From 5e3f99e481760a3087feb930074e0b2ac65c9227 Mon Sep 17 00:00:00 2001 From: MjSeven Date: Sun, 16 Dec 2018 20:46:12 +0800 Subject: [PATCH] =?UTF-8?q?=E7=BF=BB=E8=AF=91=E5=AE=8C=E6=88=9020180710=20?= =?UTF-8?q?Users,=20Groups,=20and=20Other=20Linux=20Beasts.md?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ...0 Users, Groups, and Other Linux Beasts.md | 155 ------------------ ...0 Users, Groups, and Other Linux Beasts.md | 139 ++++++++++++++++ 2 files changed, 139 insertions(+), 155 deletions(-) delete mode 100644 sources/tech/20180710 Users, Groups, and Other Linux Beasts.md create mode 100644 translated/tech/20180710 Users, Groups, and Other Linux Beasts.md diff --git a/sources/tech/20180710 Users, Groups, and Other Linux Beasts.md b/sources/tech/20180710 Users, Groups, and Other Linux Beasts.md deleted file mode 100644 index ad5be702d8bf..000000000000 --- a/sources/tech/20180710 Users, Groups, and Other Linux Beasts.md +++ /dev/null @@ -1,155 +0,0 @@ -Translating by MjSeven - -Users, Groups, and Other Linux Beasts -====== - -![](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/flamingo-2458782_1920.jpg?itok=_gkzGGx5) - -Having reached this stage, [after seeing how to manipulate folders/directories][1], but before flinging ourselves headlong into fiddling with files, we have to brush up on the matter of _permissions_ , _users_ and _groups_. Luckily, [there is already an excellent and comprehensive tutorial on this site that covers permissions][2], so you should go and read that right now. In a nutshell: you use permissions to establish who can do stuff to files and directories and what they can do with each file and directory -- read from it, write to it, move it, erase it, etc. - -To try everything this tutorial covers, you'll need to create a new user on your system. Let's be practical and make a user for anybody who needs to borrow your computer, that is, what we call a _guest account_. - -**WARNING:** _Creating and especially deleting users, along with home directories, can seriously damage your system if, for example, you remove your own user and files by mistake. You may want to practice on another machine which is not your main work machine or on a virtual machine. Regardless of whether you want to play it safe, or not, it is always a good idea to back up your stuff frequently, check the backups have worked correctly, and save yourself a lot of gnashing of teeth later on._ - -### A New User - -You can create a new user with the `useradd` command. Run `useradd` with superuser/root privileges, that is using `sudo` or `su`, depending on your system, you can do: -``` -sudo useradd -m guest - -``` - -... and input your password. Or do: -``` -su -c "useradd -m guest" - -``` - -... and input the password of root/the superuser. - -( _For the sake of brevity, we'll assume from now on that you get superuser/root privileges by using`sudo`_ ). - -By including the `-m` argument, `useradd` will create a home directory for the new user. You can see its contents by listing _/home/guest_. - -Next you can set up a password for the new user with -``` -sudo passwd guest - -``` - -Or you could also use `adduser`, which is interactive and asks you a bunch of questions, including what shell you want to assign the user (yes, there are more than one), where you want their home directory to be, what groups you want them to belong to (more about that in a second) and so on. At the end of running `adduser`, you get to set the password. Note that `adduser` is not installed by default on many distributions, while `useradd` is. - -Incidentally, you can get rid of a user with `userdel`: -``` -sudo userdel -r guest - -``` - -With the `-r` option, `userdel` not only removes the _guest_ user, but also deletes their home directory and removes their entry in the mailing spool, if they had one. - -### Skeletons at Home - -Talking of users' home directories, depending on what distro you're on, you may have noticed that when you