细说Linux的用户和组之管理命令详解
Linux系统以组Group方式管理用户
用户和组的配置和管理命令主要有:
用户管理
主要命令
useradd???? 新建用户
usermod???? 修改用户
userdel???? 删除用户
newusers??? 新建用户(批量)
passwd????? 修改用户密码
chsh??????? 设置用户的shell
chage?????? 设置用户密码有效期
newgrp????? 将用户添加至某个组
id????????? 打印用户id和所属组id
who???????? 打印当前登录用户
whoami????? 打印当前用户名称和id
?
命令详情如下(从命令手册截取):
useradd
NAME 名称
?????? useradd - create a new user or update default new user information
SYNOPSIS 用法
?????? useradd [options] LOGIN
?????? useradd -D
?????? useradd -D [options]
DESCRIPTION 概述
?????? When invoked without the -D option, the useradd command creates a new
?????? user account using the values specified on the command line plus the
?????? default values from the system. Depending on command line options, the
?????? useradd command will update system files and may also create the new
?????? user′s home directory and copy initial files.
?????? By default, a group will also be created for the new user (see -g, -N,
?????? -U, and USERGROUPS_ENAB).
?
?
usermod
NAME
?????? usermod - modify a user account
SYNOPSIS
?????? usermod [options] LOGIN
DESCRIPTION
?????? The usermod command modifies the system account files to reflect the
?????? changes that are specified on the command line.
?
?
userdel
NAME
?????? userdel - delete a user account and related files
SYNOPSIS
?????? userdel [options] LOGIN
DESCRIPTION
?????? The userdel command modifies the system account files, deleting all entries
?????? that refer to the user name LOGIN. The named user must exist.???????
??????
newusers
NAME
?????? newusers - update and create new users in batch
SYNOPSIS
?????? newusers [options new_users]
DESCRIPTION
?????? The newusers command reads a file of user name and clear-text password pairs
?????? and uses this information to update a group of existing users or to create new
?????? users. Each line is in the same format as the standard password file (see
?????? passwd(5)) with the exceptions explained below:
?????? pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell
?????? pw_name
?????????? This is the name of the user.
?????????? It can be the name of a new user or the name of an existing user (or an
?????????? user created before by newusers). In case of an existing user, the user′s
?????????? information will be changed, otherwise a new user will be created.??????????
???????????
??????????
passwd
NAME
?????? passwd - update user’s authentication tokens
SYNOPSIS
?????? passwd? [-k]? [-l]? [-u? [-f]] [-d] [-n mindays] [-x maxdays] [-w warndays] [-i
?????? inactivedays] [-S] [--stdin] [username]
DESCRIPTION
?????? The passwd utility is used to update user’s authentication token(s).
?????? This task is achieved through calls to the Linux-PAM and Libuser? API.?? Essen-
?????? tially, it initializes itself as a "passwd" service with Linux-PAM and utilizes
?????? configured password modules to authenticate and then update a user’s? password.
???????
??????
chsh
NAME
?????? chsh - change your login shell
SYNOPSIS
?????? chsh [-s shell] [-l] [-u] [-v] [username]
DESCRIPTION
?????? chsh is used to change your login shell.? If a shell is not given on the command line, chsh prompts for one.
?? VALID SHELLS
?????? chsh will accept the full pathname of any executable file on the system.? However, it will issue a warning if the
?????? shell is not listed in the /etc/shells file.? On the other hand, it can also be configured such that it will only
?????? accept shells listed in this file, unless you are root.
?
chage
NAME
?????? chage - change user password expiry information
SYNOPSIS
?????? chage [options] [LOGIN]
DESCRIPTION
?????? The chage command changes the number of days between password changes
?????? and the date of the last password change. This information is used by
?????? the system to determine when a user must change his/her password.
?
?
newgrp
NAME
?????? newgrp - log in to a new group
SYNOPSIS
?????? newgrp [-] [group]
DESCRIPTION
?????? The newgrp command is used to change the current group ID during a
?????? login session. If the optional - flag is given, the user′s environment
?????? will be reinitialized as though the user had logged in, otherwise the
?????? current environment, including current working directory, remains
?????? unchanged.
?????? newgrp changes the current real group ID to the named group, or to the
?????? default group listed in /etc/passwd if no group name is given.? newgrp
?????? also tries to add the group to the user groupset. If not root, the user
?????? will be prompted for a password if she does not have a password (in
?????? /etc/shadow if this user has an entry in the shadowed password file, or
?????? in /etc/passwd otherwise) and the group does, or if the user is not
?????? listed as a member and the group has a password. The user will be
?????? denied access if the group password is empty and the user is not listed
?????? as a member.
?????? If there is an entry for this group in /etc/gshadow, then the list of
?????? members and the password of this group will be taken from this file,
?????? otherwise, the entry in /etc/group is considered.??????
