Centos5下的用户管理及开通sudo权限

用户管理

# 列出所有用户
getent passwd
cat /etc/passwd

# 查看在线用户
who
# 查看用户信息
id [用户名]
#查看用户登录历史记录
last
last [用户名]

# 增加用户
useradd username -m -s /sbin/nologin -d /home/username -g groupname
-s /sbin/nologin 设置不能登陆 -s /bin/false(老方法) 也行
-d 设置用户主目录
-g 用户组
-m 创建用户目录

Options:
  -b, --base-dir BASE_DIR       base directory for the home directory of the
                                new account
  -c, --comment COMMENT         GECOS field of the new account
  -d, --home-dir HOME_DIR       home directory of the new account
  -D, --defaults                print or change default useradd configuration
  -e, --expiredate EXPIRE_DATE  expiration date of the new account
  -f, --inactive INACTIVE       password inactivity period of the new account
  -g, --gid GROUP               name or ID of the primary group of the new
                                account
  -G, --groups GROUPS           list of supplementary groups of the new
                                account
  -h, --help                    display this help message and exit
  -k, --skel SKEL_DIR           use this alternative skeleton directory
  -K, --key KEY=VALUE           override /etc/login.defs defaults
  -l, --no-log-init             do not add the user to the lastlog and
                                faillog databases
  -m, --create-home             create the user's home directory
  -M, --no-create-home          do not create the user's home directory
  -N, --no-user-group           do not create a group with the same name as
                                the user
  -o, --non-unique              allow to create users with duplicate
                                (non-unique) UID
  -p, --password PASSWORD       encrypted password of the new account
  -r, --system                  create a system account
  -s, --shell SHELL             login shell of the new account
  -u, --uid UID                 user ID of the new account
  -U, --user-group              create a group with the same name as the user
  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user mapping

# 修改密码
passwd [username]

# 删除用户
userdel -r [username]

更改用户权限

# 打开登录权限
usermod -s /bin/bash username
# 禁用用户登录权限
usermod -s /sbin/nologin username
# 锁定用户账号
passwd username –l
# 重新释放
passwd username –u

# 增加sudo权限
visudo -f /etc/sudoers
# 增加 yourusername ALL=(ALL) ALL
# 修改普通用户的.bash_profile文件，在PATH变量中增加 /sbin:/usr/sbin:/usr/local/sbin:/usr/kerberos/sbin

用户组管理

# 列出所有用户组
getent group
cat /etc/group
# 增加用户组
groupadd groupname
# 修改用户的主组
usermod -g [main-groupname] [username]
# 修改用户的附加组, 注意, 这样会覆盖已经设置的其他附加组, 如果不想覆盖, 需要在-G前加上-a
usermod -G [addon-groupname] [username]
# 把 user1 加入 aaa组, -a, --add USER, add USER to GROUP
gpasswd –a user1 aaa
# 还可以使用adduser命令, Add an existing user to an existing group
adduser USER GROUP
# 把 user1 移出 aaa组, -d, --delete USER, remove USER from GROUP
gpasswd –d user1 aaa