Users and Groups

1.Introducing sudo
   On Red Hat, the sudo command is not enabled by default, and you’ll need to enable it. To do this, you need to use a command called visudo to edit the sudo command’s configu-ration file, /etc/sudoers. To do this, you need to log on as the root user and run the visudo command.
          # visudo


   把下面这行注释去掉，This enables any member of a group called wheel to use the sudo command.
          # %wheel  ALL=(ALL)       ALL
   用下面的命令，把ataylo用户添加到wheel组里，这样ataylor就可以使用sudo命令了。
          # usermod –G wheel ataylor

2.Creating Users
   $ sudo useradd –m –c 'John Smith' jsmith

   Option Description
     -c      Add a description of the user
     -d      homedir The user’s home directory
     -m     Create the user’s home directory
     -M    Do not create the user’s home directory (Red Hat only)
     -s      shell Specify the shell the user will use

   2.1 User Default Settings

     On both Red Hat and Ubuntu distributions, the defaults are contained in the /etc/default/useradd file, and you can display the current defaults using the following command:
        $ sudo /usr/sbin/useradd -D 或者 $ sudo cat /etc/default/useradd
     内容如下
     # useradd defaults file
     GROUP=100
     HOME=/home
     INACTIVE=-1
     EXPIRE=
     SHELL=/bin/bash
     SKEL=/etc/skel


     Option     Description
     SHELL    The path to the default shell
     HOME    The path to the user’s home directory
     SKEL      The directory to use to provide the default contents of a user’s new home directory
     GROUP  The default group ID
     INACTIVE   The maximum number of days after password expiration that a password can be changed
     EXPIRE   The default expiration date of user accounts


     The useradd -D Defaults（例:$ sudo useradd -D -s /bin/bash）
     Option      Description
      -b            path/to/default/home Specifies the path prefix of a new user’s home directory
      -e            date Specifies the default expiration date
      -f             days Specifies the number of days after a password has expired before the account will be disabled
      -g            group Specifies the default group
      -s            shell Specifies the default shell

   2.2 Creating Groups
   So how do we tell what groups our new user belongs to? To check the details of a particular user, we can use the id command.
     $ id jsmith
     uid=1003(jsmith) gid=1003(jsmith) groups=1003(jsmith)

    • create new groups

     $ sudo groupadd printing
     $ sudo groupadd finance
    • create users to some groups
     $ sudo useradd -m -c 'Anne Taylor' -G printing,finance ataylor

   2.3 Deleting Users and Groups
    • delete a user
      $ sudo userdel ataylor

     You can force Linux to delete the user’s home directory using the –r option of the userdel command. This will delete the /home/username directory and all files in it, but it won’t delete any files outside of this directory that might also belong to the user.

     But if you do decide to delete a user, you can run the command find / -user UID –o –group GID to find all the files associated with the user you have just deleted.


    • delete a group
      $ sudo groupdel finance

   2.4 Passwords
      $ passwd
      $ sudo passwd jsmith

   2.5 Password Aging
      $ sudo chage -M 30 ataylor

   2.6 Disabling Users

     As the root user, you can also use the passwd command to disable and enable user accounts using the –l, or lock, option. For example, consider the following:
      $ sudo passwd –l ataylor
     You can then unlock the user using the –u, or unlock, option.
      $ sudo passwd –u ataylor

     This doesn’t lock a user out but disables the user’s getting shell access.
      $ sudo usermod –s /sbin/nologin

   2.7 Storing User and Group Data

     The first file, /etc/passwd, contains a list of all users and their details.   Listing 4-12 shows examples of some passwd entries.

      Listing 4‑12. /etc/passwd Entries
      root:x:0:0:root:/root:/bin/bash
      daemon:x:2:2:daemon:/sbin:/sbin/nologin

     Each entry can be broken into its component pieces, separated by a colon.
      username:password:UID:GID:GECOS:Home Directory:Shell
                                                       ↑备注，说明

     On Linux hosts, information about groups is stored in the /etc/groups file.   Listing 4-13 shows a sample from this file.
      Listing 4‑13. Sample of the /etc/groups File
      root:x:0:root
      ataylor:x:501:finance,printing
     The /etc/group file is structured much like the /etc/passwd file, with the data separated by a colon. The file is broken into a group name, a password, the GID, and a   comma-  separated list of the members of that group.
      groupname:password:GID:member,member
                                                 ↑组下面的用户

   2.8 Configuring Your Shell and Environment
      • Environment Variables
        Name        Used For
        HOME      The user’s home directory
        LANG       Defines which language files applications should use
        LS_COLORS      Defines colors used by the ls command
        MAIL        The location of the user’s mailbox
        PATH        A colon-separated list of directories where shells look for executable files

        PS1           Defines the normal prompt
        SHELL      The current shell
        _                Contains the last command executed in this session

      • Command aliases
         $ alias rm='rm -i'
         $ unalias rm
         $ alias