添加用户
添加删除用户
# useradd user # passwd user Changing password for user user. New password: BAD PASSWORD: it is too short BAD PASSWORD: is too simple Retype new password: passwd: all authentication tokens updated successfully. # userdel user
删除用户时,留下了主目录和邮件目录。需要清楚目录,需要参数“-r”
# userdel -r user1
用脚本方式添加多个用户
#!/bin/bash # define vari ADDUSER=$(which useradd) PASSWD=$(which passwd) USER=user RES=222 for ((i=1; i<=4; i++)) do $ADDUSER ${USER}${i} &> /dev/null RES=$(echo $?) if [ $RES -eq 9 ] then echo "user ${USER}${i} already exit." continue fi if [ $RES -eq 0 ] then echo "add user ${USER}${i} success." fi echo "${USER}${i}" | $PASSWD --stdin ${USER}${i} &> /dev/null RES=$(echo $?) if [ $RES -eq 0 ] then echo "update password for ${user}${i} success." fi done
很多时候,需要添加的用户名往往没有规律,借助从一个包含用户名的文件里边读取用户名信息来完成用户名确认。增加输出信息:读取到用户名称,添加成功的用户,、未能添加的用户。
1 #!/bin/bash 2 # about return value. 3 # 1 4 # 2 without file username. 5 6 # define vari 7 ADDUSER=$(which useradd) 8 CAT=$(which cat) 9 ID=$(which id) 10 PASSWD=$(which passwd) 11 USER="./username" 12 13 if [ -r $USER ] 14 then 15 echo "Will add $($CAT $USER | wc -l) users to this system." 16 echo "$($CAT $USER)" 17 echo "---------------" 18 else 19 echo "missing file username." 20 exit 2 21 fi 22 23 for user in $(cat $USER) 24 do 25 $($ID $user &> /dev/null) 26 RES=$(echo $?) 27 if [ $RES == 0 ] 28 then 29 echo "user $user is exist." 30 else 31 $ADDUSER $user &> /dev/null 32 if [ $(echo $?) -eq 0 ] 33 then 34 echo "user $user adds successful." 35 36 echo "${user}" | $PASSWD --stdin ${user} &> /dev/null 37 38 RES=$(echo $?) 39 if [ $RES -eq 0 ] 40 then 41 echo "update password for ${user} success." 42 else 43 echo "update password failed." 44 fi 45 else 46 echo "add user $user failed." 47 fi 48 fi 49 50 done
删除上边脚本建立的用户账户(前题条件:读取的文件“username”内容一致)
1 #!/bin/bash 2 # about return value. 3 # 1 4 # 2 without file username. 5 6 # define vari 7 DELUSER="$(which userdel)" 8 CAT=$(which cat) 9 ID=$(which id) 10 PASSWD=$(which passwd) 11 USER="./username" 12 USERHOME="/home" 13 MAILHOME="/var/mail" 14 LS=$(which ls) 15 16 if [ -r $USER ] 17 then 18 echo "Will delete $($CAT $USER | wc -l) users to this system." 19 echo "$($CAT $USER)" 20 echo "---------------" 21 else 22 echo "missing file username." 23 exit 2 24 fi 25 26 for user in $(cat $USER) 27 do 28 $($ID $user &> /dev/null) 29 RES=$(echo $?) 30 if [ $RES == 0 ] 31 then 32 echo "will delete user $user." 33 $DELUSER -r $user &> /dev/null 34 RES=$(echo $?) 35 if [ $RES -eq 0 ] 36 then 37 echo "user $user delete successful." 38 else 39 echo "user $user delete failed." 40 fi 41 else 42 echo "user $user is not exist." 43 fi 44 done
这里仅仅是成功运行了脚本,但是添加用户可能比这个脚本所预想的复杂。比如,建立一个用户,删除时没有带选项“-r”,而后又重新建立同名用户。再一次删除时,该账户下的某些目录无法删除,这个问题没有在该脚本里得到完美解决。
使用脚本的位置变量控制脚本运行结果。位置变量是“add”,完成用户添加;是“del”,完成用户删除。
1 #!/bin/bash 2 3 # define functions 4 # adduser() add users from file username to the system, their password is same as user name. 5 # deluser() delete users from file username from the system. 6 7 adduser() 8 { 9 # about return value. 10 # 1 without file username when add users. 11 12 # define vari 13 local ADDUSER=$(which useradd) 14 local CAT=$(which cat) 15 local ID=$(which id) 16 local PASSWD=$(which passwd) 17 local USER="./username" 18 19 if [ -r $USER ] 20 then 21 echo "Will add $($CAT $USER | wc -l) users to this system." 22 echo "$($CAT $USER)" 23 echo "---------------" 24 else 25 echo "missing file username." 26 exit 2 27 fi 28 29 for user in $(cat $USER) 30 do 31 $($ID $user &> /dev/null) 32 RES=$(echo $?) 33 if [ $RES == 0 ] 34 then 35 echo "user $user is exist." 36 else 37 $ADDUSER $user &> /dev/null 38 if [ $(echo $?) -eq 0 ] 39 then 40 echo "user $user adds successful." 41 42 echo "${user}" | $PASSWD --stdin ${user} &> /dev/null 43 44 RES=$(echo $?) 