addgroup (创建一个新组)

rose1 发表于 2020-08-04 11:57
浏览次数:
在手机上阅读

在类似Unix的操作系统上,adduser命令创建一个新用户,而addgroup命令创建一个新组。 adduser命令还可以用于将现有用户添加到现有组。

查看英文版

目录

1 addgroup 运行系统环境

2 31/5000 如何使用adduser和addgroup

3 addgroup 语法

4 addgroup 例子

addgroup 运行系统环境

Linux

31/5000 如何使用adduser和addgroup

adduseraddgroup根据/etc/adduser.conf中的命令行选项和配置信息,将用户和组添加到系统。通过选择符合策略的UID和GID值,创建具有骨架配置的主目录,运行自定义脚本以及其他功能,它们是诸如useradd,groupadd和usermod程序等低级工具的更友好的前端。

使用adduser的主要方法有五种,并且addgroup可以在以下五种模式之一中运行:

添加普通用户

如果使用一个非选项参数且没有--system--group选项调用,则adduser将添加一个普通用户。

adduser将从配置文件中为普通用户指定的范围中选择第一个可用的UID。UID可以用--uid选项覆盖。

配置文件中指定的范围可以用--firstuid--lastuid选项覆盖。

默认情况下,为GNU / Linux系统中的每个用户分配一个具有相同名称的对应组。用户组允许组可写的目录,以通过将适当的用户在新的组,设置在所述一组基团的ID位可以容易地维持目录,并确保所有用户使用的umask的002。如果通过将USERGROUPS设置为no来关闭此选项,则所有用户的GID都将设置为USERS_GID。也可以使用--gid--ingroup选项从命令行覆盖用户的主要组,以分别通过id或name设置组。此外,可以通过将ADD_EXTRA_GROUPS设置为将用户添加到adduser.conf中定义的一个或多个组中。1在adduser.conf中,或在命令行中传递--add_extra_groups。

adduser将创建一个受DHOME,GROUPHOMES和LETTERHOMES约束的主目录。主目录可以从与命令行覆盖--home选项,并且外壳与--shell选项。如果USERGROUPS为yes,则设置主目录的set-group-ID 位,以便在用户的主目录中创建的任何文件都具有正确的组。

adduser会将文件从SKEL复制到主目录,并提示您输入手指(gecos)信息和密码。gecos也可以使用--gecos选项设置。使用--disabled-login选项,将创建该帐户,但是将禁用该帐户,直到设置密码为止。该--disabled密码选项将不设置密码,但登录仍然是可能的(例如使用SSH RSA密钥)。要为新用户设置加密的主目录,请添加--encrypt-home选项。

如果文件/usr/local/sbin/adduser.local存在,则将在设置用户帐户以执行任何本地设置后执行该文件。传递给adduser.local的参数是:“ username uid gid home-directory”。

根据以下规则设置环境变量VERBOSE:

  • 如果指定了--quiet
  • 如果未指定--quiet或--debug
  • 如果指定了--debug

(这同样适用于可变DEBUG,DEBUG被弃用,将在以后的版本中删除的adduser)。

添加系统用户

如果一个非选项参数和被叫--system选项,adduser的将添加一个系统用户。如果在系统uid范围内已经存在具有相同名称的用户(或者,如果指定了uid,则如果已经存在具有该uid的用户),则adduser将退出并显示警告。可以通过添加“ --quiet ” 来抑制此警告。

adduser将从配置文件中为系统用户指定的范围中选择第一个可用的UID(FIRST_SYSTEM_UID和LAST_SYSTEM_UID)如果要使用特定的UID,则可以使用--uid选项进行指定。

默认情况下,系统用户位于“ nogroup ”组中。要将新系统用户放置在现有组中,请使用--gid--ingroup选项。要将新系统用户放置在具有相同ID的新组中,请使用--group选项。

主目录是根据与普通用户相同的规则创建的。新的系统用户将具有shell / bin / false(除非用--shell选项覆盖),并且禁用了登录名。不会复制骨骼配置文件。

添加用户组

如果使用--group选项而不使用--system选项调用adduser,或者调用了addgroup,则会添加一个用户组。

将从配置文件中为系统GIDS指定的范围中选择一个GID(FIRST_GID,LAST_GID)。要覆盖该机制,可以使用--gid选项提供GID 。

该组没有用户创建。

添加系统组

如果使用--system选项调用addgroup,将添加一个系统组。

将从配置文件中为系统GIDS指定的范围中选择一个GID(FIRST_SYSTEM_GID,LAST_SYSTEM_GID)。要覆盖该机制,可以使用--gid选项提供GID 。

该组没有用户创建。

将现有用户添加到现有组

如果使用两个非选项参数运行adduser,则会将现有用户user添加到group group中(如果存在)。

adduser and addgroup add users and groups to the system according to command line options and configuration information in /etc/adduser.conf. They are friendlier front ends to the low-level tools like useradd, groupadd and usermod programs, by choosing policy-conformant UID and GID values, creating a home directory with skeletal configuration, running a custom script, and other features.

There are five major ways to use adduser and addgroup can be run in one of five modes:

Add a normal user

If called with one non-option argument and without the --system or --group options, adduser will add a normal user.

adduser will choose the first available UID from the range specified for normal users in the configuration file. The UID can b overridden with the --uid option.

The range specified in the configuration file may be overridden with the --firstuid and --lastuid options.

By default, each user in a GNU/Linux system is given a corresponding group with the same name. User groups allow group writable directories to be easily maintained by placing the appropriate users in the new group, setting the set-group-ID bit in the directory, and ensuring that all users use a umask of 002. If this option is turned off by setting USERGROUPS to no, all users' GIDs are set to USERS_GID. Users' primary groups can also be overridden from the command line with the --gid or --ingroup options to set the group by id or name, respectively. Also, users can be added to one or more groups defined in adduser.conf either by setting ADD_EXTRA_GROUPS to 1 in adduser.conf, or by passing --add_extra_groups on the command line.

adduser will create a home directory subject to DHOME, GROUPHOMES, and LETTERHOMES. The home directory can be overridden from the command line with the --home option, and the shell with the --shell option. The home directory's set-group-ID bit is set if USERGROUPS is yes so that any files created in the user's home directory will have the correct group.

adduser will copy files from SKEL into the home directory and prompt for finger (gecos) information and a password. The gecos may also be set with the --gecos option. With the --disabled-login option, the account will be created but will be disabled until a password is set. The --disabled-password option will not set a password, but login is still possible (for example with SSH RSA keys). To set up an encrypted home directory for the new user, add the --encrypt-home option.

If the file /usr/local/sbin/adduser.local exists, it will be executedafter the user account has been set up to do any local setup. The arguments passed to adduser.local are: "username uid gid home-directory".

The environment variable VERBOSE is set according to the following rules:

  • if --quiet is specified
  • if neither --quiet nor --debug is specified
  • if --debug is specified

(The same applies to the variable DEBUG, but DEBUG is deprecated and will be removed in a later version of adduser).

Add a system user

If called with one non-option argument and the --system option, adduser will add a system user. If a user with the same name already exists in the system uid range (or, if the uid is specified, if a user with that uid already exists), adduser will exit with a warning. This warning can be suppressed by adding "--quiet".

adduser will choose the first available UID from the range specified for system users in the configuration file (FIRST_SYSTEM_UID and LAST_SYSTEM_UID). If you want to have a specific UID, you can specify it using the --uid option.

By default, system users are placed in the "nogroup" group. To place the new system user in an already existing group, use the --gid or --ingroup options. To place the new system user in a new group with the same ID, use the --group option.

A home directory is created by the same rules as for normal users. The new system user will have the shell /bin/false (unless overridden with the --shell option), and have logins disabled. Skeletal configuration files are not copied.

Add a user group

If adduser is called with the --group option and without the --system option, or addgroup is called, a user group will be added.

A GID will be chosen from the range specified for system GIDS in the configuration file (FIRST_GIDLAST_GID). To override that mechanism you can give the GID using the --gid option.

The group is created with no users.

Add a system group

If addgroup is called with the --system option, a system group will be added.

A GID will be chosen from the range specified for system GIDS in the configuration file (FIRST_SYSTEM_GIDLAST_SYSTEM_GID). To override that mechanism you can give the GID using the --gid option.

The group is created with no users.

Add an existing user to an existing group

If you run adduser with two non-option arguments, it will add existing user user to group group, if it exists.

查看英文版

查看中文版

addgroup 语法

adduser [--system] [--home DIR] [--shell SHELL] [--no-create-home]
        [--uid ID] [--firstuid ID] [--lastuid ID]
        [--ingroup GROUP | --gid ID] [--disabled-password]
        [--disabled-login] [--gecos GECOS] [--add_extra_groups]
        [--encrypt-home] [--quiet] [--debug] [--force-badname]
        [--help|-h] [--version] [--conf FILE] user 
addgroup [--system] [--quiet] [--debug] [--force-badname] [--help|-h]
         [--version] [--conf FILE] [--gid ID] group 
adduser [options] user group 

选件

--conf 文件

使用FILE代替/etc/adduser.conf。

-禁用登录

不要运行passwd来设置密码。在设置密码之前,用户将无法使用她的帐户。

-禁用密码

--disabled-login一样,但是仍然可以登录(例如,使用SSH RSA密钥),但不能使用密码验证。

--force-badname

默认情况下,将根据配置文件中指定的可配置正则表达式 NAME_REGEX如果指定了--system,则为NAME_REGEX_SYSTEM)检查用户名和组名。此选项强制adduseraddgroup仅对名称的有效性进行弱检查。

--gecos GECOS

为生成的新条目设置gecos字段。如果指定了此选项,则adduser不会询问手指信息。

--gid ID

创建组时,此选项将新的组ID强制为给定的数字。创建用户时,此选项会将用户放入该组。

--group

--system结合使用时,将创建一个名称和ID与系统用户相同的组。如果未与--system结合使用,则会创建具有给定名称的组。如果将程序作为addgroup调用,则这是默认操作。

--help

显示帮助消息,然后退出。

--home DIR

使用DIR作为用户的主目录,而不是配置文件指定的默认目录。如果该目录不存在,则会创建该目录并复制框架文件。

--shell SHELL

使用SHELL作为用户的登录外壳,而不是配置文件指定的默认外壳。

--ingroup GROUP

将新用户添加到GROUP,而不是配置文件中的用户组或USERS_GID定义的默认组。这会影响用户的主要组。要添加其他组,请参见add_extra_groups选项。

--no-create-home

即使不存在主目录,也不要创建它。

--quiet

禁止显示信息性消息,仅显示警告和错误。

--debug

进行详细说明,如果要确定adduser的问题,这将非常有用。

--system

创建系统用户或组。

--uid ID

强制将新的用户ID设为给定的数字。如果已经使用了userid,则adduser将失败。

--firstuid ID

覆盖从中选择uid的范围内的第一个uid(覆盖配置文件中指定的FIRST_UID)。

--lastuid ID

覆盖从(LAST_UID)中选择uid的范围内的最后一个uid。

--add_extra_groups

将新用户添加到配置文件中定义的其他组。

--version

显示版本和版权信息。

组态

文件/etc/adduser.conf包含程序adduser,addgroup,deluserdelgroup的默认值。每行包含一个“ 选项 = 值 ” 形式的单个值对。值周围可以使用双引号或单引号,等号周围也可以使用空格。评论行的第一列中必须带有井号(“ # ”)。

有效的配置选项是:

DSHELL

用于所有新用户的登录外壳。默认为/ bin / bash。

DHOME

应该在其中创建新主目录的目录。默认为/ home。

GROUPHOMES

如果设置为是,则主目录将作为“创建的/ home / [ 组名 ] /用户 ”。默认为no。

LETTERHOMES

如果将其设置为yes,那么创建的主目录将插入一个额外的目录,该目录是登录名的首字母。例如:/ home / u / user。默认为no。

SKEL

应当从中复制骨骼用户配置文件的目录。默认为/ etc / skel。

FIRST_SYSTEM_UIDLAST_SYSTEM_UID

指定范围的UID,可以从中动态分配系统UID。默认为100 - 999。请注意,系统软件(例如由base-passwd软件包分配的用户)可能会假定未分配小于100的UID。

FIRST_UIDLAST_UID

指定一个范围的UID,从中可以动态分配普通用户的UID。默认为1000 - 29999。

FIRST_SYSTEM_GIDLAST_SYSTEM_GID

指定一个包含范围的GID,可以从中动态分配系统GID。默认为100 - 999。

FIRST_GIDLAST_GID

指定一个包含范围的GID,从中可以动态分配普通组的GID。默认为1000 - 29999。

USERGROUPS

如果将其设置为yes,那么将为每个创建的用户分配自己的组以供使用。如果为no,则每个创建的用户将被放置在GID为USERS_GID的组中(请参见下文)。默认值为yes

USERS_GID

如果USERGROUPS为no,则USERS_GID是分配给所有新创建用户的GID。默认值为100

DIR_MODE

如果设置为有效值(例如0755或755),则创建的目录将具有指定的权限,如umask。否则,默认使用0755

SETGID_HOME

如果将其设置为yes,则具有自己的组(USERGROUPS = yes)的用户的主目录将设置setgid位。这是3.13之前的adduser版本的默认设置。不幸的是,它具有一些不良的副作用,因此我们不再默认执行此操作。不过,如果您想要它,您仍然可以在这里激活它。

QUOTAUSER

如果设置为非空值,则将向新用户复制该用户的配额。默认为空。

NAME_REGEX

根据此正则表达式检查用户名和组名。如果名称与该正则表达式不匹配,除非设置了--force-badname,否则将拒绝在adduser中创建用户和组。随着--force-badname集,只有疲软的执行检查。默认值为最保守的^ [az] [-a-z0-9] * $。当--system指定,NAME_REGEX_SYSTEM来代替。

NAME_REGEX_SYSTEM

对照此正则表达式检查系统用户的名称。如果提供了--system并且名称与该正则表达式不匹配,则除非设置了--force-badname,否则将拒绝在adduser中创建用户。随着--force-badname集,只有疲软的执行检查。默认值与默认的NAME_REGEX相同,但也允许使用大写字母。

SKEL_IGNORE_REGEX

使用此正则表达式检查/ etc / skel /中的文件,如果匹配,则不会将其复制到新创建的主目录中。默认情况下,将其设置为从未合并的配置文件(dpkg-(old | new | dist))中剩余的正则表达式匹配文件。

ADD_EXTRA_GROUPS

将此设置为0(默认值)以外的值将使adduser将新创建的非系统用户添加到EXTRA_GROUPS定义的组列表中(如下所示)。

EXTRA_GROUPS

这是新的非系统用户将添加到的组的列表。默认情况下,此列表为“拨出cdrom软盘音频视频plugdev用户游戏”。

退出值

0

用户存在,如指定。这可能有两个原因:用户是由adduser创建的,或者在调用adduser之前该用户已经存在于系统中。如果adduser返回0,则使用与之前相同的参数第二次调用adduser也会返回0。

1

创建用户或组失败,因为它已经与指定的其他UID / GID一起存在。用户名或组名由于与配置的正则表达式不匹配而被拒绝。adduser已被信号中止。

或者,由于其他未记录的原因,可能会返回此代码,在这种情况下,这些代码会打印到控制台。然后,您可以考虑删除--quiet以使adduser更加冗长。

档案

/etc/adduser.conf

adduseraddgroup的默认配置文件

adduser [--system] [--home DIR] [--shell SHELL] [--no-create-home]
        [--uid ID] [--firstuid ID] [--lastuid ID]
        [--ingroup GROUP | --gid ID] [--disabled-password]
        [--disabled-login] [--gecos GECOS] [--add_extra_groups]
        [--encrypt-home] [--quiet] [--debug] [--force-badname]
        [--help|-h] [--version] [--conf FILE] user 
addgroup [--system] [--quiet] [--debug] [--force-badname] [--help|-h]
         [--version] [--conf FILE] [--gid ID] group 
adduser [options] user group 

Options

--conf FILE

Use FILE instead of /etc/adduser.conf.

