linux系统是通过文件来保存配置的,其中关于用户和组的配置文件包括以下几个:
/etc/passwd
/etc/shadow
/etc/group
/etc/gshadow
/etc/login.defs
/etc/default/useradd
/etc/passwd
存放用户信息的配置文件,其基本格式如下
root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/sbin/nologin daemon:x:2:2:daemon:/sbin:/sbin/nologin adm:x:3:4:adm:/var/adm:/sbin/nologin lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
其中分隔符为冒号“:”,具体信息为
用户名:
用户密码:显示为x,因为真正的密码保存在/etc/shadow中
用户UID:
用户GID:
用户描述信息:
用户家目录:
用户默认shell
/etc/shadow
root:$1$CVHlfpOK$DWkuyehOW/0RD49FE/6gx0:17094:0:99999:7::: bin:*:16659:0:99999:7::: daemon:*:16659:0:99999:7::: systemd-bus-proxy:!!:17063:::::: systemd-network:!!:17063:::::: dbus:!!:17063:::::: pirate:$1$86TXHfwN$YnY48R1.sngOB4Ms6Ipxi/:17063:0:99999:7:::
shadow的文件格式也是使用冒号“:”作为分隔符,具体内容为;
用户名:
用户(加密后的)口令:以$作为分隔符,前面的为salt,后面的为加密后的密码
用户上一次修改口令的时间:
用户修改口令的最小时间间隔:
用户口令最长使用时间:
用户口令过期提前多久警告:
用户口令过期之后多久会锁定用户:
用户有效期:
保留字段,目前为空
/etc/group
root:x:0: bin:x:1: daemon:x:2: sys:x:3: adm:x:4: tty:x:5: mail:x:12:postfix
用户组名称:
用户组口令:
用户组GID:
组内用户列表
/etc/gshadow
root::: bin::: daemon::: sys::: adm::: tty::: disk:::
用户组名称:
用户组密码:
用户组管理员:
用户组成员
/etc/login.defs
# # Please note that the parameters in this configuration file control the # behavior of the tools from the shadow-utils component. None of these # tools uses the PAM mechanism, and the utilities that use PAM (such as the # passwd command) should therefore be configured elsewhere. Refer to # /etc/pam.d/system-auth for more information. # #用户mail设置: # *REQUIRED* # Directory where mailboxes reside, _or_ name of file, relative to the # home directory. If you _do_ define both, MAIL_DIR takes precedence. # QMAIL_DIR is for Qmail # #QMAIL_DIR Maildir MAIL_DIR /var/spool/mail #mail保存目录 #MAIL_FILE .mail #密码有效期设置 # Password aging controls: # # PASS_MAX_DAYS Maximum number of days a password may be used. # PASS_MIN_DAYS Minimum number of days allowed between password changes. # PASS_MIN_LEN Minimum acceptable password length. # PASS_WARN_AGE Number of days warning given before a password expires. # PASS_MAX_DAYS 99999 #密码有效期 PASS_MIN_DAYS 0 #密码最短修改时间 PASS_MIN_LEN 5 #密码最短长度 PASS_WARN_AGE 7 #密码过期之前警告时间 # # Min/max values for automatic uid selection in useradd # UID_MIN 1000 #用户最小UID UID_MAX 60000 #用户最大UID # System accounts SYS_UID_MIN 201 #最小系统UID SYS_UID_MAX 999 #最大系统UID # # Min/max values for automatic gid selection in groupadd # GID_MIN 1000 #最小GID GID_MAX 60000 #最大GID # System accounts SYS_GID_MIN 201 #最小系统GID SYS_GID_MAX 999 #最大系统GID # # If defined, this command is run when removing a user. # It should remove any at/cron/print jobs etc. owned by # the user to be removed (passed as the first argument). # #USERDEL_CMD /usr/sbin/userdel_local # # If useradd should create home directories for users by default # On RH systems, we do. This option is overridden with the -m flag on # useradd command line. # CREATE_HOME yes #默认创建家目录 # The permission mask is initialized to this value. If not specified, # the permission mask will be initialized to 022. UMASK 077 #默认umask # This enables userdel to remove user groups if no members exist. # USERGROUPS_ENAB yes #如果用户被删除之后,其组里面没有用户,删除组 # Use SHA512 to encrypt password. ENCRYPT_METHOD SHA512 #口令加密方式 MD5_CRYPT_ENAB no
/etc/default/useradd
# useradd defaults file #创建用户的默认设置 GROUP=100 #表示可创建普通组 HOME=/home #默认用户家目录的父目录 INACTIVE=-1 #是否启用帐号过期停权,-1表示不启用 EXPIRE= #帐号终止日期,不设置表示不启用 SHELL=/bin/bash #用户默认shell SKEL=/etc/skel #用户主目录的默认文件来源 CREATE_MAIL_SPOOL=yes #是否创建用户邮件缓冲
原创文章,作者:wangshuai,如若转载,请注明出处:http://www.178linux.com/54618
