Linux用户-用户组管理

文章目录

14. Linux 用户 - 用户组管理
- - 14.1 用户-用户组概述
  - 14.2 查看用户登录
  - 14.3 用户和用户组配置文件概述
  - 14.4 用户账号配置文件信息
  - 14.5 用户账号管理
  - 14.6 用户密码管理
  - 14.7 用户密码配置文件
  - 14.8 用户删除
  - 14.9 用户组管理
  - 14.10 用户组文件信息
  - 14.11 用户深入管理

14. Linux 用户 - 用户组管理

14.1 用户-用户组概述

$#
在大部分系统中(windows/linux), 默认包含多个系统自带用户/用户组在系统中可以包含多个用户，多个用户组。 一个用户可以属于多个用户组，一个用户组也可以包含多个用户。在Windows中一个用户可以不隶属于任何组，在Linux中一个用户必须隶属于某一个组。在windows中每个用户都有自己的一个桌面。 |  C:\Users\zy\(zy的家目录)C:\Users\zy\Desktop(zy的桌面目录)在Linux中每个用户都有自己的一个桌面  |      
[zy@localhost ~]$ pwd
/home/zy
[zy@localhost Desktop]$ pwd
/home/zy/Desktop
[zy@localhost Desktop]$

14.2 查看用户登录

$#
在windows 桌面系统 - 同一时刻只允许单用户登录。 windows 服务器系统， 同一时刻可以允许多用户登录。
# 任务管理器在linux系统 同一时刻允许多个用户同时登录，并且允许一个用户使用多种方式查看。
# 查看
[zy@localhost Desktop]$ whozy                pts/0                2023-02-02 22:52 (192.168.8.1)zy                :0                   2023-02-02 23:09 (:0)zy                pts/1                2023-02-02 23:18 (:0) 
登录用户名称         使用终端               登录时间        (什么方式登录)
[zy@localhost Desktop]$ root@localhost Desktop]# w   #(详细查看用户登录)00:08:34 up 33 min,  2 users,  load average: 0.00, 0.01, 0.02
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
zy       pts/0    192.168.8.1      23:45    4:26   0.05s  0.05s -bash
zy       pts/1    192.168.8.1      00:03    2.00s  0.07s  0.12s sshd: zy [priv]     
[root@localhost Desktop]# 1 :0         鼠标、键盘、显示器-直接通过图形和界面方式打开主机 
2 pts/0      伪终端(psedo-terminal slave) -提供和linux主机进行交互命令界面右键 open terminal      |          telnet/ssh   xshell  3 tty   早期电传打字机(teletypewrites)    只能用于打字-命令交互/无法提供图形化界面-无鼠标、无窗口
# 进入
ctrl + alt +(F2~F6)ctrl + alt + F2
ctrl + alt + F6
[zy@localhost ~]$ who
zy     tty2    2023-02-02 23:40
zy     tty6  2  023-02-02 23:41
[zy@localhost ~]$
# ctrl + alt + F1(回到正常界面)

14.3 用户和用户组配置文件概述

$#
# /etc/passwd     存储linux中的用户信息
# /etc/shadow     存储linux中的用户密码信息# /etc/group      存储linux中的用户组信息
# /etc/gshadow    存储linux中的用户组密码信息# /etc/passwd
每一行都是一个用户信息
在linux中，不同服务可以通过不同linux账户来维护， 默认包含了多个系统自带账户。
[root@localhost Desktop]# tail /etc/passwd -n 3
tcpdump:x:72:72::/:/sbin/nologin
zy:x:1000:1000:zy:/home/zy:/bin/bash
apache:x:48:48:Apache:/usr/share/httpd:/sbin/nologin
[root@localhost Desktop]# # 添加用户
[root@localhost Desktop]# useradd zhangsan
[root@localhost Desktop]# ls ./../../home/
zhangsan  zy
[root@localhost Desktop]# [root@localhost Desktop]# mkdir /home/lisi
[root@localhost Desktop]# ls /home/
zhangsan  zy  lisi(并不是用户)
[root@localhost Desktop]# [root@localhost Desktop]# tail /etc/passwd -n 3   通过此命令查看
zy:x:1000:1000:zy:/home/zy:/bin/bash
apache:x:48:48:Apache:/usr/share/httpd:/sbin/nologin
zhangsan:x:1001:1001::/home/zhangsan:/bin/bash    
[root@localhost Desktop]#

