The following SIX files determine a user and its group
/etc/passwd
All users are in this file
And all service has its own pseudo user in this file, please don‘t delete any of it
┌─[root@nedrain]─[~]
└──? $vim /etc/passwd
root:x:0:0:root:/root:/bin/bash // right now only this one is a actual user
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
polkitd:x:999:997:User for polkitd:/:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
chrony:x:998:996::/var/lib/chrony:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
tcpdump:x:72:72::/:/sbin/nologin
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
/etc/shadow
the password encrypted by sha256 or something and saved here
But I use SSH to connect the server, so there is just a "*"
vim /etc/shadow
// the output is:
root:*:18429:0:99999:7::: //
bin:*:17110:0:99999:7:::
daemon:*:17110:0:99999:7:::
adm:*:17110:0:99999:7:::
lp:*:17110:0:99999:7:::
sync:*:17110:0:99999:7:::
shutdown:*:17110:0:99999:7:::
halt:*:17110:0:99999:7:::
mail:*:17110:0:99999:7:::
operator:*:17110:0:99999:7:::
games:*:17110:0:99999:7:::
ftp:*:17110:0:99999:7:::
nobody:*:17110:0:99999:7:::
systemd-network:!!:17454::::::
dbus:!!:17454::::::
polkitd:!!:17454::::::
postfix:!!:17454::::::
chrony:!!:17454::::::
sshd:!!:17454::::::
ntp:!!:17454::::::
tcpdump:!!:17454::::::
nscd:!!:17454::::::
/etc/group
// vim /etc/group
// 1: Name of a Group 2: Password of a Group 3: Group ID 4: Other Users which this group supports
root:x:0:
bin:x:1:
daemon:x:2:
sys:x:3:
adm:x:4:
tty:x:5:
disk:x:6:
lp:x:7:
mem:x:8:
kmem:x:9:
wheel:x:10:
cdrom:x:11:
mail:x:12:postfix
man:x:15:
dialout:x:18:
floppy:x:19:
games:x:20:
tape:x:30:
video:x:39:
ftp:x:50:
lock:x:54:
audio:x:63:
nobody:x:99:
users:x:100:
/etc/gshadow
root:::
bin:::
daemon:::
sys:::
adm:::
tty:::
disk:::
lp:::
mem:::
kmem:::
wheel:::
cdrom:::
mail:::postfix
man:::
dialout:::
floppy:::
games:::
tape:::
video:::
ftp:::
lock:::
audio:::
nobody:::
users:::
/home/user_x (user_x means some users)
/var/spool/mail/user_x (user_x means some users)
"User" CURD
You can add a user by editing those six files, but it takes a lot of effort...
useradd [user name]
useradd t1
// Right now there is no password, you can see that from /etc/shadow
t1:!!:18430:0:99999:7:::
passwd [username]
passwd t1
//after setting, you can see the difference in /etc/shadow
t1:$6$p2WyA06l$uK58wu4F94HEKqKvyeBA3pGwoOOk9509snQmjrAb2oNUq2iblI7oNgQtuDjeGXAWIXX7T138ABzGtY8nTeLdg1:18430:0:99999:7:::
useradd -g [user name] useradd -G [user name]
-g : set the initial group
useradd -g t1 t2 // add a user t2 to the group of user t1
useradd -G t1 t2 //the initial group of t3 is t3(not like that in t2), and t1‘ s group is the additional group of t3
usermod -G [group name] [user name] (add a user to another group)
NOT RECOMMENDED, PLEASE USE "gpasswd -a user group" INSTEAD
userdel -r [user name] (-r can delete the directory in /home)
userdel -r t1
su [user name] (change to other user, but don‘t change the environment)
the hyphen "-" is very important, to change the environment"
su - [user name]( this time, the environment also changed) RECOMMENDED
// change to user t1
su - t1 // the environment also changed
group
groupadd [group name]
groupadd g1 // create a group with no users inside
gpasswd -a[user name] [group name] ? | ? gpasswd -d [user name] [group name]
// add user t1 to group g1
gpasswd -a t1 g1
// delete user t1 from group g1
gpasswd -d t1 g1