--disabled-login

Do not run passwd to set the password. The user won't be able to use her account until the password is set.

--disabled-password

Like --disabled-login, but logins are still possible (for example using SSH RSA keys), but not using password authentication.

--force-badname

By default, user and group names are checked against the configurable regular expression NAME_REGEX (or NAME_REGEX_SYSTEM if --system is specified) specified in the configuration file. This option forces adduser and addgroup to apply only a weak check for validity of the name.

--gecos GECOS

Set the gecos field for the new entry generated. adduser will not ask for finger information if this option is given.

--gid ID

When creating a group, this option forces the new groupid to be the given number. When creating a user, this option will put the user in that group.

--group

When combined with --system, a group with the same name and ID as the system user is created. If not combined with --system, a group with the given name is created. This is the default action if the program is invoked as addgroup.

--help

Display a help message, and exit.

--home DIR

Use DIR as the user's home directory, rather than the default specified by the configuration file. If the directory does not exist, it is created and skeleton files are copied.

--shell SHELL

Use SHELL as the user's login shell, rather than the default specified by the configuration file.

--ingroup GROUP

Add the new user to GROUP instead of a user group or the default group defined by USERS_GID in the configuration file. This affects the users primary group. To add additional groups, see the add_extra_groups option.

--no-create-home

Do not create the home directory, even if it doesn't exist.

--quiet

Suppress informational messages, only show warnings and errors.

--debug

Be verbose, which is most useful if you want to nail down a problem with adduser.

--system

Create a system user or group.

--uid ID

Force the new userid to be the given number. adduser will fail if the userid is already taken.

--firstuid ID

Override the first uid in the range that the uid is chosen from (overrides FIRST_UID specified in the configuration file).

--lastuid ID

Override the last uid in the range that the uid is chosen from ( LAST_UID ).

--add_extra_groups

Add new user to extra groups defined in the configuration file.

--version

Display version and Copyright information.

Configuration

The file /etc/adduser.conf contains defaults for the programs adduseraddgroupdeluser and delgroup. Each line holds a single value pair in the form "option = value". Double or single quotes are allowed around the value, as is whitespace around the equals sign. Comment lines must have a hash sign ("#") in the first column.

The valid configuration options are:

DSHELL

The login shell to be used for all new users. Defaults to /bin/bash.

DHOME

The directory in which new home directories should be created. Defaults to /home.

GROUPHOMES

If this is set to yes, the home directories will be created as "/home/[groupname]/user". Defaults to no.

LETTERHOMES

If this is set to yes, then the home directories created will have an extra directory inserted that is the first letter of the loginname. For example: /home/u/user. Defaults to no.

SKEL

The directory from which skeletal user configuration files should be copied. Defaults to /etc/skel.

FIRST_SYSTEM_UIDLAST_SYSTEM_UID

specify an inclusive range of UIDs from which system UIDs can be dynamically allocated. Default to 100 - 999. Please note that system software, such as the users allocated by the base-passwd package, may assume that UIDs less than 100 are unallocated.

FIRST_UIDLAST_UID

specify an inclusive range of UIDs from which normal user's UIDs can be dynamically allocated. Default to 1000 - 29999.

FIRST_SYSTEM_GIDLAST_SYSTEM_GID

specify an inclusive range of GIDs from which system GIDs can be dynamically allocated. Default to 100 - 999.

FIRST_GIDLAST_GID

specify an inclusive range of GIDs from which normal group's GIDs can be dynamically allocated. Default to 1000 - 29999.

USERGROUPS

If this is set to yes, then each created user will be given their own group to use. If this is no, then each created user will be placed in the group whose GID is USERS_GID (see below). The default is yes.

USERS_GID

If USERGROUPS is no, then USERS_GID is the GID given to all newly-created users. The default value is 100.

DIR_MODE

If set to a valid value (e.g., 0755 or 755), directories created will have the specified permissions as umask. Otherwise, 0755 is used as default.

SETGID_HOME

If this is set to yes, then home directories for users with their own group ( USERGROUPS=yes ) will have the setgid bit set. This was the default setting for adduser versions previous to 3.13. Unfortunately, it has some bad side effects, so we no longer do this per default. If you want it nevertheless you can still activate it here.

QUOTAUSER

If set to a nonempty value, new users will have quotas copied from that user. The default is empty.

NAME_REGEX

User and group names are checked against this regular expression. If the name doesn't match this regexp, user and group creation in adduser is refused unless --force-badname is set. With --force-badname set, only weak checks are performed. The default is the most conservative ^[a-z][-a-z0-9]*$. When --system is specified, NAME_REGEX_SYSTEM is used instead.

NAME_REGEX_SYSTEM

Names of system users are checked against this regular expression. If --system is supplied and the name doesn't match this regexp, user creation in adduser is refused unless --force-badname is set. With --force-badname set, only weak checks are performed. The default is as for the default NAME_REGEX but also allowing uppercase letters.

SKEL_IGNORE_REGEX

Files in /etc/skel/ are checked against this regex, and not copied to the newly created home directory if they match. This is by default set to the regular expression matching files left over from unmerged config files (dpkg-(old|new|dist)).

ADD_EXTRA_GROUPS

Setting this to something other than 0 (the default) will cause adduser to add newly created non-system users to the list of groups defined by EXTRA_GROUPS (below).

EXTRA_GROUPS

This is the list of groups that new non-system users will be added to. By default, this list is 'dialout cdrom floppy audio video plugdev users games'.

Exit values

0

The user exists as specified. This can have 2 causes: The user was created by adduser or the user was already present on the system before adduser was invoked. If adduser was returning 0, invoking adduser a second time with the same parameters as before also returns 0.

1

Creating the user or group failed because it was already present with other UID/GID than specified. The username or groupname was rejected because of a mismatch with the configured regular expressions. adduser has been aborted by a signal.

Or this code may be returned for other undocumented reasons, which in that case are printed to console. You may then consider to remove --quiet to make adduser more verbose.

Files

/etc/adduser.conf

Default configuration file for adduser and addgroup

查看英文版

查看中文版

addgroup 例子

adduser mynewuser

创建一个新的用户帐户mynewuser。

adduser将提示您为用户分配密码,并要求您提供可选的标识信息,例如“ 全名”和“ 电话号码”。

将为新用户创建一个主目录(默认为/ home / mynewuser),并创建一个特定于用户的组mynewuser。框架主目录的内容(默认位于/ etc / skel)将被复制到新的主目录中。

如果脚本/usr/local/sbin/adduser.local存在,它将使用参数username uid gid home-directory执行,其中username是mynewuser,uid是mynewuser的用户标识,gid是mynewuser的组标识,以及home -directory是mynewuser的主目录。

adduser --home /home/mynewuserhome mynewuser

创建用户帐户mynewuser,并在/ home / mynewuserhome位置创建其主目录。

adduser mynewuser

Creates a new user account, mynewuser.

adduser will prompt you to assign a password for the user, and ask you for optional identifying information such as Full Name and Phone Number.

A home directory (by default, /home/mynewuser) will be created for the new user, and a user-specific group, mynewuser, will be created. The contents of the skeleton home directory, which by default is located at /etc/skel, will be copied into the new home directory.

If the script /usr/local/sbin/adduser.local exists, it will be executed with the arguments username uid gid home-directory, where username is mynewuser, uid is mynewuser's user id, gid is mynewuser's group id, and home-directory is mynewuser's home directory.

adduser --home /home/mynewuserhome mynewuser

Creates the user account mynewuser, and creates their home directory at the location /home/mynewuserhome.

查看英文版

查看中文版

其他命令行

apt-cache | apt-get | ar | arch | arp | as | a2p | aspell | ac | at | awk | adduser | a2p | apropos | alias | agrep |

如此好文,分享给朋友