📄 401-404.html
字号:
<HTML>
<HEAD>
<TITLE>Using Linux:Managing Users and Groups</TITLE>
<META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW">
<SCRIPT>
<!--
function displayWindow(url, width, height) {
var Win = window.open(url,"displayWindow",'width=' + width +
',height=' + height + ',resizable=1,scrollbars=yes');
}
//-->
</SCRIPT>
</HEAD>
-->
<!--ISBN=0789716232//-->
<!--TITLE=Using Linux//-->
<!--AUTHOR=William Ball//-->
<!--PUBLISHER=Macmillan Computer Publishing//-->
<!--IMPRINT=Que//-->
<!--CHAPTER=25//-->
<!--PAGES=401-404//-->
<!--UNASSIGNED1//-->
<!--UNASSIGNED2//-->
<CENTER>
<TABLE BORDER>
<TR>
<TD><A HREF="../ch24/399-400.html">Previous</A></TD>
<TD><A HREF="../ewtoc.html">Table of Contents</A></TD>
<TD><A HREF="404-407.html">Next</A></TD>
</TR>
</TABLE>
</CENTER>
<P><BR></P>
<H2><A NAME="Heading1"></A><FONT COLOR="#000077">CHAPTER 25<BR>Managing Users and Groups
</FONT></H2>
<P><I>By Steve Shah</I></P>
<DL>
<DD>Users, groups, and their relation to the system
<DD>Creating, editing, and removing users with <TT>usercfg</TT>
<DD>Creating, editing, and removing users from the command line
<DD>Understanding the user and group configuration files
<DD>The Password Authentication Module (PAM)
</DL>
<H3><A NAME="Heading2"></A><FONT COLOR="#000077">Users, Groups, and Their Relation to the System</FONT></H3>
<P>Unlike many other operating systems currently available on the market, Linux supports the concept of multiple <I>users</I> and <I>groups</I>. A <I>user</I> is someone who has a unique identifier on the system, both a name and a number. This information allows the system to control how access is granted to the system and what the person may do after he or she has been allowed in. Users’ activities are tracked by the system using their unique user identification number.</P>
<TABLE BORDER="2" BORDERCOLOR="#0000" ALIGN="CENTER">
<TR><TD><FONT SIZE="+1"><B>How does this compare to Windows NT?</B></FONT>
<BR>Linux is similar to Windows NT in regards to the concept of users. Each user has a designated set of permissions, which allows them to run certain programs, save files in a certain place, and read files owned by other users provided that other users have set their file permissions accordingly.</TABLE>
<P>A <I>group</I> is a collection of users. Every group also has a unique identification number as well as a unique name by which it can be referenced. Systems administrators often control access by groups. (For example, all users in the group “undergrad” may not log in to the server “insoc.”)</P>
<P>Every user and group has some peripheral information attached to it. The information is listed in Table 25.1.</P>
<TABLE WIDTH="100%"><CAPTION ALIGN=LEFT><B>Table 25.1</B> What makes up a user
<TR>
<TH COLSPAN="2"><HR>
<TR>
<TH WIDTH="30%" ALIGN="LEFT">Field
<TH WIDTH="70%" ALIGN="LEFT">Description
<TR>
<TD>Login
<TD>The user’s unique name in the system.
<TR>
<TD VALIGN="TOP">Password
<TD>The password by which the user may access the system (encrypted).
<TR>
<TD VALIGN="TOP">UID
<TD>Short for User IDentification. This number pairs up with the login name. Every login/uid combination must be unique.
<TR>
<TD VALIGN="TOP">GID
<TD>Short for Group IDentification. This number pairs up with the group the user belongs to by default. All users must belong to at least one group. (See Table 25.2 for more information.)
<TR>
<TD VALIGN="TOP">Comment
<TD>A free-form entry used to describe the user. Usually this is the user’s full name. This entry does not have to be unique.
<TR>
<TD VALIGN="TOP">Home Directory Path
<TD>The directory where the user’s files are stored. Each user’s personal configuration files are kept here. When the user logs in, his or her default directory will be here as well.
<TR>
<TD VALIGN="TOP">shell
<TD>The program that is run automatically when the user logs in. This is usually a shell program such as <TT>/bin/bash</TT>, which gives the user a UNIX prompt (much the same way the <TT>command.com</TT> program gives users access to DOS under Windows).
<TR>
<TD COLSPAN="2"><HR>
</TABLE>
<P>
</P>
<TABLE WIDTH="100%"><CAPTION ALIGN=LEFT><B>Table 25.2</B> What makes up a group
<TR>
<TH COLSPAN="2"><HR>
<TR>
<TH WIDTH="20%" ALIGN="LEFT">Field
<TH WIDTH="80%" ALIGN="LEFT">Comment
<TR>
<TD>Name
<TD>The group’s name. Every group name must be unique.
<TR>
<TD VALIGN="TOP">Password
<TD>If a group has a password to control access to it, this must be set. In most instances, you do not need to worry about setting this.
<TR>
<TD VALIGN="TOP">GID
<TD>Short for Group IDentification. This associates a number to the group name. All group name/group number combinations must be unique.
<TR>
<TD VALIGN="TOP">User list
<TD>A comma-delimited list of users who are part of this group—for example, the list <TT>sshah</TT>, <TT>hornbach</TT>, <TT>jnguyen</TT> indicates that the three users, sshah, hornbach, and jnguyen are in this particular group.
<TR>
<TD COLSPAN="2"><HR>
</TABLE>
<P>These two tables are stored in the files <TT>/etc/passwd</TT> and <TT>/etc/group</TT>, respectively. The programs that manage users in one way or another essentially edit these files for you. If you are feeling adventurous, take a look at the password file in its raw format with the command:</P>
<!-- CODE SNIP //-->
<PRE>
[root@insoc /root]# <B>more /etc/passwd</B>
</PRE>
<!-- END CODE SNIP //-->
<P>Table 25.1 explains each field, but don’t worry if it doesn’t make too much sense. All you <I>need</I> to know is that they are there.</P>
<P>The following sections use this information to establish, edit, and remove users using the tools built into Red Hat Linux.</P>
<H3><A NAME="Heading3"></A><FONT COLOR="#000077">Using the <I>usercfg</I> Tool
</FONT></H3>
<P>The <TT>usercfg</TT> tool is an all-in-one package for manipulating user and group information. Because of its graphical interface, it is easy to use.</P>
<P>To start the program, simply run <TT>usercfg</TT> like so:</P>
<P><FONT SIZE="+1"><B><I>Starting the User Configurator</I></B></FONT></P>
<DL>
<DD><B>1.</B> Log in as the root user.
<DD><B>2.</B> Start the X Window System with the <TT>startx</TT> command.
<DD><B>3.</B> Open up an <TT>xterm</TT> and run the command <TT>usercfg</TT>.
</DL>
<P>The opening window should look something like Figure 25.1.
</P>
<P><A NAME="Fig1"></A><A HREF="javascript:displayWindow('images/25-01.jpg',486,335 )"><IMG SRC="images/25-01t.jpg"></A>
<BR><A HREF="javascript:displayWindow('images/25-01.jpg',486,335)"><FONT COLOR="#000077"><B>Figure 25.1</B></FONT></A> The User Configurator window as it appears when first started.</P>
<P>At the top of the window you see two buttons, one for Users and one for Groups. On startup, the Users button is always highlighted. Below those two buttons is the list of the current users in the system. The first column is the login name; then the User IDentification (UID); the Group IDentification (GID); whether the user’s password exists, is disabled, or empty; and finally, the location of the user’s home directory.
</P>
<P>If you click the Groups button at the top of the window, you can see what the group configuration currently looks like. A stock configuration should look something like Figure 25.2.</P>
<P><A NAME="Fig2"></A><A HREF="javascript:displayWindow('images/25-02.jpg',549,383 )"><IMG SRC="images/25-02t.jpg"></A>
<BR><A HREF="javascript:displayWindow('images/25-02.jpg',549,383)"><FONT COLOR="#000077"><B>Figure 25.2</B></FONT></A> In the first column below the User and Group buttons is the name of the groups, the second column is their Group IDentification (GID), and the last column contains a list of group members.</P>
<DL>
<DD><B>1</B> Name of groups
<DD><B>2</B> Group Identification
<DD><B>3</B> Group members
</DL>
<P><BR></P>
<CENTER>
<TABLE BORDER>
<TR>
<TD><A HREF="../ch24/399-400.html">Previous</A></TD>
<TD><A HREF="../ewtoc.html">Table of Contents</A></TD>
<TD><A HREF="404-407.html">Next</A></TD>
</TR>
</TABLE>
</CENTER>
</td>
</tr>
</table>
<!-- begin footer information -->
</body></html>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -