What are the types of linux user groups?

There are two types of Linux user groups: 1. Basic group (private group); when creating an account, if the group to which the account belongs is not specified, the system will create a group with the same name as the user, and this group is the basic group . 2. Additional groups (public groups) can accommodate multiple users, and users in the group have the rights owned by the group.

#The operating environment of this tutorial: linux7.3 system, Dell G3 computer.

Classification of Linux users and groups

1. Users under Linux can be divided into 3 categories

• Super user —— The user name is root , which has all permissions. Only use the super user when performing system maintenance ( For example: creating users, etc. ) or other necessary situations Log in to avoid security issues with your system.

• System user (pseudo user) —— is Linux Users necessary for the system to work properly. It is mainly established to meet the requirements of the corresponding system process for the owner of the file, for example: bin , daemon , adm , lp and other users. System users cannot be used to log in.

• Ordinary users—— is created to allow users to use Linux system resources. Our Most users fall into this category.

2. There are two types of groups in Linux:

• Basic Group ( Private group ) : When creating an account, if the group to which the account belongs is not specified, the system will create a group with the same name as the user name. These groups are the basic groups.

• Additional Group ( Public group ) : Can accommodate multiple users, and users in the group have the rights owned by the group.

3. Configuration files of user groups and users in Linux

In Linux, user accounts , passwords, user group information, and user group passwords are stored in different configuration files.

/etc/passwdUser password/etc/shadowUser group account file/etc/gruoupUser group password file/etc/gshadow##

(1) User account file——/etc/passwd

passwd is a text file used to define the user account of the system. Since all users have access to passwd has read permission, so only the user account is defined in this file, and the password is not saved.

# Each line defines a user account information, each line consists of 7 Composed of fields, use between fields “:” separated, the format is as follows:

Account Name : password :UID:GID: personal information : Main directory :Shell

/etc/passwd Field description in the file

• Account name: User login Linux The name used by the system.

• Password: This was where the password was previously saved in encrypted format, now the password is saved in /etc/shadow In the file, here is just the password occupying characters “x” or “*” . If it is “x” , indicating that the password has been shadow protection of.

• UID : The user's identifier is a numerical value, which is used to distinguish different users. Each user has a UID Value:

  Super user’s UID——0
• System user’s UID——1 ～ 999

• For ordinary users UID—— ≥ 1000

• GID : The identifier of the basic group where the user is located is a numerical value, which is used to distinguish different groups. The same group has the same GID .

• Personal information: You can record the user’s complete name, address, office phone number, home phone number and other personal information.

• Main directory: similar Windows ’s personal directory, usually /home/username ,here username is the user name, user Execute “cd ～ ” The current directory will be switched to the personal home directory when executing the command.

• Shell : Define the activated after user login Shell , the default is Bash Shell

(2) User password file——/etc/shadow

# Each row defines a user information, and each field in the row is marked with “:” Separate , The format is as follows:

Login name : Encrypted password : Last modification time : Minimum time interval : Maximum time interval : Warning time : Inactivity time : Expiration time : Logo

The 9 fields in each line of the/etc/shadow file have the meanings of fields

• Login name: Login name

• Encrypted password: Use SHA-512/SHA -256/MD5 The password encrypted by the algorithm ( $id$, id is 1means md5，5meanssha256， 6 is sha512). If it is empty, it means that the user can log in without a password. If it is "*" means that the account cannot be used to log in to the system, if "!" means The account password has been locked

• Last modified time: the date of the last password change, With distance 1970 Year 1 moon 1 The number of days represents

• Minimum time interval: how many days the password cannot be modified. The default value is 0, means no restrictions

• Maximum time interval: The number of days after which the password must be changed. The default value is 99999, Indicates no restriction

• Warning time: How many days in advance to warn the user that the password will expire, The default value is 7 sky ,0 means no warning

• Inactivity time: How many days after the password expires to disable this user

• Expiration time: Password expiration date, With distance 1970 Year 1 moon 1 The number of days in a day is expressed , Default is empty , means permanently available Flag: reserved for future development

View the last time the user modified the root password Date

(3) User group account file——/etc/group

Every group in the system, in /etc/group There is a row of records in the file, and any user can read the user group account information configuration file.

Field description

• Groupname: Group Name

• Passwd: The encrypted password of the group

• GID: It is the system that distinguishes different Group ID ,exist /etc/passwd in the domain GID The field uses this number to specify the user’s basic group

• Userlist: Use " ， ” Separate user names, the listed members have this group as an additional group.

Assignment:

1. Create the user lockuser, and specify the home directory as /home/lock, and then lock it This user

2. Unlock lockuser and set the password to be changed the next time you log in

3. Create user testuser and set the password, change the user name to normaluser

4. Create a file, query the acl of the file, set the acl user for the file to testuser1 and the permissions to rwx, set the acl mask for the file: permissions to r-x

5. Set suid, set suid for the file (two ways u s and nnnn)
6. Set sgid, set sgid for the file (two ways) One way g s and nnnn) way
7. Set sbit, set sbit for the directory (two ways o t and nnnn) way

Linux Adding Users to User Groups

Through several examples using the Linux command line, I will show you step by step how to add users to user groups on Linux, and How to add users and groups on Linux. These commands should work on any Linux distribution and have been tested on CentOS, Debian, and Ubuntu.

Add a new user to the user group

A Linux user can have a primary group and one or more subsidiary groups (Secondary groups). These groups can be used as arguments to the adduser command when creating a user.

All commands must be executed as the root user. On Ubuntu, prepend all commands with sudo, or run sudo -s to switch to the root user.

Add user groups

As a first step, I will add two new user groups, family and friends :

groupadd family
groupadd friends

Add a new user to a single user group

Below I will add a new user tom and also add the user to the user group Groupfamily. The family user group will be added as a subordinate group using the -G parameter.

useradd -G family tom

Add new user to multiple user groups

tom is now a user in the family user group. Parameter -G allows specifying multiple user groups, separated by commas between each user group. If you want to add user tom to the family and friends user groups, use the following command:

useradd -G family,friends tom

Set User Password

Please note that new Linux user tom does not have a password yet, so cannot log in. To set the password for this user, you can execute the following command:

passwd tom

and enter the new password twice when the command requests it.

In the above example, we added user tom to the secondary group. The adduser command automatically created a new primary group and assigned the group Main group.

• Username: tom
• Main group: tom
• Affiliated group: family (or use the second case to add two affiliated groups: family and friends)

Set a new primary group

Maybe you want to set the primary group to family## when adding a tom user # (Instead of the tom user group created by default), the affiliated group is friends, you can use this command:

useradd -g family -G friends tom

Use the

man command You can get a detailed description of all command line options of the useradd command:

man useradd

Add an existing user to the user group

For this task we will use the

usermod command. usermod The command can modify various options of the user, including the user's group membership.

First I will add a third user group

colleagues:

groupadd colleagues

using usermod

I will add the

colleagues user group as an affiliate group to the user tom:

usermod -a -G colleagues tom

Command explanation:

-a means append, which can only be used in combination with the -G option (affiliated group). So in the end we added the tom user to the colleagues user group, which is an affiliated group of the user. The

-G option can specify multiple user groups, separated by commas between each user group. For example: -G group1,group2,group3.

如果想要修改 tom 用户的主组为 family，可以使用命令：

usermod -g family tom

使用 man 命令可以获取 usermod 命令的所有命令行选项的详细说明：

man usermod

相关推荐：《Linux视频教程》

File function	File name
##User account file

The above is the detailed content of What are the types of linux user groups?. For more information, please follow other related articles on the PHP Chinese website!