search

Home  >  Article  >  php教程  >  Linux user, group, permission management

Linux user, group, permission management

高洛峰
高洛峰Original
2016-11-17 09:23:221386browse

1. Basic knowledge:

1. 3A authentication: user authentication, authorization, audit


2. User category, identification, and name resolution database

1. User Category: administrator, ordinary user (ordinary users can be divided into: system users, login users).

2. User ID: UserID UID, generally expressed in 16bits binary (its range is: 0-65535);

Administrator ID: 0;

Ordinary user ID range: 1-65535

System User ID Range: 1-499 (centos6), 1-999 (centos7)

Login user ID range: 500-60000 (centos6), 1000-60000 (centos7)

When users log in, they need to convert their login name to UID. The resolution method is to find the name resolution database (/etc/passwd) in the system

passwd database information such as:

[root@localhost ~]# head -2 /etc/passwd

root:x:0:0:root :/root:/bin/bash

bin:x:1:1:bin:/bin:/sbin/nologin

[root@localhost ~]#


3. Group category, group identification, group Name resolution library

1. Group category classification 1: Administrator group, ordinary user group (ordinary user group is divided into: system group and login group)

1.1. Group identifier: GroupID, GID; generally represented by 16bits binary ( Its range is: 0-65535);

Administrator group ID: 0;

Ordinary user group ID range: 1-65535

System user group ID range: 1-499 (centos6), 1-999 (centos7 )

Login user I group D range: 500-60000 (centos6), 1000-60000 (centos7)

When using the group, you also need to resolve the group name into a GID. The resolution method is to find the name resolution database in the system ( /etc/group)

group database such as:

[root@localhost ~]# head -2 /etc/group

root:x:0: //root is the group name, 0 is the group id

bin: x:1:

[root@localhost ~]#


2. Group category classification two: user’s main group, user’s additional group.

3. Group category classification three: User private group (the group name is the same as the user name and contains only one user), public group (the group contains multiple users)


4. Authentication information: Password authentication ( password)

By comparing the pre-stored information with the information provided when logging in.

User password storage location: /etc/shadow

[root@localhost ~]# head -n 2 /etc/shadow

root:$6$GeKChJmIDB8KmeX2$UwylvnZwolmF7XyddqC5yp3CPd6grCw.aBdsqm8O7a1q3pVOmcXQPSAl7b.E1 TVl.gtOEo2RtkxCiH3TGEsUy.::0:99999: 7:::

bin:*:16659:0:99999:7:::

[root@localhost ~]#


Group password storage location: /etc/gshadow

[root@localhost ~ ]# head -n 2 /etc/gshadow

root:::

bin:::

[root@localhost ~]#


Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:Some simple sql statements compiledNext article:Some simple sql statements compiled

Related articles

See more