新建用户名和组,并赋权


1.用户组

  • 添加组:groupadd 组名
    [root@Server-n93yom ~]# groupadd dev
    [root@Server-n93yom ~]# cat /etc/group | grep dev
    dev:x:10011:
    [root@Server-n93yom ~]#
  • 删除组:groupdel 组名
    [root@Server-n93yom ~]# groupdel dev
    [root@Server-n93yom ~]# cat /etc/group | grep dev
    [root@Server-n93yom ~]#
  • 查询组:cat /etc/group 或者使用管道来精确查询 cat /etc/group | grep dev
    [root@Server-n93yom ~]# cat /etc/group
     

2.用户

  •  添加用户:useradd -m -g 组 新建用户名            注意:-m 自动建立用户家目录; -g 指定用户所在的组,否则会建立一个和用户名同名的组 
     [root@Server-n93yom ~]# useradd -d /data/radius -m -g dev radius
    [root@Server-n93yom ~]#
  • 只查找test1用户
    [root@Server-n93yom ~]# id test1
    uid=10011(test1) gid=10011(dev) groups=10011(dev)
    [root@Server-n93yom ~]#
    uid为用户id,  gid为组id
  • 修改和创建密码 passwd 用户名    如果不加用户名则默认修改当前登录者的密码
    [root@Server-n93yom ~]# passwd test1
    Changing password for user test1.
    New password:
    BAD PASSWORD: The password is shorter than 8 characters
    Retype new password:
    passwd: all authentication tokens updated successfully.
    [root@Server-n93yom ~]#
    设置好密码后,使用此账号和密码登录
    ➜ ~ ssh test1@192.168.85.163
    test1@192.168.85.163's password:
    Last failed login: Mon Jul 22 17:00:05 CST 2019 from 192.168.1.53 on ssh:notty
    There were 3 failed login attempts since the last successful login.
    [test1@Server-n93yom ~]$
     
  • 设置用户不能修改密码
    [root@Server-n93yom ~]# passwd -l test1 //在root下,禁止test1用户修改密码的权限
    Locking password for user test1. //锁住test1不能修改密码
    passwd: Success
    [root@Server-n93yom ~]# su test1 //切换用户
    [test1@Server-n93yom root]$ passwd //修改密码
    Changing password for user test1.
    Changing password for test1.
    (current) UNIX password:
    passwd: Authentication token manipulation error //没用权限修改密码
    [test1@Server-n93yom root]$
     
  • 清除密码
    [root@Server-n93yom ~]# passwd -d test1 //删除test1的密码
    Removing password for user test1.
    passwd: Success
    [root@Server-n93yom ~]# passwd -S test1 //查看test1的密码
    test1 NP 2019-07-22 0 99999 7 -1 (Empty password.) //密码为空
    [root@Server-n93yom ~]#
     
  • passwd 帮助命令
    [root@Server-n93yom ~]# passwd --help
    Usage: passwd [OPTION...] <accountName>
    -k, --keep-tokens keep non-expired authentication tokens
    -d, --delete delete the password for the named account (root only)
    -l, --lock lock the password for the named account (root only)
    -u, --unlock unlock the password for the named account (root only)
    -e, --expire expire the password for the named account (root only)
    -f, --force force operation
    -x, --maximum=DAYS maximum password lifetime (root only)
    -n, --minimum=DAYS minimum password lifetime (root only)
    -w, --warning=DAYS number of days warning users receives before password
    expiration (root only)
    -i, --inactive=DAYS number of days after password expiration when an account
    becomes disabled (root only)
    -S, --status report password status on the named account (root only)
    --stdin read new tokens from stdin (root only)
     
    Help options:
    -?, --help Show this help message
    --usage Display brief usage message
    [root@Server-n93yom ~]#
     
     

3.设置密码失效时间

  • 可以编辑/etc/login.defs来设定几个参数,以后设置口令默认就按照参数设定为准:
    PASS_MAX_DAYS 99999
    PASS_MIN_DAYS 0
    PASS_MIN_LEN 5
    PASS_WARN_AGE 7
     
  • 当然在/etc/default/useradd可以找到如下2个参数进行设置:
    # useradd defaults file|
    GROUP=100
    HOME=/home
    INACTIVE=-1
    EXPIRE=
    SHELL=/bin/bash
    SKEL=/etc/skel
    CREATE_MAIL_SPOOL=yes
     
    通过修改配置文件,能对之后新建用户起作用,而目前系统已经存在的用户,则直接用chage来配置。
  • chage [选项] 用户名
    chage命令是用来修改帐号和密码的有效期限。
    -m:密码可更改的最小天数。为零时代表任何时候都可以更改密码。
    -M:密码保持有效的最大天数。
    -w:用户密码到期前,提前收到警告信息的天数。
    -E:帐号到期的日期。过了这天,此帐号将不可用。
    -d:上一次更改的日期。
    -i:停滞时期。如果一个密码已过期这些天,那么此帐号将不可用。
    -l:例出当前的设置。由非特权用户来确定他们的密码或帐号何时过期。
     
  • chage -l root 查root账号的信息
    [root@Server-n93yom ~]# sour
    Last password change : Jul 22, 2019
    Password expires : never
    Password inactive : never
    Account expires : never
    Minimum number of days between password change : 0
    Maximum number of days between password change : 99999
    Number of days of warning before password expires : 7
    [root@Server-n93yom ~]#
     
  • chage -M 60 test 设置密码过期时间为60天
  • chage -I 5 test 设置密码失效时间为5天
  • 以test1账号为例,再查一次信息账号信息
     
    [root@Server-n93yom ~]# chage -l test1
    Last password change : Jul 22, 2019
    Password expires : Sep 20, 2019
    Password inactive : Sep 25, 2019
    Account expires : never
    Minimum number of days between password change : 0
    Maximum number of days between password change : 60
    Number of days of warning before password expires : 7
     
    从上述命令可以看到,在密码过期后5天,密码自动失效,这个用户将无法登陆系统了。 
 
 
posted @ 2022-08-10 17:29  一川烟草happy  阅读(99)  评论(0)    收藏  举报