查看用户
查看所有用户命令:
cat /etc/passwd
上面命令输出内容比较杂乱,可以使用如下命令简化输出:
#对于 cat /etc/passwd 的替换
cat /etc/passwd|grep -v nologin|grep -v halt|grep -v shutdown|awk -F":" '{ print $1"|"$3"|"$4 }'|more
查看特定用户命令:
cat /etc/passwd|grep 用户名
查看用户组
查看所有用户组命令:
cat /etc/group
查找特定用户组命令:
cat /etc/group|grep 用户组名
用户和用户组常用命令
groups //查看当前登录用户的组内成员
groups test //查看test用户所在的组,以及组内成员
whoami //查看当前登录用户名
用户和用户组的添加和删除
删除用户及其家目录
注意,如果加了-r会将用户家目录删除,如果只是删除用户,则只使用userdel 用户即可
userdel -r 用户
添加用户并指定分组
useradd 用户 -g 用户组名 -m -d 用户家目录
删除用户组
groupdel 用户组名
添加用户组
groupadd 用户组名
修改文件所属用户组及用户
chown -R 组:用户 *
在root用户下修改所有当前文件及其子文件的所属的 组和用户
扩展
chown命令
-c, --changes
like verbose but report only when a change is made
--dereference
affect the referent of each symbolic link (this is the default), rather than the symbolic link
itself
-h, --no-dereference
affect each symbolic link instead of any referenced file (useful only on systems that can change
the ownership of a symlink)
--no-preserve-root
do not treat `/' specially (the default)
--preserve-root
fail to operate recursively on `/'
-f, --silent, --quiet
suppress most error messages
--reference=RFILE
use RFILE's owner and group rather than specifying OWNER:GROUP values
-R, --recursive
operate on files and directories recursively
-v, --verbose
output a diagnostic for every file processed
The following options modify how a hierarchy is traversed when the -R option is also specified. If more
than one is specified, only the final one takes effect.
-H if a command line argument is a symbolic link to a directory, traverse it
-L traverse every symbolic link to a directory encountered
-P do not traverse any symbolic links (default)
--help display this help and exit
--version
output version information and exit
useradd命令
-b, --base-dir BASE_DIR
The default base directory for the system if -d HOME_DIR is not specified. BASE_DIR is concatenated
with the account name to define the home directory. If the -m option is not used, BASE_DIR must
exist.
If this option is not specified, useradd will use the base directory specified by the HOME variable
in /etc/default/useradd, or /home by default.
-c, --comment COMMENT
Any text string. It is generally a short description of the login, and is currently used as the field
for the user's full name.
-d, --home HOME_DIR
The new user will be created using HOME_DIR as the value for the user's login directory. The default
is to append the LOGIN name to BASE_DIR and use that as the login directory name. The directory
HOME_DIR does not have to exist but will not be created if it is missing.
-D, --defaults
See below, the subsection "Changing the default values".
-e, --expiredate EXPIRE_DATE
The date on which the user account will be disabled. The date is specified in the format YYYY-MM-DD.
If not specified, useradd will use the default expiry date specified by the EXPIRE variable in
/etc/default/useradd, or an empty string (no expiry) by default.
-f, --inactive INACTIVE
The number of days after a password expires until the account is permanently disabled. A value of 0
disables the account as soon as the password has expired, and a value of -1 disables the feature.
If not specified, useradd will use the default inactivity period specified by the INACTIVE variable
in /etc/default/useradd, or -1 by default.
-g, --gid GROUP
The group name or number of the user's initial login group. The group name must exist. A group number
must refer to an already existing group.
If not specified, the behavior of useradd will depend on the USERGROUPS_ENAB variable in
/etc/login.defs. If this variable is set to yes (or -U/--user-group is specified on the command
line), a group will be created for the user, with the same name as her loginname. If the variable is
set to no (or -N/--no-user-group is specified on the command line), useradd will set the primary
group of the new user to the value specified by the GROUP variable in /etc/default/useradd, or 100 by
default.
-G, --groups GROUP1[,GROUP2,...[,GROUPN]]]
A list of supplementary groups which the user is also a member of. Each group is separated from the
next by a comma, with no intervening whitespace. The groups are subject to the same restrictions as
the group given with the -g option. The default is for the user to belong only to the initial group.
-h, --help
Display help message and exit.
-k, --skel SKEL_DIR
The skeleton directory, which contains files and directories to be copied in the user's home
directory, when the home directory is created by useradd.
This option is only valid if the -m (or --create-home) option is specified.
If this option is not set, the skeleton directory is defined by the SKEL variable in
/etc/default/useradd or, by default, /etc/skel.
If possible, the ACLs and extended attributes are copied.
-K, --key KEY=VALUE
Overrides /etc/login.defs defaults (UID_MIN, UID_MAX, UMASK, PASS_MAX_DAYS and others).
