Linux 下用户组别权限的理解技术
本篇讲述 Linux 用户组别权限的理解,希望给大家带来帮助。
先看操作历史记录。
Last login: Thu Aug 3 03:31:18 2017 from 202.101.22.42
root@may:~# groups root
root : root
root@may:~# groups sudo
groups: sudo: no such user
root@may:~# groups www-data
www-data : www-data
root@may:~# usermod -G www-data root
You have new mail in /var/mail/root
root@may:~# groups www-data
www-data : www-data
root@may:~# exit
logout
Connection to lmlphp.com closed.
Last login: Thu Aug 3 04:29:46 2017 from 202.101.22.42
root@may:~# groups www-data
www-data : www-data
root@may:~# groups root
root : root www-data
root@may:~# usermod --help
Usage: usermod [options] LOGIN
Options:
-c, --comment COMMENT new value of the GECOS field
-d, --home HOME_DIR new home directory for the user account
-e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE
-f, --inactive INACTIVE set password inactive after expiration
to INACTIVE
-g, --gid GROUP force use GROUP as new primary group
-G, --groups GROUPS new list of supplementary GROUPS
-a, --append append the user to the supplemental GROUPS
mentioned by the -G option without removing
him/her from other groups
-h, --help display this help message and exit
-l, --login NEW_LOGIN new value of the login name
-L, --lock lock the user account
-m, --move-home move contents of the home directory to the
new location (use only with -d)
-o, --non-unique allow using duplicate (non-unique) UID
-p, --password PASSWORD use encrypted password for the new password
-R, --root CHROOT_DIR directory to chroot into
-s, --shell SHELL new login shell for the user account
-u, --uid UID new UID for the user account
-U, --unlock unlock the user account
-v, --add-subuids FIRST-LAST add range of subordinate uids
-V, --del-subuids FIRST-LAST remvoe range of subordinate uids
-w, --add-subgids FIRST-LAST add range of subordinate gids
-W, --del-subgids FIRST-LAST remvoe range of subordinate gids
-Z, --selinux-user SEUSER new SELinux user mapping for the user account
root@may:~# group
groupadd groupdel groupmod groups
root@may:~# groupdel --help
Usage: groupdel [options] GROUP
Options:
-h, --help display this help message and exit
-R, --root CHROOT_DIR directory to chroot into
You have new mail in /var/mail/root
root@may:~# man groupdel
-bash: man: command not found
root@may:~# vim /etc/passwd
You have new mail in /var/mail/root
root@may:~# groups
root www-data
root@may:~# vim /etc/group
root@may:~# usermod -G lin root
root@may:~# groups
root www-data
root@may:~# groups root
root : root lin
root@may:~# groups www-data
www-data : www-data
root@may:~# groups lin
lin : lin sudo
root@may:~# groups
root www-data
root@may:~# groups root
root : root lin
root@may:~# exit
logout
Connection to lmlphp.com closed.
Welcome to Ubuntu 14.04 LTS (GNU/Linux 2.6.32-042stab108.8 x86_64)
* Documentation: https://help.ubuntu.com/
You have new mail.
Last login: Thu Aug 3 04:31:07 2017 from 202.101.22.42
root@may:~# groups
root lin
root@may:~# groups root
root : root lin
root@may:~# usermod -G www-data root
root@may:~# groups
root lin
root@may:~# groups root
root : root www-data
root@may:~#
以上操作历史可见:groups 后接用户名,显示用户所在的组别,可能还未生效。直接执行 groups 返回当前用户的组别,当前的权限范围内的组别,也许一退出就发生变化。
关于 usermod 的用法,参考 shell 教程 使用groupadd命令创建新用户组 和 使用usermod修改用户信息。
暂无