14.4 用户账号配置文件信息

$#
# /etc/passwd
zy:x:1000:1000:zy:/home/zy:/bin/bash
apache:x:48:48:Apache:/usr/share/httpd:/sbin/nologinzhangsan:     x:       1001:   1001:       :       /home/zhangsan:       /bin/bash[1]:       [2]:      [3]:     [4]:      [5]:           [6]:               [7]:
[用户名]: [用户密码]: [用户ID]: [组ID]: [用户描述信息]: [用户的家目录]: [用户所使用的shell][1]:  用户名
[2]:  用户密码 | x(代号) 密码单独存储在/etc/shadow
[3]:  用户ID  user-id (UID)
[4]:  主组ID    group-id (GID)
[5]:  用户描述信息
[6]:  用户的家目录
[7]:  用户所使用的shell(壳)# 查看linux当前系统中所支持的linux  shell类型
[root@localhost Desktop]# cat /etc/shells
/bin/sh           #  Bourne Shell(sh) 在交互不如其他shell
/bin/bash         #  Bourne Again Shell(bash)
/sbin/nologin     # 用户禁止登录(服务用户)
/usr/bin/sh
/usr/bin/bash
/usr/sbin/nologin
/bin/tcsh
/bin/csh
[root@localhost Desktop]# # 查看当前环境正在使用的shell是什么
[root@localhost Desktop]# echo $SHELL
/bin/bash    
[root@localhost Desktop]# [root@localhost Desktop]# head /etc/passwd -n 3
root:x:0:0:root:/root:/bin/bash
[root@localhost Desktop]# # 临时切换到sh shell
[root@localhost Desktop]# sh
sh-4.2# exit
exit
[root@localhost Desktop]# 
[root@localhost Desktop]# sh
sh-4.2# bash
[root@localhost Desktop]# # 永久切换shell
[root@localhost ~]# chsh -s /bin/sh
Changing shell for root.
Shell changed.
[root@localhost ~]# exit
logout
[zy@localhost ~]$ su - root
Password: 
Last login: Fri Feb  3 00:39:47 CST 2023 on pts/1
-sh-4.2# 
[root@localhost ~]# head /etc/passwd -n 3
root:x:0:0:root:/root:/bin/sh
[root@localhost ~]#

14.5 用户账号管理

$# 1. 在centos linux环境
创建用户时，如果没有指定UID,GID，系统会自动创建(从ID = 1001开始)
如果没有指定家目录，系统会自动创建(/home/username)作为家目录
如果没有指定shell，系统会自动创建(/bin/bash)shell，与系统进行交互$# 2. 实战
# -u 创建时自定义uid
[root@localhost Desktop]# useradd -u 2001 username01
[root@localhost Desktop]# cat /etc/passwd | tail -n 1
username01:x:2001:2001::/home/username01:/bin/bash
[root@localhost Desktop]# 
[root@localhost Desktop]# cat /etc/group | tail -n 1
username01:x:2001:
[root@localhost Desktop]# # -c 添加注释信息
[root@localhost Desktop]# useradd -u 2002 -c "我的电话号码是：15678" username02
[root@localhost Desktop]# tail /etc/passwd -n 1
username02:x:2002:2002:我的电话号码是：15678:/home/username02:/bin/bash
[root@localhost Desktop]# # -s 自定义shell
[root@localhost Desktop]# useradd -u 2003 -s /bin/csh username03 
[root@localhost Desktop]# tac /etc/passwd | head -n 1
username03:x:2003:2003::/home/username03:/bin/csh
[root@localhost Desktop]# # -d 指定家目录名称
[root@localhost Desktop]# 
[root@localhost Desktop]# useradd -u 2004 -d /home/username04lbp username04
[root@localhost Desktop]# tac /etc/passwd | head -n 1
username04:x:2004:2004::/home/username04lbp:/bin/bash
[root@localhost Desktop]# ls /home/
zy username01  username02  username03  username04lbp   # 系统创建了username04lbp目录
[root@localhost Desktop]# 
#*******************************************************************************************$#
# -g 自定义gid (必须已经存在)添加主组
[root@localhost Desktop]# useradd -u 2005 -g 2004 username05
[root@localhost Desktop]# tail /etc/passwd -n 1
username05:x:2005:2004::/home/username05:/bin/bash
[root@localhost Desktop]# tail /etc/passwd -n 1
useraddname05:x:2005:2004::/home/useraddname05:/bin/bash[root@localhost Desktop]# id username05   # id(查看用户id信息)
uid=2005(username05) gid=2004(username04) groups=2004(username04)
[root@localhost Desktop]# [root@localhost Desktop]# useradd -u 2006 -g 2006 username06
useradd: group '2006' does not exist
[root@localhost Desktop]# 
#*******************************************************************************************# -G 指定添加附属组(必须已经存在)
[root@localhost Desktop]# useradd -u 2007 -g 2003 -G 2004 username07
[root@localhost Desktop]# cat /etc/passwd | tail -n 1
username07:x:2007:2003::/home/username07:/bin/bash
[root@localhost Desktop]# 
[root@localhost Desktop]# id username07
uid=2007(username07) gid=2003(username03) groups=2003(username03),2004(username04)
[root@localhost Desktop]# [root@localhost Desktop]# su username07
[username07@localhost Desktop]$ cd ~
[username07@localhost ~]$ pwd
/home/username07
[username07@localhost ~]$ touch 1.txt
[username07@localhost ~]$ ls -lh
-rw-r--r--. 1 username07 username03 0 Feb  3 01:27 1.txt
[username07@localhost ~]$ # 临时切换到username04这个组
[username07@localhost ~]$ newgrp username04
[username07@localhost ~]$ touch 2.txt
[username07@localhost ~]$ ls -lh
total 0
-rw-r--r--. 1 username07 username03 0 Feb  3 01:27 1.txt
-rw-r--r--. 1 username07 username04 0 Feb  3 01:29 2.txt
[username07@localhost ~]$ 
[username07@localhost ~]$ exit
exit
[username07@localhost ~]$ touch 3. txt
[username07@localhost ~]$ ls -lh-rw-r--r--. 1 username07 username03 0 Feb  3 01:27 1.txt
-rw-r--r--. 1 username07 username04 0 Feb  3 01:29 2.txt
-rw-r--r--. 1 username07 username03 0 Feb  3 01:32 3.txt
[username07@localhost ~]$ id username07
uid=2007(username07) gid=2003(username03) groups=2003(username03),2004(username04)
[username07@localhost ~]$

14.6 用户密码管理

$# 1. 
# root账户修改其他账号的密码
[root@localhost ~]# passwd username01
Changing password for user username01.
New password: 
BAD PASSWORD: The password is shorter than 8 characters
Retype new password: 
passwd: all authentication tokens updated successfully.
[root@localhost ~]# # 普通账户修改自己的密码
[username01@localhost Desktop]$ passwd
Changing password for user username01.
Changing password for username01.
(current) UNIX password: 
New password: 
Retype new password: 
passwd: all authentication tokens updated successfully.
[username01@localhost Desktop]$

14.7 用户密码配置文件

$# 1. 
# 
[root@localhost Desktop]# cat /etc/shadow | tail -n 6
username01:$6$6oue2ZrC$M0cgIBO8YKzGBGiZ/JNTd/Og8a33UeYX27Rb8T6e2178SY2bbR0GQ.cLWL6mxLcD.Cm3rSZSdWkW9Ks0M2Jo./:19390:0:99999:7:::
username02:!!:19390:0:99999:7:8::
[root@localhost Desktop]# username02:  !!:    19390:     0:     99999:      7:      8:     : [1]:       [2]:    [3]:     [4]:     [5]:      [6]:    [7]:   [8]:   [9]
[1]: 用户名
[2]: 密码  ----  "!!": 账号锁定        | $6$: 密码已经设置, 并且密码本地加密
[3]: 上次修改密码时间 (从1970-1-1 到 修改密码当天) 没有修改过的话，是创建账户的时间      
[4]: 密码的最短有效期 (3) 3天之内不可以修改密码                   0(随时可修改)系统默认
[5]: 密码的最长有效时间 （30） 30天之内必须修改密码              99999 
[6]: 密码到期前多久发送告警(提前 7天发送警告)
[7]: 密码过期后的宽限日期 (8) 再宽限8天
[8]: 账号的失效日期 ----优先级最高， 一旦当前参数到期，该账号直接立即无法使用
[9]: 保留# 密码的加密算法
[root@localhost Desktop]# cat /etc/login.defs 
# Use SHA512 to encrypt password.
ENCRYPT_METHOD SHA512 
[root@localhost Desktop]# 
#*******************************************************************************************# 下次登录必须修改密码 
[root@localhost Desktop]# chage -d 0 username01              # 将上次修改密码时间设置为0
[root@localhost Desktop]# cat /etc/shadow | grep username01
username01:$6$6oue2ZrC$M0cgIBO8YKzGBGiZ/JNTd/Og8a33UeYX27Rb8T6e2178SY2bbR0GQ.cLWL6mxLcD.Cm3rSZSdWkW9Ks0M2Jo./:0:0:99999:7:::
[root@localhost Desktop]# cat /etc/shadow | tail -n 6
username01:$6$6oue2ZrC$M0cgIBO8YKzGBGiZ/JNTd/Og8a33UeYX27Rb8T6e2178SY2bbR0GQ.cLWL6mxLcD.Cm3rSZSdWkW9Ks0M2Jo./:19390:0:99999:7:::# -S 查看username01 密码状态
[root@localhost Desktop]# passwd -S  username01
username01 PS 1970-01-01 0 99999 7 -1 (Password set, SHA512 crypt.)
[root@localhost Desktop]# # -l 锁定用户禁止登录
[root@localhost Desktop]# passwd -l username01
Locking password for user username01.
passwd: Success
[root@localhost Desktop]# cat /etc/shadow | grep -i username01
username01:!!$6$6oue2ZrC$M0cgIBO8YKzGBGiZ/JNTd/Og8a33UeYX27Rb8T6e2178SY2bbR0GQ.cLWL6mxLcD.Cm3rSZSdWkW9Ks0M2Jo./:0:0:99999:7:::
[root@localhost Desktop]# passwd -S username01
username01 LK 1970-01-01 0 99999 7 -1 (Password locked.)
[root@localhost Desktop]# # -u 解除用户禁止登录
[root@localhost Desktop]# passwd -u username01
Unlocking password for user username01.
passwd: Success
[root@localhost Desktop]# cat /etc/shadow | grep -i username01
username01:$6$6oue2ZrC$M0cgIBO8YKzGBGiZ/JNTd/Og8a33UeYX27Rb8T6e2178SY2bbR0GQ.cLWL6mxLcD.Cm3rSZSdWkW9Ks0M2Jo./:0:0:99999:7:::
[root@localhost Desktop]# 
[root@localhost Desktop]# passwd -S username01
username01 PS 1970-01-01 0 99999 7 -1 (Password set, SHA512 crypt.)
[root@localhost Desktop]# # -d 移除密码
[root@localhost Desktop]# passwd -d username01
Removing password for user username01.
passwd: Success
[root@localhost Desktop]# passwd -l username01
Locking password for user username01.
passwd: Success
[root@localhost Desktop]# cat /etc/shadow | grep -i username01
username01:!!:19390:0:99999:7:::
[root@localhost Desktop]# # -e 设置密码过期(下次登录必须修改密码)
[root@localhost Desktop]# passwd -e username01
Expiring password for user username01.
passwd: Success
[root@localhost Desktop]# cat /etc/shadow | grep -i username01
username01:$6$oqrKE9Bx$I65yShC1Q4WQZtit2HWTdnVoumoqjnZz74wQt1rlmew7mEe0bJjFACHelq3urIs2U.40lkzN8P3tAAaTzhOus1:0:0:99999:7:::
[root@localhost Desktop]# 
#*******************************************************************************************$# 2. 实战设置密码(通过管道-输入方式)
[root@localhost Desktop]# echo "Text@1234" | passwd --stdin username01
Changing password for user username01.
passwd: all authentication tokens updated successfully.
[root@localhost Desktop]# echo "Text@1234" | passwd --stdin username01 > /dev/null
[root@localhost Desktop]# # 最短有效期3天， 最长30天，提前5天发送告警， 宽限日期2天
[root@localhost Desktop]# cat /etc/shadow | grep -i username01
username01:$6$oqrKE9Bx$I65yShC1Q4WQZtit2HWTdnVoumoqjnZz74wQt1rlmew7mEe0bJjFACHelq3urIs2U.40lkzN8P3tAAaTzhOus1:0:0:99999:7:::
[root@localhost Desktop]# passwd -n 3 -x 30 -w 5 -i 2 username01
Adjusting aging data for user username01.
passwd: Success
[root@localhost Desktop]# cat /etc/shadow | grep -i username01
username01:$6$oqrKE9Bx$I65yShC1Q4WQZtit2HWTdnVoumoqjnZz74wQt1rlmew7mEe0bJjFACHelq3urIs2U.40lkzN8P3tAAaTzhOus1:0:3:30:5:2::
[root@localhost Desktop]# # 强制指定密码失效时间
[root@localhost ~]# chage -E 2024-6-12 username01
[root@localhost ~]# cat /etc/shadow | grep -i username01
username01:$6$TkEqrYWS$iQ4C85rquhlgFQYq7/04CXxdmAfTqkMb6HJFVFuq3eTtonBl1dI5qmv24QCOHSrMbwNXg2sQYp.6nXPiAU2k8/:19390:3:30:5:2:19886:
[root@localhost ~]#