Example: -K PASS_MAX_DAYS=-1 can be used when creating system account to turn off password ageing,
even though system account has no password at all. Multiple -K options can be specified, e.g.: -K
UID_MIN=100 -K UID_MAX=499
-l, --no-log-init
Do not add the user to the lastlog and faillog databases.
By default, the user's entries in the lastlog and faillog databases are resetted to avoid reusing the
entry from a previously deleted user.
For the compatibility with previous Debian's useradd, the -O option is also supported.
-m, --create-home
Create the user's home directory if it does not exist. The files and directories contained in the
skeleton directory (which can be defined with the -k option) will be copied to the home directory.
By default, if this option is not specified and CREATE_HOME is not enabled, no home directories are
created.
-M
Do no create the user's home directory, even if the system wide setting from /etc/login.defs
(CREATE_HOME) is set to yes.
-N, --no-user-group
Do not create a group with the same name as the user, but add the user to the group specified by the
-g option or by the GROUP variable in /etc/default/useradd.
The default behavior (if the -g, -N, and -U options are not specified) is defined by the
USERGROUPS_ENAB variable in /etc/login.defs.
-o, --non-unique
Allow the creation of a user account with a duplicate (non-unique) UID.
This option is only valid in combination with the -u option.
-p, --password PASSWORD
The encrypted password, as returned by crypt(3). The default is to disable the password.
Note: This option is not recommended because the password (or encrypted password) will be visible by
users listing the processes.
You should make sure the password respects the system's password policy.
-r, --system
Create a system account.
System users will be created with no aging information in /etc/shadow, and their numeric identifiers
are chosen in the SYS_UID_MIN-SYS_UID_MAX range, defined in /etc/login.defs, instead of
UID_MIN-UID_MAX (and their GID counterparts for the creation of groups).
Note that useradd will not create a home directory for such an user, regardless of the default
setting in /etc/login.defs (CREATE_HOME). You have to specify the -m options if you want a home
directory for a system account to be created.
-s, --shell SHELL
The name of the user's login shell. The default is to leave this field blank, which causes the system
to select the default login shell specified by the SHELL variable in /etc/default/useradd, or an
empty string by default.
-u, --uid UID
The numerical value of the user's ID. This value must be unique, unless the -o option is used. The
value must be non-negative. The default is to use the smallest ID value greater than 999 and greater
than every other user. Values between 0 and 999 are typically reserved for system accounts.
-U, --user-group
Create a group with the same name as the user, and add the user to this group.
The default behavior (if the -g, -N, and -U options are not specified) is defined by the
USERGROUPS_ENAB variable in /etc/login.defs.
-Z, --selinux-user SEUSER
The SELinux user for the user's login. The default is to leave this field blank, which causes the
system to select the default SELinux user.
-b, --base-dir BASE_DIR
The path prefix for a new user's home directory. The user's name will be affixed to the end of
BASE_DIR to form the new user's home directory name, if the -d option is not used when creating a new
account.
This option sets the HOME variable in /etc/default/useradd.
-e, --expiredate EXPIRE_DATE
The date on which the user account is disabled.
This option sets the EXPIRE variable in /etc/default/useradd.
-f, --inactive INACTIVE
The number of days after a password has expired before the account will be disabled.
This option sets the INACTIVE variable in /etc/default/useradd.
-g, --gid GROUP
The group name or ID for a new user's initial group (when the -N/--no-user-group is used or when the
USERGROUPS_ENAB variable is set to no in /etc/login.defs. The named group must exist, and a numerical
group ID must have an existing entry.
This option sets the GROUP variable in /etc/default/useradd.
-s, --shell SHELL
The name of a new user's login shell.
groupadd命令
-f, --force
This option causes the command to simply exit with success status if the specified group already
exists. When used with -g, and the specified GID already exists, another (unique) GID is chosen (i.e.
-g is turned off).
-g, --gid GID
The numerical value of the group's ID. This value must be unique, unless the -o option is used. The
value must be non-negative. The default is to use the smallest ID value greater than 999 and greater
than every other group. Values between 0 and 999 are typically reserved for system accounts.
-h, --help
Display help message and exit.
-K, --key KEY=VALUE
Overrides /etc/login.defs defaults (GID_MIN, GID_MAX and others). Multiple -K options can be
specified.
Example: -K GID_MIN=100 -K GID_MAX=499
Note: -K GID_MIN=10,GID_MAX=499 doesn't work yet.
-o, --non-unique
This option permits to add a group with a non-unique GID.
-p, --password PASSWORD
The encrypted password, as returned by crypt(3). The default is to disable the password.
Note: This option is not recommended because the password (or encrypted password) will be visible by
users listing the processes.
You should make sure the password respects the system's password policy.
-r, --system
Create a system group.