp sam test.sh
root@debian:/home/sam3# ls -l
total 12
drwxr-xr-x 2 sam3 sam3 4096 Sep 5 15:33 aa
-rwxr-xr-x 2 sam sam 26 Sep 5 15:32 test_hln.sh
lrwxrwxrwx 1 sam3 sam3 7 Sep 5 15:33 test_ln.sh -> test.sh
-rwxr-xr-x 2 sam sam 26 Sep 5 15:32 test.sh
root@debian:/home/sam3# chown -R sam3:sam3 test.sh
root@debian:/home/sam3# ls -l
total 12
drwxr-xr-x 2 sam3 sam3 4096 Sep 5 15:33 aa
-rwxr-xr-x 2 sam3 sam3 26 Sep 5 15:32 test_hln.sh
lrwxrwxrwx 1 sam3 sam3 7 Sep 5 15:33 test_ln.sh -> test.sh
-rwxr-xr-x 2 sam3 sam3 26 Sep 5 15:32 test.sh
转自:https://www.jianshu.com/p/f8aa12ecbf48