📄 linux-adduser.html
字号:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"><HTML><HEAD><TITLE>Josh's Linux Guide - Adding New Users</TITLE> <META NAME="Description" CONTENT="Guide on adding new users under the Linux operating system."> <META NAME="Keywords" CONTENT="Red Hat, beginners, Linux, adding, new, users"></HEAD><LINK REL="stylesheet" TYPE="text/css" HREF="default.css"><BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#7F007F"><H2><A NAME="0">Adding a New User</A></H2><FONT SIZE="-1"><B>Last updated: September 13, 1999</B></FONT><BR><FONT SIZE="-1"><B>Development stage: Alpha</B></FONT><P>One of the nifty things about Linux (or any other Unix) is the factthat it allows different users to use the system. The root user iscommonly known as the superuser, since he/she/it has control overeverything on the system. Being logged in as <TT>root</TT> unnecessarilyis commonly known to be dangerous and a security risk, so you create anormal user account for yourself so you don't screw up the system.</P><P>The advantages of having many users and one superuser account (for theadministrator) is that the normal user can't screw anything up on thefilesystem; normal users don't have the ability to delete files that areessential to running the Linux machine smoothly. But since you're runningyour own Linux system, you're still in charge.</P><H3><A NAME="1">The Easy Way to Add Users</A></H3><P>To easily add a new login profile (commonly known as a user), type:</P><PRE># adduser <username></PRE><P>Alternatively, if you're using Slackware, use the <TT>useradd</TT>command. I'm not sure, but the syntax is probably <TT>useradd<username></TT> also. For Debian, that probably has<TT>adduser</TT>, same as Red Hat. Adduser is a shellscript that"automates the really boring and repetitive task of creating new useraccounts". Skip the section "The Hard Way to Add Users" ifthis was successful.</P><H3><A NAME="2">The Hard Way to Add Users</A></H3><P>If you don't have any utilities at all on your system, I guess you'llhave to add users the hard way. I really recommend that you get ashellscript or some sort of utility and use that instead; one is availablefor download <A HREF="adduser">right here</A>. Put the file in /usr/sbin/and type <TT>chmod +x /usr/sbin/adduser</TT> so you can run it. Then youcan use the instructions under "The Easy Way to Add Users"instead of this section.</P><P>If you're still reading, we're going to add a user and we'll call him"joe".</P><H4><A NAME="3">Edit /etc/passwd</A></H4><P>First, edit <TT>/etc/passwd</TT> by typing <B>pico /etc/passwd</B> (orin place of pico you can use vim, emacs, joe, jed, or whatever texteditor). At the bottom of the file, add this:</P><PRE>joe::500:500:Joe:/home/joe:/bin/bash</PRE><P>The first field is joe's username, "joe". The second field,between the two semicolons ("::"), is where the password shouldbe, but it's not set. When you set it, that field will become garbled withthe encrypted password. The two fields with "500" are the userID and group ID. Since joe is the first user you're adding, he starts outwith the 500 ID. The next user you add should have a user and group ID of501, and it keeps going up to about 65,000. The field with "Joe"in it is what the real name of user "joe" will appear as. "/home/joe" is user joe's home directory, which is where hekeeps all his files and stuff. Finally, "/bin/bash" is theshell he uses to type in commands. With "/bin/bash" set as hisshell, joe can log in and type in commands. If you don't want to let joelog in and type in commands, use "/dev/null" instead of"/bin/bash". <H4><A NAME="4">Edit /etc/group</A></H4><P>Now type <TT>pico /etc/group</TT> and insert the line:</P><PRE>joe::500:joe</PRE><P>The first "joe" is the group name. Make sure you have twosemicolons. Then put in the group ID of joe, which, if you can remember,is 500. Since joe is the only member of the group joe, then you type joeagain. Simple enough, right?</P><H4><A NAME="5">Create Mail File</A></H4><P>Usually the mail for users is stored in <TT>/var/spool/mail/</TT>. Asroot, type <TT>pico /var/spool/mail/joe</TT> and without typing anythingat all, exit and save the changes.</P><P>Make joe the owner of that file by typing <B>chown joe.mail/var/spool/mail/joe</B>. We don't want anyone to read joe's mail so type<B>chmod 660 /var/spool/mail/joe</B>.</P><H4><A NAME="6">Create Home Directory</A></H4><P>Do <B>mkdir /home/joe</B> as root. After that's done, type <B>chownjoe.joe /home/joe ; chmod 2775 /home/joe</B>. Now you can set thepassword.</P><H3><A NAME="7">Setting the Password</A></H3><P>Now, you shouldn't forget to set a password or else the user won't beable to log in (or maybe anybody can log in as that user). To set apassword, type:</P><PRE># passwd <username></PRE><P>It will prompt you to type in a password twice. If it gives any errors,make sure the password isn't a common word, has 6-8 characters, or has toomany of one character. This may seem limiting and insecure at first, butit actually enhances the security of each user. If you are using Red Hat4.0, you might have to remove a userlock by typing <B>rm/etc/.pwd.lock</B>. This is a bug in Red Hat 4.0 that is not in Red Hat4.1 or 4.2. Do <B>not</B> remove /etc/passwd or else you're really introuble; no users will be able to log in, not even the root user, so youmight end up reinstalling!</P><H3><A NAME="8">Change Finger Information</A></H3><P>After you add users and set their passwords, you might want to do a<TT>chfn [user]</TT> as root to change information like the user's realname (if you choose to supply it and make it available). The <TT>chfn</TT>program is to <B>ch</B>ange the <B>f</B>i<B>n</B>ger information for auser, so that anybody using "finger" protocol sees whatinformation about a user is available, such as their real name, the timeof their last login, and other stuff.</P><H3><A NAME="9">Groups</A></H3><P>You can create groups of users that are identifiable through one name. For example, I have a group called "josh" in my system, andmembers of those groups are the users <TT>jgo</TT>, <TT>joshuago</TT>, and<TT>jgo.local.net</TT>.</P><P>So how can these be useful? Well, you can change a file to be owned bya group of users instead of just one user, so that they all can write tothe file.<H4><A NAME="10">Edit /etc/group</A></H4><P>If you've got pico installed as your text editor, use that for now, oruse whatever other text editor you prefer (vi, vim, emacs, joe, jed, thelist goes on). Anyway, start out by editing <TT>/etc/group</TT>, a filethat contains a list of the groups.</P><P>Take the example from the line starting with "users". On mysystem it looks like this:</P><PRE>users::100:joshuago,jgo,jgo.local.net,juliusgo,todd</PRE><P>That's what I did to start out, taking the existing example. Then Iadded my group, "josh", so it would include only my accounts andnot the other people's accounts.</P><P>So, I took that format and added my own user group:</P><PRE>josh::101:joshuago,jgo,jgo.local.net</PRE><P>Exit your text editor and say yes to saving the changes. That puts my<TT>joshuago</TT>, <TT>jgo</TT>, and <TT>jgo.local.net</TT> accounts allinto one group. When I'm still logged in as any of those users though, Ican't know that I'm a member of that newly created group unless I log outand log in again. Then I can type <B>groups</B> and it will show all thegroups that I'm a member of.</P><H4><A NAME="11">Changing File Ownership</A></H4><P>To change ownership of a file or directory so that members of my groupcan read, write, and/or execute that file, I have to log in and type:</P><PRE>chgrp josh [file_or_directory]</PRE><P>That will show up when you do an <TT><B>ls -l</B></TT>, that its owneris whoever created it, and that the group that owns it is"josh".</P><H4><A NAME="12">Changing Permissions (Access to the File)</A></H4><P>If you want to let others in your group read from a file that you own,type <TT>chmod g+r file</TT>. To let other members of your group write toa file that belongs to you, do a <TT>chmod g+w file</TT>. To let a memberof your group execute the file, type <TT>chmod g+x file</TT>. In caseyou're confused, "file" simply represents the name of the fileyou're trying to change permissions for. The parts after the"g+" part of the command line can be combined so that you letyour users access a file through reading, writing, and executing. Forexample, to give members of your group just that (reading, writing, andexecuting permission), type <TT>chmod g+rwx file</TT>.</P><P>In place of the "+" after the "g" in the<TT>chmod</TT> command line, you can add a minus sign ("-") totake away those access rights. :)</P><P>This will let only the group that owns the file access it. Only theowner (a single user, not an entire group of users) can change thepermissions.</P><H4><A NAME="13">Other Stuff on Permissions</A></H4><P>In place of "g" in the chmod command line (which changesaccess rights for the group) you can use "u" (for <B>u</B>ser,the one who owns the file), and "o" (for <B>o</B> others, whodon't belong to the group.</P><HR><P>Comments, questions, suggestions, corrections? Send them to <AHREF="mailto:jgo@local.net">Joshua Go</A>. You can also use the <AHREF="guestbook.html">guestbook</A> or <A HREF="help.html">helpform</A>.</P><HR><P><B><FONT SIZE="-1">Copyright © 1997-1998 <AHREF="mailto:jgo@local.net">Joshua Go (jgo@local.net)</A>. Allrights reserved. Permission to use, distribute, and copy this document ishereby granted. You may modify this document as long as credit to me isgiven.</FONT></B></P></BODY></HTML>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -