Linux学习笔记11 usermod,chsh,chfn,passwd,pwck,groupadd,groupmod,groupdel,newgrp,chage

1.usermod

usermod USERNAME

选项

• -c --coment: 修改用户commet
• -d --home: 修改家目录 -m移动家目录到此目录
• -g --gid: 基本组id
• -G --groups GROUP1,GROUP2...: 附加组 以,隔开 加入-a选项追加组 否则覆盖原来的附加组
• -l --login: 登录用户名
• -L --lock: 锁定用户不能登录
• -p --password: 修改密码
• -s --shell: 修改shell
• -u --uid: 修改uid
• -U --unlock: 解锁账户

例子

创建user2:

[root@localhost home]# useradd user2[root@localhost home]# cat /etc/passwd|grep user2user2:x:4005:4005::/home/user2:/bin/bash

修改user2 uid为5000

[root@localhost home]# usermod -u 5000 user2[root@localhost home]# !catcat /etc/passwd|grep user2user2:x:5000:4005::/home/user2:/bin/bash

修改user2 comment:

[root@localhost home]# usermod -c "this is new user2 comment" user2[root@localhost home]# !catcat /etc/passwd|grep user2user2:x:5000:4005:this is new user2 comment:/home/user2:/bin/bash

修改user2基本组为mygroup:

[root@localhost home]# usermod -g mygroup user2[root@localhost home]# cat /etc/passwd|grep user2user2:x:5000:503:this is new user2 comment:/home/user2:/bin/bash[root@localhost home]# cat /etc/group|grep mygroupmygroup:x:503:

修改user2附加组为user3,user4:

[root@localhost home]# usermod -G user3,user4 user2[root@localhost home]# cat /etc/group|grep user2user3:x:504:user3,user2user4:x:505:user3,user2user2:x:4005:

修改user2附加组为user3,user4,user5 使用-a选项追加一个user5附加组:

[root@localhost home]# usermod -aG user5 user2[root@localhost home]# cat /etc/group|grep user2user3:x:504:user3,user2user4:x:505:user3,user2user5:x:506:user3,user2user2:x:4005:

修改user2用户名为user2newname:

[root@localhost home]# usermod -l user2newname user2[root@localhost home]# cat /etc/passwd|grep user2user2newname:x:5000:503:this is new user2 comment:/home/user2:/bin/bash

修改user2newname shell为/etc/tcsh:

[root@localhost home]# usermod -s /bin/tcsh user2newname[root@localhost home]# cat /etc/passwd|grep user2user2newname:x:5000:503:this is new user2 comment:/home/user2:/bin/tcsh

锁定用户user2newname不登录:

## 加密码[root@localhost home]# passwd user2newnameChanging password for user user2newname.New password:Retype new password:passwd: all authentication tokens updated successfully.## 锁定用户 ssh输入密码无法登录[root@localhost home]# usermod -L user2newnamessh user2newname@192.168.17.173user2newname@192.168.17.173's password:Permission denied, please try again.## 解锁用户 ssh[root@localhost home]# usermod -U user2newname

2.chsh 修改用户登录默认shell

chsh USERNAME

例子

[root@localhost home]# cat /etc/shells/bin/sh/bin/bash/sbin/nologin/bin/dash/bin/tcsh/bin/csh[root@localhost home]# chsh user3Changing shell for user3.New shell [/bin/bash]: /bin/tcshShell changed.# 成功修改shell为/bin/tcsh[root@localhost home]# cat /etc/passwd|grep user3user3:x:1000:503:user3_name,user3_office,13776531050,57865497:/home/user3_new_home:/bin/tcsh

3.chfn 修改用户注释信息

chfn USERNAME

例子

[root@localhost home]# chfn user3Changing finger information for user3.Name []: user3_nameOffice []: user3_officeOffice Phone []: 13776531050Home Phone []: 57865497Finger information changed.[root@localhost home]# finger user3Login: user3                    Name: user3_nameDirectory: /home/user3_new_home         Shell: /bin/bashOffice: user3_office, +1-377-653-1050   Home Phone: 57865497Last login Thu Feb 16 20:29 (CST) on pts/1 from 192.168.17.1No mail.No Plan.# comment以,分割[root@localhost home]# cat /etc/passwd|grep user3user3:x:1000:503:user3_name,user3_office,13776531050,57865497:/home/user3_new_home:/bin/bash

4.passwd 修改密码

passwd USERNAME

选项

• --stdin: 标准输入密码
• -l: 锁定用户
• -u: 解锁账户
• -d: 删除密码

例子

修改user3密码为a123456:

[root@localhost home]# echo "a123456"|passwd --stdin user3Changing password for user user3.passwd: all authentication tokens updated successfully.[root@localhost home]# cat /etc/shadow|grep user3

删除user3密码：

[root@localhost home]# cat /etc/shadow|grep user3user3:$6$CDPD9so4$bpLPRIR3YT.0xp8OBjn.GDklx.vNvyXqihrlRA5g2lRQ4CfQKH6/hOYNRc4sc1hR7Xakh.ZhjpuIDhV0Lksy/0:17213:0:99999:7:::[root@localhost home]# passwd -d user3Removing password for user user3.passwd: Success[root@localhost home]# cat /etc/shadow|grep user3user3::17213:0:99999:7:::

5.pwck

命令用来验证系统认证文件/etc/passwd和/etc/shadow的内容和格式的完整性。

6.groupadd 创建组

选项

• -g GID:
• -r: 添加为系统组

例子

新增组id为489名为nginx的系统组

[root@localhost home]# groupadd -g 489 -r nginx[root@localhost home]# tail -1 /etc/groupnginx:x:489:

7. groupmod 修改组

选项

• -g GID:
• -n GROUPNAME: 修改组名

例子

修改nginx 组id为490

[root@localhost home]# groupmod -g 490 nginx[root@localhost home]# !tailtail -1 /etc/groupnginx:x:490:

修改nginx组名为nginxnewname

[root@localhost home]# groupmod -n nginxnewname nginx[root@localhost home]# !tailtail -1 /etc/groupnginxnewname:x:490:

8.groupdel 删除组

gpasswd GROUPNAME

9.gpasswd 为组加密码

gpasswd GROUPNAME
组加密码 用户切换改组输入密码就可以切换基本组为该组
如果用户的附加组包含切换的组 就不需要输入密码

例子

为组mygroup添加密码

[root@localhost home]# gpasswd mygroupChanging the password for group mygroupNew Password:Re-enter new password:

添加用户hadoop, 此时hadoop基本组默认为hadoop:

[root@localhost home]# useradd hadoop[hadoop@localhost ~]$ iduid=1001(hadoop) gid=503(mygroup) groups=503(mygroup),1001(hadoop) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

切换用户为hadoop,临时切换基本组为mygroup 输入组密码切换成功

[root@localhost home]# su - hadoop[hadoop@localhost ~]$ newgrp mygroupPassword:[hadoop@localhost ~]$ iduid=1001(hadoop) gid=503(mygroup) groups=503(mygroup),1001(hadoop) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

exit退出 切换基本组为原来的hadoop组：

[hadoop@localhost ~]$ exitexit[hadoop@localhost ~]$ iduid=1001(hadoop) gid=1001(hadoop) groups=1001(hadoop) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

10.newgrp 切换用户当前基本组

11.chage

选项

• -d --lastday: 最近一次的修改时间
• -E --expiredate: 过期时间
• -I --inactive: 非活动时间
• -m --mindays: 最短使用期限
• -M --maxdays: 最长使用期限
• -W --warndays: 警告时间
• -l --list: 列出用户以及密码的有效期