use the `-m` option, `useradd` populates a user's directory with subdirectories for music, documents, and whatnot as well as an assortment of hidden files. To see everything in you guest's home directory run `sudo ls -la /home/guest`. - -What goes into a new user's directory is determined by a skeleton directory which is usually _/etc/skel_. Sometimes it may be a different directory, though. To check which directory is being used, run: -``` -useradd -D -GROUP=100 -HOME=/home -INACTIVE=-1 -EXPIRE= -SHELL=/bin/bash -SKEL=/etc/skel -CREATE_MAIL_SPOOL=no - -``` - -This gives you some extra interesting information, but what you're interested in right now is the `SKEL=/etc/skel` line. In this case, and as is customary, it is pointing to _/etc/skel/_. - -As everything is customizable in Linux, you can, of course, change what gets put into a newly created user directory. Try this: Create a new directory in _/etc/skel/_ : -``` -sudo mkdir /etc/skel/Documents - -``` - -And create a file containing a welcome text and copy it over: -``` -sudo cp welcome.txt /etc/skel/Documents - -``` - -Now delete the guest account: -``` -sudo userdel -r guest - -``` - -And create it again: -``` -sudo useradd -m guest - -``` - -Hey presto! Your _Documents/_ directory and _welcome.txt_ file magically appear in the guest's home directory. - -You can also modify other things when you create a user by editing _/etc/default/useradd_. Mine looks like this: -``` -GROUP=users -HOME=/home -INACTIVE=-1 -EXPIRE= -SHELL=/bin/bash -SKEL=/etc/skel -CREATE_MAIL_SPOOL=no - -``` - -Most of these options are self-explanatory, but let's take a closer look at the `GROUP` option. - -### Herd Mentality - -Instead of assigning permissions and privileges to users one by one, Linux and other Unix-like operating systems rely on _groups_. A group is a what you imagine it to be: a bunch of users that are related in some way. On your system you may have a group of users that are allowed to use the printer. They would belong to the _lp_ (for " _line printer_ ") group. The members of the _wheel_ group were traditionally the only ones who could become superuser/root by using _su_. The _network_ group of users can bring up and power down the network. And so on and so forth. - -Different distributions have different groups and groups with the same or similar names have different privileges also depending on the distribution you are using. So don't be surprised if what you read in the prior paragraph doesn't match what is going on in your system. - -Either way, to see which groups are on your system you can use: -``` -getent group - -``` - -The `getent` command lists the contents of some of the system's databases. - -To find out which groups your current user belongs to, try: -``` -groups - -``` - -When you create a new user with `useradd`, unless you specify otherwise, the user will only belong to one group: their own. A _guest_ user will belong to a _guest_ group and the group gives the user the power to administer their own stuff and that is about it. - -You can create new groups and then add users to them at will with the `groupadd` command: -``` -sudo groupadd photos - -``` - -will create the _photos_ group, for example. Next time, we’ll use this to build a shared directory all members of the group can read from and write to, and we'll learn even more about permissions and privileges. Stay tuned! - -Learn more about Linux through the free ["Introduction to Linux" ][3]course from The Linux Foundation and edX. - --------------------------------------------------------------------------------- - -via: https://www.linux.com/learn/intro-to-linux/2018/7/users-groups-and-other-linux-beasts - -作者:[Paul Brown][a] -选题:[lujun9972](https://github.com/lujun9972) -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://www.linux.com/users/bro66 -[1]:https://www.linux.com/blog/learn/2018/5/manipulating-directories-linux -[2]:https://www.linux.com/learn/understanding-linux-file-permissions -[3]:https://training.linuxfoundation.org/linux-courses/system-administration-training/introduction-to-linux diff --git a/translated/tech/20180710 Users, Groups, and Other Linux Beasts.md b/translated/tech/20180710 Users, Groups, and Other Linux Beasts.md new file mode 100644 index 000000000000..477d317d9f06 --- /dev/null +++ b/translated/tech/20180710 Users, Groups, and Other Linux Beasts.md @@ -0,0 +1,139 @@ +用户,组和其他 Linux 用户 +====== + +![](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/flamingo-2458782_1920.jpg?itok=_gkzGGx5) + +到这个阶段,[在看到如何操作目录或文件夹之后][1],但在让自己一头扎进文件之前,我们必须重新审视 _权限_, _users_ 和 _group_。幸运的是,[有一个网站上已经有了一个优秀而全面的教程,包括了权限][2],所以你应该去立刻阅读它。简而言之,你使用权限来确定谁可以对文件和目录执行操作,以及他们可以对每个文件和目录执行什么操作 -- 从中读取,写入,擦除等等。 + +要尝试本教程涵盖的所有内容,你需要在系统上创建新用户。让我们实践起来,为每一个需要借用你电脑的人创建一个用户,我们称之为 _guest 账户_。 + +**警告:** _例如,如果你错误地删除了自己的用户和目录,那么创建,特别是删除用户以及主目录会严重损坏系统。你可能不想在你日常的工作机中练习,那么请在另一台机器或者虚拟机上练习。无论你是否想要安全地练习,经常备份你的东西总是一个好主意。检查备份是否正常工作,为你自己以后避免很多咬牙切齿的事情。_ + +### 一个新用户 + +你可以使用 `useradd` 命令来创建一个新用户。使用超级用户或 root 权限运行 `useradd`,即使用 `sudo` 或 `su`,这具体取决于你的系统,你可以: +``` +sudo useradd -m guest +``` + +然后输入你的密码。或者也可以这样: +``` +su -c "useradd -m guest" +``` + +然后输入 root 或超级用户的密码。 + +(_为了简洁起见,我们将从现在开始假设你使用 `sudo` 获得超级用户或 root 权限。_) + +通过使用 `-m` 参数,`useradd` 将为新用户创建一个主目录。你可以通过列出 _/home/guest_ 来查看其内容。 + +然后你可以使用以下命令来为新用户设置密码: +``` +sudo passwd guest +``` + +或者你也可以使用 `adduser`,这是一个交互式的命令,它会询问你一些问题,包括你要为用户分配的 shell(是的,不止一个),你希望其主目录在哪里,你希望他们属于哪些组(有关这点稍后会讲到)等等。在运行 `adduser` 结束时,你可以设置密码。注意,默认情况下,在许多发行版中都没有安装 `adduser`,但安装了 `useradd`。 + +顺便说一下,你可以使用 `userdel` 来移除一个用户: +``` +sudo userdel -r guest +``` + +使用 `-r` 选项,`userdel` 不仅删除了 _guest_ 用户,还删除了他们的主目录和邮件中的条目(如果有的话)。 + +### home 中的内容 + +谈到用户的主目录,它依赖于你所使用的发行版。你可能已经注意到,当你使用 `-m` 选项时,`useradd` 使用子目录填充用户的目录,包括音乐,文档和诸如此类的内容以及各种各样的隐藏文件。要查看 guest 主目录中的所有内容,运行 `sudo ls -la /home/guest`。 + +进入新用户目录的内容通常是由 _/etc/skel_ 架构目录确定的。有时它可能是一个不同的目录。要检查正在使用的目录,运行: +``` +useradd -D +GROUP=100 +HOME=/home +INACTIVE=-1 +EXPIRE= +SHELL=/bin/bash +SKEL=/etc/skel +CREATE_MAIL_SPOOL=no +``` + +这给你一些额外的有趣信息,但你现在感兴趣的是 `SKEL=/etc/skel` 这一行,在这种情况下,按照惯例,它指向 _/etc/skel/_。 + +由于 Linux 中的所有东西都是可定制的,因此你可以更改那些放入新创建的用户目录的内容。试试这样做:在 _/etc/skel/_ 中创建一个新目录: +``` +sudo mkdir /etc/skel/Documents +``` + +然后创建一个包含欢迎消息的文件,并将其复制过来: +``` +sudo cp welcome.txt /etc/skel/Documents +``` + +现在删除 guest 账户: +``` +sudo userdel -r guest +``` + +再次创建: +``` +sudo useradd -m guest +``` + +嘿 presto!(to 校正:这个 presto 是什么?)你的 _Documents/_ 目录和 _welcome.txt_ 文件神奇地出现在了 guest 的主目录中。 + +你还可以在创建用户时通过编辑 _/etc/default/useradd_ 来修改其他内容。我的看起来像这样: +``` +GROUP=users +HOME=/home +INACTIVE=-1 +EXPIRE= +SHELL=/bin/bash +SKEL=/etc/skel +CREATE_MAIL_SPOOL=no +``` + +这些选项大多数都是不言自明的,但让我们仔细看看 `GROUP` 选项。 + +### 群组心态 + +Linux 和其他类 Unix 操作系统依赖于 _groups_,而不是逐个为用户分配权限和特权。一个组就是你想象的那样:一群在某种程度上相关的用户。在你的系统上可能有一组允许使用打印机的用户,他们属于 _lp_(即 "_line printer_")组。传统上 _wheel_ 组的成员是唯一可以通过使用 _su_ 成为超级用户或 root 的成员。_network_ 用户组可以启动或关闭网络。还有许多诸如此类的。 + +不同的发行版有不同的组,具有相同或相似名称的组具有不同的权限,这也取决于你使用的发行版。因此,如果你在前一段中读到的内容与你系统中的内容不匹配,不要感到惊讶。 + +不管怎样g,要查看系统中有哪些组,你可以使用: +``` +getent group +``` + +`getent` 命令列出了某些系统数据库的内容。 + +要查找当前用户所属的组,尝试: +``` +groups +``` + +当你使用 `useradd` 创建新用户时,除非你另行指定,否则用户讲只属于一个组:他们自己。一个 _guest_ 用户属于 _guest_ 组。组使用户有权管理自己的东西,仅此而已。 + +你可以使用 `groupadd` 命令创建新组,然后添加用户: +``` +sudo groupadd photos +``` + +例如,这将创建 _photos_ 组。下一次,我们将使用它来构建一个共享目录,该组的所有成员都可以读取和写入,我们将更多地了解权限和特权。敬请关注! + + +-------------------------------------------------------------------------------- + +via: https://www.linux.com/learn/intro-to-linux/2018/7/users-groups-and-other-linux-beasts + +作者:[Paul Brown][a] +选题:[lujun9972](https://github.com/lujun9972) +译者:[MjSeven](https://github.com/MjSeven) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.linux.com/users/bro66 +[1]:https://www.linux.com/blog/learn/2018/5/manipulating-directories-linux +[2]:https://www.linux.com/learn/understanding-linux-file-permissions +[3]:https://training.linuxfoundation.org/linux-courses/system-administration-training/introduction-to-linux