14.8 用户删除

$# 1. 
# 普通删除
[root@localhost Desktop]# userdel useraddname05
[root@localhost Desktop]# # -r 普通删除用户 并且 删除掉用户对应的用户目录
[root@localhost Desktop]# userdel -r username02
[root@localhost Desktop]# 
[root@localhost Desktop]# ls /home/
username01  username03  username04 username07  zhangsan  zy
[root@localhost Desktop]# # -f 强制删除 / 并且删除掉用户对应的其他信息
[root@localhost Desktop]# userdel -f username03
[root@localhost Desktop]# ls /home/
username01  username03  username04  username07  zhangsan  zy
[root@localhost Desktop]# # -rf 强制删除 / 并且删除掉用户对应的其他信息
[root@localhost ~]# userdel -rf zhangsan
[root@localhost ~]# ls /home
username01  username03 username04  username07 zy
[root@localhost ~]#

14.9 用户组管理

$# 1.
# 查看组的信息
[root@localhost Desktop]# cat /etc/group | tail -n 5
zy:x:1000:zy
apache:x:48:
username01:x:2001:
username04:x:2004:
[root@localhost Desktop]# # 创建一个普通组(系统默认指定gid)
[root@localhost Desktop]# groupadd groupname01
[root@localhost Desktop]# cat /etc/group | tail -n 2
username04:x:2004:
groupname01:x:2005:
[root@localhost Desktop]# # -g 创建一个指定组ID的组(3001)
[root@localhost Desktop]# groupadd  -g 30001 groupname02
[root@localhost Desktop]# cat /etc/group | tail -n 3
username04:x:2004:
groupname01:x:2005:
groupname02:x:30001:
[root@localhost Desktop]# # 创建用户的同时，添加主组
[root@localhost Desktop]# useradd username01 -g groupname01
[root@localhost Desktop]# id username01
uid=1001(username01) gid=2005(groupname01) groups=2005(groupname01)
[root@localhost Desktop]# 
#*******************************************************************************************$# 2.
# 用户已经存在的情况下不能通过useradd修改属性
[root@localhost Desktop]# useradd username01 -G groupname01
useradd: user 'username01' already exists
[root@localhost Desktop]# # 用户已经存在的情况下，需要通过usermod
[root@localhost Desktop]# usermod username01 -G groupname02   # 添加附属组
[root@localhost Desktop]# id username01
uid=1001(username01) gid=2005(groupname01) groups=2005(groupname01),30001(groupname02)
[root@localhost Desktop]# # 一个组不能同时成为一个用户的主组和附加组
[root@localhost Desktop]# id username01
uid=1001(username01) gid=2005(groupname01) groups=2005(groupname01),30001(groupname02)
[root@localhost Desktop]# usermod username01 -G groupname01
[root@localhost Desktop]# id username01
uid=1001(username01) gid=2005(groupname01) groups=2005(groupname01)
[root@localhost Desktop]# 
#*******************************************************************************************$# 3.
# -G 覆盖方式添加附加组
[root@localhost Desktop]# groupadd -g 3003 groupname03
[root@localhost Desktop]# usermod username01 -G groupname03
[root@localhost Desktop]# id username01
uid=1001(username01) gid=2005(groupname01) groups=2005(groupname01),3003(groupname03)
[root@localhost Desktop]# # -aG Z追加方式添加附加组 (append)
[root@localhost Desktop]# usermod username01 -aG groupname03
[root@localhost Desktop]# id username01
uid=1001(username01) gid=2005(groupname01) groups=2005(groupname01),30001(groupname02),3003(groupname03)
[root@localhost Desktop]#

14.10 用户组文件信息

$# 1. 用户组信息
[root@localhost Desktop]# cat /etc/group | tail -n 3
groupname01:x:2005:
groupname02:x:30001:username01
groupname03:x:3003:username01
[root@localhost Desktop]# groupname03:          x:              3003:             username01
[用户组名称]:   [用户组密码信息]:     [用户组ID]:         [附加组成员]:[1]:  用户组名称[2]:  用户组密码信息 [3]:  用户组ID      [4]:  附加组成员#创建用户的同时，默认会创建一个跟用户名相同的组如果先创建了组，再创建与组名称相同的用户，需要填加-g + 用户名称
[root@localhost Desktop]# groupadd username02
[root@localhost Desktop]# tail /etc/group -n 4
groupname01:x:2005:
groupname02:x:30001:username01
groupname03:x:3003:username01
username02:x:30002:
[root@localhost Desktop]# useradd username02 -G groupname01
useradd: group username02 exists - if you want to add this user to that group, use -g.
[root@localhost Desktop]# id username02
id: username02: no such user
[root@localhost Desktop]# useradd username02 -g username02 -G groupname01
[root@localhost Desktop]# 
#*******************************************************************************************$# 2. 组密码文件信息
# 设置组密码
[root@localhost Desktop]# gpasswd groupname02
Changing the password for group groupname02
New Password: 
Re-enter new password: 
[root@localhost Desktop]# su username01
[username01@localhost Desktop]$ cd ~
[username01@localhost ~]$ ls
[username01@localhost ~]$ touch 2.txt
[username01@localhost ~]$ id username01
uid=1001(username01) gid=2005(groupname01) groups=2005(groupname01),30001(groupname02),3003(groupname03)
[username01@localhost ~]$ newgrp groupname02
[username01@localhost ~]$ touch 3.txt
[username01@localhost ~]$ ls -lh
-rw-r--r--. 1 username01 groupname01 0 Feb  3 00:27 2.txt
-rw-r--r--. 1 username01 groupname02 0 Feb  3 00:28 3.txt   #  创建文件的组不一样
[username01@localhost ~]$ # -r 将组的密码移除
[root@localhost Desktop]# gpasswd -r groupname03# -d groupname03组里面移除username01
[root@localhost Desktop]# id username01
uid=1001(username01) gid=2005(groupname01) groups=2005(groupname01),30001(groupname02),3003(groupname03)
[root@localhost Desktop]# gpasswd -d username01 groupname03
Removing user username01 from group groupname03
[root@localhost Desktop]# id username01
uid=1001(username01) gid=2005(groupname01) groups=2005(groupname01),30001(groupname02)
[root@localhost Desktop]# # -a 将username01用户添加到groupname03组
[root@localhost Desktop]# gpasswd -a username01 groupname03
Adding user username01 to group groupname03
[root@localhost Desktop]# id username01
uid=1001(username01) gid=2005(groupname01) groups=2005(groupname01),30001(groupname02),3003(groupname03)
[root@localhost Desktop]#

14.11 用户深入管理

$# 1. 关于用户删除
# -r参数指的是删除用户的相关信息(家目录和邮件等)， 没有-r需要手动删除
[root@localhost ~]# userdel username03
[root@localhost ~]# ls /home/
username01  username02  username03   
[root@localhost ~]# rm -rf /home/username03
[root@localhost ~]# ls /home/
username01  username02 
[root@localhost ~]# ls /var/spool/mail
root  rpc  username01  username02 username03 
[root@localhost ~]# rm -rf /var/spool/mail/username03# 创建用户时，如果提前创建好家目录，家目录里面的文件不全(建议不提前)
[root@localhost ~]# mkdir /home/username03
[root@localhost ~]# useradd username03 -d /home/username03
useradd: warning: the home directory already exists.
Not copying any file from skel directory into it.
[root@localhost ~]# 
[root@localhost ~]# ls -a /home/username03/
.  ..
[root@localhost ~]# 
[root@localhost ~]# useradd username02
[root@localhost ~]# ls -a /home/username02/
.  ..  .bash_logout  .bash_profile  .bashrc  .mozilla   # 正常创建用户有这么些文件
[root@localhost ~]# [root@localhost ~]# ls -a /etc/skel/
.  ..  .bash_logout  .bash_profile  .bashrc  .mozilla
[root@localhost ~]# 
[root@localhost ~]# su username03
bash-4.2$ 
[root@localhost ~]# # 不能这样复制，会把上一层目录的文件也复制过来
[root@localhost ~]# cp /etc//skel/* /home/username03
cp: cannot stat ‘/etc//skel/*’: No such file or directory
[root@localhost ~]# ls -lha /etc/skel/
drwxr-xr-x.   3 root root   78 Dec 12 23:11 .
drwxr-xr-x. 135 root root 8.0K Feb  3 01:05 ..
-rw-r--r--.   1 root root   18 Aug  3  2017 .bash_logout
-rw-r--r--.   1 root root  193 Aug  3  2017 .bash_profile
-rw-r--r--.   1 root root  231 Aug  3  2017 .bashrc
drwxr-xr-x.   4 root root   39 Dec 12 23:11 .mozilla
[root@localhost ~]# cp -a /etc/skel/* /home/username03
cp: cannot stat ‘/etc/skel/*’: No such file or directory
[root@localhost ~]# cp -a /etc/skel/.* /home/username03
cp: will not create hard link ‘/home/username03/skel’ to directory ‘/home/username03/.’
cp: overwrite ‘/home/username03/.bash_logout’? yes
cp: overwrite ‘/home/username03/.bash_profile’? yes    
cp: overwrite ‘/home/username03/.bashrc’? yes  
cp: will not create hard link ‘/home/username03/.mozilla’ to directory ‘/home/username03/./.mozilla’
[root@localhost ~]# ls -a /home/username03/
.                           fonts                     maven              rpc
..                          fprintd.conf              mcelog             rpm
abrt                        fstab                     mke2fs.conf        rsyncd.conf
flatpak                     man_db.conf               resolv.conf
[root@localhost ~]# # 固定解决方法， 但是会产生权限问题
[root@localhost ~]# cp -a /etc/skel/.[!.]* /home/username03
[root@localhost ~]# ls -lha /home/username03
total 12K
drwxr-xr-x. 3 root root  78 Feb  3 01:22 .
drwxr-xr-x. 7 root root  81 Feb  3 01:21 ..
-rw-r--r--. 1 root root  18 Aug  3  2017 .bash_logout
-rw-r--r--. 1 root root 193 Aug  3  2017 .bash_profile
-rw-r--r--. 1 root root 231 Aug  3  2017 .bashrc
drwxr-xr-x. 4 root root  39 Dec 12 23:11 .mozilla
[root@localhost ~]# su username03
[username03@localhost root]$ [root@localhost ~]# useradd username04
[root@localhost ~]# ls -lha /home/username04
drwx------. 3 username04 username04  78 Feb  3 01:28 .
drwxr-xr-x. 8 root       root        99 Feb  3 01:28 ..
-rw-r--r--. 1 username04 username04  18 Aug  3  2017 .bash_logout
-rw-r--r--. 1 username04 username04 193 Aug  3  2017 .bash_profile
-rw-r--r--. 1 username04 username04 231 Aug  3  2017 .bashrc
drwxr-xr-x. 4 username04 username04  39 Dec 12 23:11 .mozilla
[root@localhost ~]# # 可以在/etc/skel 中添加文件，会在之后的用户创建中自动添加到家目录中
[root@localhost ~]# cd /etc/skel
[root@localhost skel]# ls -lha
[root@localhost skel]# touch README.md
[root@localhost skel]# echo "Wecome to my Cloud" >> README.md
[root@localhost skel]# 
[root@localhost ~]# useradd username05
[root@localhost ~]# ls -lha /home/username05
drwx------. 3 username05 username05  95 Feb  3 01:37 .
drwxr-xr-x. 9 root       root       117 Feb  3 01:37 ..
-rw-r--r--. 1 username05 username05  18 Aug  3  2017 .bash_logout
-rw-r--r--. 1 username05 username05 193 Aug  3  2017 .bash_profile
-rw-r--r--. 1 username05 username05 231 Aug  3  2017 .bashrc
drwxr-xr-x. 4 username05 username05  39 Dec 12 23:11 .mozilla
-rw-r--r--. 1 username05 username05  19 Feb  3 01:35 README.md
[root@localhost ~]# cat /home/username05/README.md 
Wecome to my Cloud
[root@localhost ~]# 
#*******************************************************************************************# 添加注释信息
[root@localhost ~]# tail /etc/passwd -n 5
username05:x:1006:1006::/home/username05:/bin/bash
[root@localhost ~]# su username05
[username05@localhost root]$ chfn
Changing finger information for username05.
Name []: 求伯君  
Office []: wps 
Office Phone []: 123456789
Home Phone []: 987654321
Password: 
Finger information changed.
[username05@localhost root]$ tail /etc/passwd -n 1
username05:x:1006:1006:求伯君,wps,123456789,987654321:/home/username05:/bin/bash
[username05@localhost root]$ # 修改shell环境
[username05@localhost root]$ chsh -s /bin/sh
Changing shell for username05.
Password: 
Shell changed.
[username05@localhost root]$ exit
exit
[root@localhost ~]# su username05
sh-4.2$ 
sh-4.2$# 解决删不了的权限问题
[root@localhost ~]# ls /home/ -lha
total 4.0K
drwxr-xr-x.  9 root       root         117 Feb  3 01:37 .
dr-xr-xr-x. 18 root       root         239 Jan  5 04:39 ..
drwxr-xr-x.  3 root       root          78 Feb  3 01:22 username03
drwx------.  5 username05 username05   145 Feb  3 02:04 username05
drwxr-xr-x.  2 root       root           6 Feb  3 00:52 username3
drwx------. 13 zy         zy          4.0K Feb  3 01:43 zy
[root@localhost ~]# userdel -r username03
userdel: /home/username03 not owned by username03, not removing
[root@localhost ~]# 
[root@localhost ~]# rm -rf /home/username03/  
#*******************************************************************************************# 通过配置文件创建
[root@localhost ~]# vim /etc/passwd
zy:x:1000:1000:zy:/home/zy:/bin/bash
apache:x:48:48:Apache:/usr/share/httpd:/sbin/nologin
username01:x:1001:1001:周伯通,阿里巴巴,1234,4321:/home/username01:/bin/bash
[root@localhost ~]#
[root@localhost ~]# vim /etc/shadow
zy:$6$NUIlmI90$pP2QceY5LncMxboRdG0bTRxRaHvH8HkInMESBaXXt5Gd/T4tvYj0qV6RpctxXyL5n0a1CTZcpBWf8Q/NOX.27/:19388:0:99999:7:::
apache:!!:19361::::::
username01:!!:19362:0:99999:7:::
[root@localhost ~]#                
a[root@localhost ~]# vim /etc/group
groupname01:x:2005:
groupname02:x:30001:
groupname03:x:3003:username01
[root@localhost ~]#  
[root@localhost ~]# mkdir /home/username01
[root@localhost ~]# cp -a /etc/skel/.[!.]* /home/username01
[root@localhost ~]# 
[root@localhost ~]# touch /var/spool/mail/username01
[root@localhost ~]# echo "123" | passwd --stdin username01
[root@localhost ~]# 
[username01@localhost root]$ ls
ls: cannot open directory .: Permission denied   # 因为没有权限
[username01@localhost root]$ [root@localhost ~]# ls -lha /home/username01
total 12K
drwxr-xr-x. 3 root root  78 Feb  3 02:30 .
drwxr-xr-x. 4 root root  34 Feb  3 02:29 ..
-rw-r--r--. 1 root root  18 Aug  3  2017 .bash_logout
-rw-r--r--. 1 root root 193 Aug  3  2017 .bash_profile
-rw-r--r--. 1 root root 231 Aug  3  2017 .bashrc
drwxr-xr-x. 4 root root  39 Dec 12 23:11 .mozilla
[root@localhost ~]# 
[root@localhost ~]# userdel -r username01
userdel: /var/spool/mail/username01 not owned by username01, not removing
userdel: /home/username01 not owned by username01, not removing
[root@localhost ~]# rm -rf /var/spool/mail/username01
[root@localhost ~]# rm -rf /var/spool/mail/username01
[root@localhost ~]# #*******************************************************************************************# nologin
[root@localhost ~]# useradd username02
[root@localhost ~]# echo "123" | passwd  --stdin username02
Changing password for user username02.
passwd: all authentication tokens updated successfully.
[root@localhost ~]# 
[root@localhost ~]# cat /etc/shells
/bin/sh
/bin/bash
/sbin/nologin
/usr/bin/sh
/usr/bin/bash
/usr/sbin/nologin
/bin/tcsh
/bin/csh
[root@localhost ~]# chsh -l
/bin/sh
/bin/bash
/sbin/nologin
/usr/bin/sh
/usr/bin/bash
/usr/sbin/nologin
/bin/tcsh
/bin/csh
[root@localhost ~]# # 使用户无法登录(一般服务用户都这样做)
sbin/nologn
[root@localhost ~]# chsh -s /sbin/nologin username02
Changing shell for username02.
Shell changed.
[root@localhost ~]# 
#*******************************************************************************************# server 停机维护(发送本机广播到所有用户)
[root@localhost ~]# wall "This server will be shutdown, please exit"Broadcast message from root@localhost.localdomain (pts/1) (Fri Feb  3 02:43:49 2023):This server will be shutdown, please exit
[root@localhost ~]# 
[root@localhost ~]# touch /etc/nologin  # 拒绝所有普通用户登录
[root@localhost ~]# rm -rf /etc/nologin  # 允许所有普通用户登录