What are the types of linux user groups?

There are two types of Linux user groups: 1. Basic group (private group); when creating an account, if the group to which the account belongs is not specified, the system will create a group with the same name as the user , this group is the basic group. 2. Additional groups (public groups) can accommodate multiple users, and users in the group have the rights owned by the group.

Classification of Linux users and groups

1. Users under Linux can be divided into 3 categories

• Super user - the user name is root, which has all permissions. You can log in as a super user only for system maintenance (for example: creating users, etc.) or other necessary circumstances to avoid system security problems.

• The user necessary for the normal operation of the Linux system is the pseudo user (system user). It is mainly established to meet the requirements of the corresponding system processes for file owners, such as bin, daemon, adm, lp and other users. System users cannot be used to log in.

• Ordinary user - is established to allow users to use Linux system resources. Most of our users fall into this category.

2. There are two types of groups in Linux:

• Basic group ( private group ) : When creating an account, if the group to which the account belongs is not specified, the system will create a group with the same name as the user name. This group is the basic group.

• Additional Group ( public group ) : Can accommodate multiple users, and users in the group have the rights owned by the group.

3. Configuration files of user groups and users in Linux

In Linux, user accounts, passwords, user group information, and users Group passwords are stored in different configuration files.

/etc/passwdUser password/etc/shadowUser group account file/etc/gruoupUser group password file/etc/gshadow##

(1) User account file——/etc/passwd

passwd is a text file used to define user accounts of the system, since all users have passwd has read permission, so only user accounts are defined in this file, and passwords are not saved.

# Each line defines a user account information, each line consists of 7 It consists of fields, and the fields are separated by ":" separated by:

Account Name : password :UID:GID: personal information : Main directory :Shell

/etc/passwd Field description in the file

• Account name: User login Linux The name used by the system.

• Password: This was where passwords were previously saved in encrypted format, now passwords are saved in /etc/shadow file, here is just the password holder "x" or "*" . If "x" , indicating that the password has passed shadow protection of.

• UID : The user's identifier is a numerical value, which is used to distinguish different users. Each user has a UID Value:

  of super user UID——0

• System user’s UID——1 ~ 999

• for ordinary users UID—— ≥ 1000

• GID : The identifier of the basic group where the user is located is a numerical value, which is used to distinguish different groups. The same group has the same GID .

• Personal information: You can record the user’s complete name, address, office phone number, home phone number and other personal information.

• Home directory: similar Windows 's personal directory, usually /home/username ,here username is the username, user executes "cd ~ " command, the current directory will be switched to the personal home directory.

• Shell : Define what is activated after the user logs in Shell , the default is Bash Shell

(2) User password file——/etc/shadow

#Each line A user information is defined. Each field in the row is separated by ":". The format is as follows:

Login name: Encrypted password: Last modification time: Minimum time interval: Maximum time interval: Warning time: No Active Time:Expiration Time:Flag The meanings of the 9 fields in each line of the

/etc/shadow file are fields

• Login name: Login name

• Encrypted password: Password encrypted using SHA-512/SHA-256/MD5 algorithm ($id$, id is 1 for md5, 5 for sha256, 6 for sha512), if it is empty, Indicates that the user can log in without a password. If it is "*", it means that the account cannot be used to log in to the system. If it is "!", it means that the account password has been locked.

• Last modification Time: The date when the password was last changed, expressed as the number of days from January 1, 1970

• Minimum time interval: How many days the password cannot be changed. The default value is 0, which means there is no limit.

• Maximum time interval: how many days after which the password must be changed. The default value is 99999, which means no restriction.

• Warning time: how many days in advance to warn the user that the password will expire. The default value is 7 days, 0 means no warning is provided

• Inactivity time: How many days after the password expires to disable this user

• Expiration time: Password expiration date, expressed in days from January 1, 1970, the default is Empty, means permanently available. Flag: reserved for future development.

View the date when the user last modified the root password

(3) User group account file -/etc/group

Each group in the system has a line record in the /etc/group file, and any user can Read the user group account information configuration file.

Field description

• Groupname: The name of the group

• Passwd: The encrypted password of the group

• GID: It is the ID that the system uses to distinguish different groups. The GID field in the /etc/passwd domain uses this number to specify the user's basic group.

• Userlist: It is the user name separated by ",", and the listed members have this group as an additional group.

Assignment:

1. Create user lockuser, and specify the home directory as /home/lock, and then lock the user

2. Unlock lockuser and set the password to be changed the next time you log in.

3. Create user testuser and set password , change the user name to normaluser

4. Create a file, query the acl of the file, set acl for the file. The user is testuser1 and the permission is rwx. Set the acl mask: permission for the file. For r-x

5, set suid, set suid for the file (two ways u s and nnnn)
6. Set sgid, the way to set sgid for files (two ways g s and nnnn)
7. Set sbit, the way to set sbit for directories (two ways o t and nnnn)

Linux Add User to User Group

Through several examples using the Linux command line, I will show you step by step how to add users to the user group on Linux. Add users to user groups and how to add users and groups on Linux. These commands should work on any Linux distribution and have been tested on CentOS, Debian, and Ubuntu.

Add a new user to the user group

A Linux user can have a primary group and one or more secondary groups. These groups can be used as arguments to the adduser command when creating a user.

All commands must be executed as the root user. On Ubuntu, prepend all commands with sudo, or run sudo -s to switch to the root user.

Add user groups

As a first step, I will add two new user groups, family and friends :

groupadd family
groupadd friends

Add a new user to a single user group

Below I will add a new user tom and also add the user to the user group Groupfamily. The family user group will be added as a subordinate group using the -G parameter.

useradd -G family tom

Add new user to multiple user groups

tom is now a user in the family user group. Parameter -G allows specifying multiple user groups, separated by commas between each user group. If you want to add user tom to the family and friends user groups, use the following command:

useradd -G family,friends tom

Set User Password

Please note that new Linux user tom does not have a password yet, so cannot log in. To set the password for this user, you can execute the following command:

passwd tom

and enter the new password twice when the command requests it.

In the above example, we added user tom to the secondary group. The adduser command automatically created a new primary group and assigned the group Main group.

• Username: tom

• Main group: tom

• Affiliated group: family (or Use the second case to add two subsidiary groups, family and friends)

Set a new main group

Maybe you want to add ## When using #tom, set the main group to family (instead of the tom user group created by default), and the subsidiary group to friends, you can use this Command:

useradd -g family -G friends tom

Use the

man command to get a detailed description of all command line options of the useradd command:

man useradd

Add an existing user to the user group

For this task, we will use the

usermod command. usermod The command can modify various options of the user, including the user's group membership.

First I will add a third user group

colleagues:

groupadd colleagues

using usermod

I will add the

colleagues user group as an affiliate group to the user tom:

usermod -a -G colleagues tom

Command explanation:

-a means append, which can only be used in combination with the -G option (affiliated group). So in the end we added the tom user to the colleagues user group, which is an affiliated group of the user.

-G 选项可以指定多个用户组，每个用户组之间使用逗号进行分隔。例如：-G group1,group2,group3。

如果想要修改 tom 用户的主组为 family，可以使用命令：

usermod -g family tom

使用 man 命令可以获取 usermod 命令的所有命令行选项的详细说明：

man usermod

File function	File name
##User account file

The above is the detailed content of What are the types of linux user groups?. For more information, please follow other related articles on the PHP Chinese website!