45 if [ $RES -eq 0 ] 46 then 47 echo "update password for ${user} success." 48 else 49 echo "update password failed." 50 fi 51 else 52 echo "add user $user failed." 53 fi 54 fi 55 56 done 57 } 58 59 deluser() 60 { 61 # about return value. 62 # 2 without file username when delete users. 63 64 # define vari 65 local DELUSER="$(which userdel)" 66 local CAT=$(which cat) 67 local ID=$(which id) 68 local PASSWD=$(which passwd) 69 local USER="./username" 70 local USERHOME="/home" 71 local MAILHOME="/var/mail" 72 local LS=$(which ls) 73 74 if [ -r $USER ] 75 then 76 echo "Will delete $($CAT $USER | wc -l) users from the system." 77 echo "$($CAT $USER)" 78 echo "---------------" 79 else 80 echo "missing file username." 81 exit 2 82 fi 83 84 for user in $(cat $USER) 85 do 86 $($ID $user &> /dev/null) 87 RES=$(echo $?) 88 if [ $RES == 0 ] 89 then 90 echo "will delete user $user." 91 $DELUSER -r $user &> /dev/null 92 RES=$(echo $?) 93 if [ $RES -eq 0 ] 94 then 95 echo "user $user delete successful." 96 else 97 echo "user $user delete failed." 98 fi 99 else 100 echo "user $user is not exist." 101 fi 102 done 103 } 104 105 # return value 106 # 3 Command syntax error 107 if [ $# -ne 1 ] 108 then 109 echo -e "Usage: user.sh ARG type: user.sh -h " 110 exit 3 111 fi 112 113 if [ $1 == 'add' ] 114 then 115 adduser 116 exit 0 117 fi 118 119 if [ $1 == 'del' ] 120 then 121 deluser 122 exit 0 123 fi
指定用户的特定信息
指定家目录:添加用户“sunny”,家目录是“/data01/hhh/”。
useradd -d /data01/hhh sunny
指定基础目录:添加用户“sunny”,家目录是“/data01/sunny”。
useradd -b /data01/ sunny
添加一个不让登陆系统的用户
useradd -s /sbin/nologin work
创建一个没有家目录的用户
useradd -M nginx
useradd -r nginx
为某个应用建立一个执行用户
useradd -r -s /sbin/nologin nginx
用户管理
* 手工完成用户的创建
* 使用命令完成用户的创建
手工完成用户的创建
group
| manager:x:800: |
passwd
|
view:x:810:800::/home/view:/bin/bash dinglicom:x:811:800:/home/dinglicom:/bin/bash |
shadow
|
view:!!:16358:0:99999:7::: dinglicom:!!:16358:0:99999:7::: |
“!!”表示锁定状态;需要创建密码
# passwd view # passwd dinglicom
/home
# cd /home # mkdir view # mkdir dinglicom # cp -R /etc/skel/* /home/view # cp -R /etc/skel/* /home/dinglicom # chown -R view:manager /home/view # chown -R dinglicom:dinglicom /home/dinglicom # chmod -R 700 /home/view # chmod -R 700 /home/dinglicom
使用命令完成用户的创建
# groupadd -g 800 manager # useradd -u 810 -d /home/view -c "Dinglicom viewers." -g manager -G ftp -s /bin/bash view # useradd -u 810 -d /home/view -c "Dinglicom viewers." -g 800 -G ftp -s /bin/bash view # passwd view # groupmod -g 801 manager # usermod -u 811 -g 801 view # usermod -a http view # id view # usermod -L view # cat /etc/shadow | grep view # usermod -U view
useradd:
-u,指定UID(大于500)
-g,指定GID(需要是已存在的组;基本组)
-G,附件组(逗号隔开多个组)
# useradd -G root,ftp,http admin
-c,注释信息
-d,指定家目录
-s,指定shell路径(/etc/shells)
userdel:
-r,删除用户的时候,同时删除家目录
usermod:
-u,
-g,
-G -a,
-c,
-d,
id:
-n,不现实数字信息
-g,显示GID
-G,显示附件组信息
-u,显示UID
用户信息相关的文件
* group
* passwd
* shadow
* useradd
group
“组名:密码占位符:组ID:用户列表”
# cat /etc/group root:x:0: dba:x:501:oracle
1.1 组名
1.2 组密码(历史遗留)
1.3 组ID
1.4 组成员
passwd
# cat /etc/passwd root:x:0:0:root:/root:/bin/bash oracle:x:500:500::/home/oracle:/bin/bash
2.1 用户名
2.2 密码
2.3 用户ID
2.4 主要组ID
2.5 说明、注释(允许为空)
2.6 用户主目录
2.7 用户shell信息
shadow
(root的密码不是真实的)
# cat /etc/shadow root:$6$bu74FgD1S4fWkODOCyScBlTW1:16358:0:99999:7::: oracle:!!:16358:0:99999:7:::
3.1 用户名
3.2 密码(加密算法、掺杂、最终密码特征码)
3.3 最后一次修改密码的天数(相对于生日来说的-19700101)
3.4 密码最小寿命、经过几天可以自行修改密码(0表示随时可以修改)
3.5 密码最大寿命、经过几天必须重新修改密码(设定密码到期时间) (99999)
3.6 密码到期前几天开始提醒修改密码 (7)
3.7 密码到期后,账户被取消的天数
3.8 从创建账户开始,经过几天取消账户(默认为空,表示账户永不过期)
3.9 保留
生成配置文件
# cd /home/oracle # ls -a . .. .bash_logout .bash_profile .bashrc # cd /etc/skel # ls -a . .. .bash_logout .bash_profile .bashrc
useradd
[root@hp430G2 default]# cat /etc/default/useradd # useradd defaults file GROUP=100 HOME=/home INACTIVE=-1 EXPIRE= SHELL=/bin/bash SKEL=/etc/skel CREATE_MAIL_SPOOL=yes
特殊权限
suid:
sgid:
sticky: