Home > Article > Operation and Maintenance > What is the user configuration file of linux
What is the user configuration file of linux
- 青灯夜游Original
- 2023-02-14 11:37:395162browse
There are four Linux user configuration files: 1. "/etc/passwd", the system user roster, which stores the basic information of all users in the system, and all users can perform read operations on this file; 2. "/etc/shadow", used to store password information of users in the system; 3. "/etc/group", used to store all information of user groups in the system; 4. "/etc/gshadow", used to Stores password information for group users.
#The operating environment of this tutorial: linux7.3 system, Dell G3 computer.
Linux User Configuration File
The four configuration files involved in Linux user management will be discussed below.
These four files are the core of user management. The final destination for any operation of users and user groups in the system is these four files. These four files can be divided into two groups. The first group of files stores user-related configuration data, and the second group of files stores user group-related configuration data.
- User related configuration data
-
/etc/passwd: System user roster, which stores the basic information of all users in the system , and all users can perform read operations on this file.
-
-
/etc/shadow: System user shadow file, used to store password information of users in the Linux system, also known as "shadow document".
-
- User group related configuration data
-
/etc/group: System user group roster, which is the user group configuration File, that is, all information about the user group is stored in this file.
-
- ##/etc/gshadow
: System user group shadow file, used to store password information of group users
- ##/etc/gshadow
Usage
/etc/passwd There are many lines in it, each line stores the information of a user . Each line has seven fields, each field is separated by a colon:
- First field
: Username - Second field
: Password (replace with Field: User's main user group GID -
Fifth field: User description (empty if not set) -
Sixth field: The location of the user's home directory -
The seventh field: The shell type used by the user -
/etc/shadow is /etc Shadow file for /passwd. Generally speaking, the number of lines in the shadow file content and the number of lines in the passwd file content should be the same. Each line of the shadow file also stores user information and complements the passwd file. The two files together provide a complete description of each user in the system. Each line of the shadow file has nine fields:
Second field
-
The third field: The password was last modified (from 1970/1/1 The number of days until the password was last modified) -
The fourth field: Minimum time interval for password modification (the minimum number of days required between two modifications of the user's password, the default is 0, means The user password can be modified at any time) -
Fifth field: Maximum time interval for password modification (the maximum number of days that the user password remains valid, the default is 99999, about 273 years, that is, regular updates are not mandatory Good intentions) -
Sixth field: Password expiration warning time (the number of days from the system starting to warn the user to the official expiration of the user's password, the default is 7, indicating that this function is not enabled) -
Seventh field: How many days after the user password becomes invalid, the system will disable this user. After disabling, the system will not allow this user to log in, and will not prompt the user to expire (the default is empty, which means Do not enable this function) -
Eighth field: User expiration time (equivalent to specifying the user's lifetime, the unit is days, the relative starting time is also 1970/1/1. After expiration, the user will not be able to log in. The default is empty, which means this user is permanently available) -
Ninth field: Reserved field. Currently empty. -
/etc/group There are many lines in it, and each line stores the information of a user group. Each line has four fields, each separated by a colon: -
-
First field: User group name -
Second field: User group password (User group password is rarely used, only in large-scale When the server specifies some permission models with a relatively complex relationship structure for many users and groups, it is necessary to set the user group password. By default, x is used instead, and the real password is placed in the /etc/gshadow file) -
Third field: User group GID -
Fourth field: List of users belonging to the user group. If there are multiple users, use commas to separate them. If this field is empty, it does not necessarily mean that the user group has no users, because if the user group is the main user group of a user, the user will not be displayed in the list.
/etc/gshadowis the shadow file of /etc/group. Generally speaking, the number of lines in the gshadow file content and the number of lines in the group file content should be the same. Each line of the gshadow file also stores user group information, which complements the group file. The two files together provide a complete description of each user group in the system. There are four fields in each line of the gshadow file:-
First field: User group name -
Second field: User group encryption Password after (empty or exclamation mark means no password) -
Third field: Group managers (can be empty, if there are multiple user group managers, they need to be separated by commas) -
Fourth field: List of users belonging to this user group
When we use the useradd command to add a user and use the passwd command to set a password for the newly added user , the user information will be automatically written into the /etc/passwd and /etc/shadow files. Similarly, when you use the groupadd command to add a user group, the information will also be automatically written to /etc/group and /etc/gshadow. Theoretically, we can modify any attribute of a user or user group by modifying the contents of these configuration files, but this is not recommended. Because manually modifying configuration files can easily cause confusion in system user or user group management.
Why should user information be stored in two files separately? Due to system requirements, the passwd file is readable by all users, because the information that users need to protect, such as passwords, cannot be placed in passwd. This part of the information is placed in the shadow file. Shadow files can only be viewed and modified by the root user, which is relatively safer. The reason why user group information is stored separately is exactly the same as the reason why user information is stored separately.
root@centos:~# ls -l /etc/passwd -rw-r--r-- 1 root root 4500 6月 1 00:30 /etc/passwd root@centos:~# ls -l /etc/shadow -rw-r----- 1 root shadow 5251 6月 1 00:30 /etc/shadow root@centos:~# ls -l /etc/group -rw-r--r-- 1 root root 1664 6月 1 00:30 /etc/group root@centos:~# ls -l /etc/gshadow -rw-r----- 1 root shadow 1354 6月 1 00:30 /etc/gshadow
Related recommendations: "Linux Video Tutorial"
-
The above is the detailed content of What is the user configuration file of linux. For more information, please follow other related articles on the PHP Chinese website!