Linux学习

一、usermod命令
二、用户密码管理
三、mkpasswd命令 

一、usermod命令

1、更改用户属性的命令，和useradd相似；usermod -u 111 AAA；usermod -g gid username；usermod -d /home/adc/ username；usermod -s /sbin/nologin username；usermod -G 扩展组。

[root@01 ~]# id
uid=0(root) gid=0(root) groups=0(root)
[root@01 ~]# 
[root@01 ~]# usermod -u 111 AAA
[root@01 ~]# !t
tail -n5 /etc/passwd
linux-05:x:1008:1005::/home/admin:/sbin/nologin
linux-06:x:1009:1005::/home/user1:/sbin/nologin
linux-07:x:1010:1005::/home/user1:/sbin/nologin
user2:x:1011:1011::/home/user2:/bin/bash
AAA:x:111:1012::/home/AAA:/bin/bash

[root@01 ~]# usermod -g root AAA
[root@01 ~]# !t
tail -n5 /etc/passwd
linux-05:x:1008:1005::/home/admin:/sbin/nologin
linux-06:x:1009:1005::/home/user1:/sbin/nologin
linux-07:x:1010:1005::/home/user1:/sbin/nologin
user2:x:1011:1011::/home/user2:/bin/bash
AAA:x:111:0::/home/AAA:/bin/bash

[root@01 ~]# !t
tail -n5 /etc/passwd
linux-05:x:1008:1005::/home/admin:/sbin/nologin
linux-06:x:1009:1005::/home/user1:/sbin/nologin
linux-07:x:1010:1005::/home/user1:/sbin/nologin
user2:x:1011:1011::/home/user2:/bin/bash
AAA:x:111:0::/home/admin/:/bin/bash

[root@01 ~]# !t
tail -n5 /etc/passwd
linux-05:x:1008:1005::/home/admin:/sbin/nologin
linux-06:x:1009:1005::/home/user1:/sbin/nologin
linux-07:x:1010:1005::/home/user1:/sbin/nologin
user2:x:1011:1011::/home/user2:/bin/bash
AAA:x:111:0::/home/admin/:/sbin/nologin

[root@01 ~]# usermod -G root admin
[root@01 ~]# su admin
[admin@01 root]$ id
uid=1001(admin) gid=1001(admin) groups=1001(admin),0(root)

一个用户可以属于多个组，但gid只有一个，其他的都叫做扩展组！

二、用户密码管理

1、passwd更改用户密码的命令；普通用户要更改passwd需要拥有set_uid权限；root用户直接执行passwd就可以更改root密码；root下更改普通用户的密码：passwd admin

[root@01 ~]# passwd                       //root用户直接执行passwd就可以更改root密码
Changing password for user root.
New password: 
BAD PASSWORD: The password fails the dictionary check - it is based on a dictionary word
Retype new password: 
passwd: all authentication tokens updated successfully.

[root@01 ~]# chmod u+s passwd            //普通用户要更改passwd需要拥有set_uid权限
[root@01 ~]# su admin
[admin@01 root]$ whoami
admin
[admin@01 root]$ passwd
Changing password for user admin.
Changing password for admin.
(current) UNIX password: 
New password: 
Retype new password: 
passwd: all authentication tokens updated successfully.
[admin@01 root]$ 

[root@01 ~]# passwd admin                //root下更改普通用户的密码：passwd admin
Changing password for user admin.
New password: 
BAD PASSWORD: The password is shorter than 8 characters
Retype new password: 
passwd: all authentication tokens updated successfully.
[root@01 ~]# 

2、etc/shadow下每行的密码处为！表不能登陆，或者*表示密码有问题被锁定。

[root@01 ~]# tail -n8 /etc/shadow
admin:$6$bH4qM9rE$OIcZaMJA0Z1x71rT3ItoOJmhv5PTyTXELLq2dXPpvTvAPPdGclnDvEiINtQCZc5Dbyyz6xsDH52RRDIXo3yf6.:17794:0:99999:7:::
linux-    01:$6$lYDGeaBY$xHO2Q3SW9.0N3ntR5I.YQr2ho852BSgdMDR1ERqGshmO.HFHfYJGwgzVQVD2W/dpEND/77Vu2D2WJi1FI/MPv1:17793:0:99999:7:::
linux-02:!!:17793:0:99999:7:::
linux-05:!!:17793:0:99999:7:::
linux-06:!!:17793:0:99999:7:::
linux-07:!!:17793:0:99999:7:::
user2:!!:17793:0:99999:7:::
AAA:!!:17793:0:99999:7:::
mail:*:17110:0:99999:7:::
operator:*:17110:0:99999:7:::
games:*:17110:0:99999:7:::
ftp:*:17110:0:99999:7:::
nobody:*:17110:0:99999:7:::
systemd-network:!!:17785::::::
[root@01 ~]# 

3、passwd -l admin表示锁定admin这个用户。解除锁定：passwd -u admin或者usermod -L admin、usermod -U admin。

[root@01 ~]# passwd -l admin
Locking password for user admin.
passwd: Success
[root@01 ~]# tail -n10 /etc/shadow
chrony:!!:17785::::::
user1:!!:17790:0:99999:7:::
admin:!!$6$bH4qM9rE$OIcZaMJA0Z1x71rT3ItoOJmhv5PTyTXELLq2dXPpvTvAPPdGclnDvEiINtQCZc5Dbyyz6xsDH52RRDIXo3yf6.:17794:0:99999:7:::
linux-01:$6$lYDGeaBY$xHO2Q3SW9.0N3ntR5I.YQr2ho852BSgdMDR1ERqGshmO.HFHfYJGwgzVQVD2W/dpE    ND/77Vu2D2WJi1FI/MPv1:17793:0:99999:7:::
linux-02:!!:17793:0:99999:7:::
linux-05:!!:17793:0:99999:7:::
linux-06:!!:17793:0:99999:7:::
linux-07:!!:17793:0:99999:7:::
user2:!!:17793:0:99999:7:::
AAA:!!:17793:0:99999:7:::

[root@01 ~]# passwd -u admin
Unlocking password for user admin.
passwd: Success
[root@01 ~]# 

[root@01 ~]# usermod -L admin
[root@01 ~]# passwd -l admin
Locking password for user admin.
passwd: Success
[root@01 ~]# usermod -U admin
[root@01 ~]# 

4、passwd --stdin admin；echo “admin123”|passwd --stdin admin；echo -e "Admin@123\nAdmin@123" |passwd admin。

[root@01 ~]# passwd --stdin admin
Changing password for user admin.
admin
passwd: all authentication tokens updated successfully.
[root@01 ~]# 

[root@01 ~]# echo "admin123"|passwd  --stdin admin
Changing password for user admin.
passwd: all authentication tokens updated successfully.
[root@01 ~]# echo -e "Admin@123\nAdmin@123" |passwd admin
Changing password for user admin.
New password: BAD PASSWORD: The password contains the user name in some form
Retype new password: passwd: all authentication tokens updated successfully.
[root@01 ~]# 

三、mkpasswd命令

1、yum install -y *mkpasswd或者yum install -y expect

image.png

2、mkpasswd；mkpasswd -l 指定长度 -s 指定特殊符合数量；

[root@01 ~]# mkpasswd 
uv8CO7py/
[root@01 ~]# mkpasswd -l 10 -s 3
m3yIA|3!-b
[root@01 ~]# 

mkpasswd用于脚本命令时非常方便！