Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I would like to ask what is the difference of user group in different case , In case 1 , when created the user1/2 , I assign it to group 400 ; in case 2 , I manually added user1/2 to the tail of /etc/group file .
is it different user permission if in these two case ? thanks
Case 1
======
user1:x:500:400:web_user:/home/user1:/sbin/nologin
If you are using RHEL, you are paying for support. You might direct this question to the RHEL support channels for which you are paying.
I have a few thoughts:
Most distros assign user numbers automatically. Generally, the first user is number 1000 (sometimes it's number 500) and successive users increment upwards to the next higher number. AFAIC, if you start ad libbing user numbers, you are likely to have unexpected consequences.
I don't have any expertise here, but I suspect that your original question could be answered by your inspecting the /etc/passwd and /etc/group files and comparing the group memberships of the users that you added and making sure that no other users (some of which may be, not persons, but processes) have conflicting user numbers.
I would like to ask what is the difference of user group in different case , In case 1 , when created the user1/2 , I assign it to group 400 ; in case 2 , I manually added user1/2 to the tail of /etc/group file .
is it different user permission if in these two case ? thanks
Case 1
======
user1:x:500:400:web_user:/home/user1:/sbin/nologin
nginx, user1, user2, all those are nothing more that human readable help for our consumption. The number is what matters to the system.
An user account can have many, and usually have many groups assigned to it. However, only one is the primary and the rest are secondary.
Groups do not have a category of primary or secondary assigned to them. A group in /etc/groups can be primary or secondary to any amount of users account, simultaneously. This can be seen in /etc/groups.
The primary group for an user will appear as the fourth entry in /etc/password.
The command id <username> or groups <username> can show secondary group information.
is a worthwhile way to add groups and users. Manually adding them is the road to chaos.
It all depends on what you are doing.
Adding users directly to the passwd/shadow/group files is possible and reasonable - specially when you use a pre-existing disk server for users home directories. Adding 500 users at once this way is very fast... MUCH faster than using the "useradd" function.
You just have to pay reasonable attention to the distributions policies. Most of them now use UIDs (and GIDs, though that is a bit less restrictive) for system accounts (accounts for special purposes - databases, jails for named/sendmail, security monitoring tools...). These are usually identified with UID/GID values under 1000. As long those policies are checked you should have no problem.
It is also reasonable consider using LDAP instead... and that has the SAME "chaos" as adding users manually.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.