linux创建用户的本质介绍,linux创建本质


ref: useradd命令的参数 /etc/default/useradd配置文件 /etc/skel目录下的文件 手动创建一个用户

useradd命令的参数

[vincent@localhost ~]$ useradd --help
-bash: /usr/sbin/useradd: Permission denied
[vincent@localhost ~]$ sudo useradd --help
[sudo] password for vincent:
Usage: useradd [options] LOGIN
       useradd -D
       useradd -D [options]

Options:
  -b, --base-dir BASE_DIR       base directory for the home directory of the
                                new account
  -c, --comment COMMENT         GECOS field of the new account
  -d, --home-dir HOME_DIR       home directory of the new account
  # 可以看出,这个参数可以打印添加用户时默认的配置文件
  -D, --defaults                print or change default useradd configuration
  -e, --expiredate EXPIRE_DATE  expiration date of the new account
  -f, --inactive INACTIVE       password inactivity period of the new account
  -g, --gid GROUP               name or ID of the primary group of the new
                                account
  -G, --groups GROUPS           list of supplementary groups of the new
                                account
  -h, --help                    display this help message and exit
  -k, --skel SKEL_DIR           use this alternative skeleton directory
  -K, --key KEY=VALUE           override /etc/login.defs defaults
  -l, --no-log-init             do not add the user to the lastlog and
                                faillog databases
  -m, --create-home             create the user's home directory
  -M, --no-create-home          do not create the user's home directory
  -N, --no-user-group           do not create a group with the same name as
                                the user
  -o, --non-unique              allow to create users with duplicate
                                (non-unique) UID
  -p, --password PASSWORD       encrypted password of the new account
  -r, --system                  create a system account
  -R, --root CHROOT_DIR         directory to chroot into
  -s, --shell SHELL             login shell of the new account
  -u, --uid UID                 user ID of the new account
  -U, --user-group              create a group with the same name as the user
  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user mapping

# 查看添加用户时的默认配置
[vincent@localhost ~]$ sudo useradd -D
GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=
SHELL=/bin/bash
SKEL=/etc/skel
CREATE_MAIL_SPOOL=yes
[vincent@localhost ~]$ sudo useradd -D -s /sbin/nologin

# 其实上面输出的结果就是/etc/default/useradd文件里面的内容
]$ sudo cat /etc/default/useradd
# useradd defaults file
GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=
SHELL=/sbin/nologin
SKEL=/etc/skel
CREATE_MAIL_SPOOL=yes

/etc/default/useradd配置文件

即useradd -D打印的输出结果的来源

/etc/skel目录下的文件

此目录下的文件会在创建用户时,将此目录下的文件复制至新创建用户的家目录下,前提是这个用户有家目录

目录树如下

[vincent@localhost ~]$ sudo ls -la /etc/skel/
total 24
drwxr-xr-x.  2 root root   59 Mar 22 11:14 .
drwxr-xr-x. 74 root root 8192 Mar 22 13:47 ..
-rw-r--r--.  1 root root   18 Nov 20  2015 .bash_logout
-rw-r--r--.  1 root root  193 Nov 20  2015 .bash_profile
-rw-r--r--.  1 root root  231 Nov 20  2015 .bashr

手动创建一个用户

1、创建用户的家目录

$ sudo mkdir /home/annie
[sudo] password for vincent: 

2、拷贝登录、登出使用的文件于新用户目录

[vincent@localhost ~]$ sudo ls /etc/skel/ -a
.  ..  .bash_logout  .bash_profile  .bashrc
[vincent@localhost ~]$ sudo cp /etc/skel/.bash_logout  /etc/skel/.bashrc /etc/skel/.bash_profile /home/annie/

3、修改相关的配置文件

/etc/passwd
$ grep annie /etc/passwd
annie:x:1001:1001:vincent:/home/annie:/bin/bash
/etc/shadow
$ sudo grep annie /etc/shadow 
annie:$6$PiTiKh9B$Da4VaaR0qlk55r1VFyX3OfQfgj944xExTIdAsyVVTqjmf/u.On8MAfkV0B9RQg5E/OzWj2nYEHGnX.M8feXE3/:17612:0:99999:7:::
/etc/group
$ sudo grep annie /etc/group 
annie:x:1001:annie

4、修改密码,登录测试

[vincent@localhost ~]$ sudo passwd annie 
Changing password for user annie.
New password: 
BAD PASSWORD: The password is shorter than 8 characters
Retype new password: 
passwd: all authentication tokens updated successfully.
[vincent@localhost ~]$ 
[vincent@localhost ~]$ 
[vincent@localhost ~]$ su - annie 
Password: 
Last failed login: Thu Mar 22 17:26:18 EDT 2018 on pts/1
There was 1 failed login attempt since the last successful login.
[annie@localhost ~]$ 
[annie@localhost ~]$ id 
uid=1001(annie) gid=1001(annie) groups=1001(annie)
[annie@localhost ~]$ who am i 
vincent  pts/1        2018-03-22 17:23 (172.16.81.1)
[annie@localhost ~]$ id annie 
uid=1001(annie) gid=1001(annie) groups=1001(annie)
[annie@localhost ~]$ logout

相关内容