type | description |
---|---|
root user | can log into the system; uid of 0; created by default |
system or service user | cannot log into the system; uid of -1000 (or -500) |
standard user | can log into the system; uid of +1000 (or +500) |
type | description |
---|---|
system or service group | gid of -1000 (or -500) |
standard group | gid of +1000 (or +500) |
command | description |
---|---|
useradd |
add user |
usermod |
modify user |
userdel |
delete user |
passwd |
set user password |
groupadd |
add group |
groupmod |
modify group |
groupdel |
delete group |
gpasswd |
set group password |
finger <user> |
display user info |
id <user> |
display user id |
groups <user> |
display user groups |
pwck |
verify integrity of /etc/passwd and /etc/shadow |
pwconv |
migrate /etc/passwd passwords to /etc/shadow can also fix /etc/shadow errors |
pwunconv |
undoes migration; removes /etc/shadow |
grpck |
verify integrity of /etc/group and /etc/gshadow |
grpconv |
migrate /etc/group passwords to /etc/gshadow can also fix /etc/gshadow errors |
grpunconv |
undoes migration; removes /etc/gshadow |
directory/file | purpose |
---|---|
/etc/passwd |
stores user accounts |
/etc/shadow |
stores user passwords |
/etc/group |
stores group accounts |
/etc/gshadow |
stores group passwords |
/etc/default/useradd |
defines default values for useradd |
/etc/login.defs |
defines id configuration, /etc/shadow configuration |
/etc/skel/ |
defines template for new user home directories |
(hate the inconsistency? me too.
click here
to sign a petition to rename /etc/passwd
to /etc/user
and /etc/shadow
to
/etc/ushadow
, and have the old files be symlinks of the renamed files to
maintain compatibility.)
symbol | indicates that |
---|---|
! or !! |
the account is locked |
$ |
the entry is an encrypted password |
* |
the account is a system user account |
x |
the password is stored in /etc/shadow |