?
id
NAME
?????? id - print real and effective user and group IDs
SYNOPSIS
?????? id [OPTION]... [USERNAME]
DESCRIPTION
?????? Print? user? and? group? information for the specified USERNAME, or
?????? (when USERNAME omitted) for the current user.
?????? Without any OPTION, print some useful set? of? identified? information.
AUTHOR
?????? Written by Arnold Robbins and David MacKenzie.
?
?
who
NAME
?????? who - show who is logged on
SYNOPSIS
?????? who [OPTION]... [ FILE | ARG1 ARG2 ]
DESCRIPTION
?????? Print information about users who are currently logged in.
?
?
whoami
DESCRIPTION
?????? Print? the user name associated with the current effective user ID.
?????? Same as id -un.
?
群组管理
groupadd??? 新建组
groupmod??? 修改组
groupdel??? 删除组
groups????? 打印当前用户所属的组
gpasswd???? 设置组密码
?
groupadd
NAME
?????? groupadd - create a new group
SYNOPSIS
?????? groupadd [options] group
DESCRIPTION
?????? The groupadd command creates a new group account using the values
?????? specified on the command line plus the default values from the
?????? system. The new group will be entered into the system files as
?????? needed.
?
?
groupmod
NAME
?????? groupmod - modify a group definition on the system
SYNOPSIS
?????? groupmod [options] GROUP
DESCRIPTION
?????? The groupmod command modifies the definition of the specified GROUP
?????? by modifying the appropriate entry in the group database.
?
groupdel
NAME
?????? groupdel - delete a group
SYNOPSIS
?????? groupdel group
DESCRIPTION
?????? The groupdel command modifies the system account files, deleting
?????? all entries that refer to group. The named group must exist.
?
?
groups
NAME
?????? groups - print the groups a user is in
SYNOPSIS
?????? groups [OPTION]... [USERNAME]...
DESCRIPTION
?????? Print? group memberships for each USERNAME or, if no USERNAME is specified, for
?????? the current process (which may differ if the groups database has changed).
?
gpasswd
NAME
?????? gpasswd - administer /etc/group and /etc/gshadow
SYNOPSIS
?????? gpasswd [option] group
DESCRIPTION
?????? The gpasswd command is used to administer /etc/group, and /etc/gshadow. Every
?????? group can have administrators, members and a password.
?????? System administrators can use the -A option to define group administrator(s)
?????? and the -M option to define members. They have all rights of group
?????? administrators and members.
?????? gpasswd called by a group administrator with a group name only prompts for the
?????? new password of the group.
?????? If a password is set the members can still use newgrp(1) without a password,
?????? and non-members must supply the password.
?? Notes about group passwords
?????? Group passwords are an inherent security problem since more than one person is
?????? permitted to know the password. However, groups are a useful tool for
?????? permitting co-operation between different users.
?
相关命令
chmod??? 设置文件权限
chown??? 设置文件的owner
chgrp ? ? 设置文件的group owner
?
chmod
NAME
?????? chmod - change file mode bits
SYNOPSIS
?????? chmod [OPTION]... MODE[,MODE]... FILE...
?????? chmod [OPTION]... OCTAL-MODE FILE...
?????? chmod [OPTION]... --reference=RFILE FILE...
DESCRIPTION
?????? This? manual? page? documents the GNU version of chmod.? chmod changes the file
?????? mode bits of each given file according to mode, which can be either a? symbolic
?????? representation of changes to make, or an octal number representing the bit pat-
?????? tern for the new mode bits.
?
chown
NAME
?????? chown - change file owner and group
SYNOPSIS
?????? chown [OPTION]... [OWNER][:[GROUP]] FILE...
?????? chown [OPTION]... --reference=RFILE FILE...
DESCRIPTION
?????? This manual page documents the GNU version of chown.? chown changes the user and/or group ownership of each given
?????? file.? If only an owner (a user name or numeric user ID) is given, that user is made? the? owner? of? each? given
?????? file,? and? the? files’? group? is not changed.? If the owner is followed by a colon and a group name (or numeric
?????? group ID), with no spaces between them, the group ownership of the files is changed as well.? If a colon? but? no
?????? group? name follows the user name, that user is made the owner of the files and the group of the files is changed
?????? to that user’s login group.? If the colon and group are given, but the owner is omitted, only the? group? of? the
?????? files? is? changed; in this case, chown performs the same function as chgrp.? If only a colon is given, or if the
?????? entire operand is empty, neither the owner nor the group is changed.
?
chgrp
NAME
?????? chgrp - change group ownership
SYNOPSIS
?????? chgrp [OPTION]... GROUP FILE...
?????? chgrp [OPTION]... --reference=RFILE FILE...
DESCRIPTION
?????? Change? the group of each FILE to GROUP.? With --reference, change the group of
?????? each FILE to that of RFILE.
以上为用户和群组管理的常用命令,可以通过man命令查看这些命令的参数、用法和详细信息。