Catalog
What happens behind creating users?
Exercise: #Intercept the seventh field and find out several
Userdel-r username-->Remove all home and local mail directories
Directories and files about users and groups
User Default Property Settings File
The difference between su and su -
vsftpd service and local users
How can 10,000 machines be managed?
Users and Groups
User --> Logged on person
group -->Organization
User--Join Group--Inherit Permissions
Multiple accounts can belong to the same group; A user can join multiple groups
Why introduce this user and group?
1. Security
2. Rights Management
3. Resource control: access, reading and execution of files
To control the resources on the Linux system -- who can access them and who can't access them
User account
-
[root
@kafka01 usergroup]
# id root
-
-
uid=
0(root) gid=
0(root) groups=
0(root)
UID -- ID number for each user -- unique
GID -- Identity of each group -- Unique
Superuser root (maximum privilege), superuser root UID 0
Program user, UID1-1000 for program user
Normal user, normal user UID greater than or equal to 1001
User's Home Directory
By default, a folder with the same name is created in the / home directory when the user is created
UID_MIN* 1000 #Minimum common user uid 1000
UID_MAX 60000
Exercise: Find out usernames with user id greater than or equal to 1000 in/etc/passwd
[root@kafka01 sc3]# awk -F:'$3>=1000{print $1,$3}' /etc/passwd
Group Account
Primary Group (Private Group)
User-related default group, defined in the fourth field of the/etc/passwd file
Secondary group (subsidiary group)
Users can belong to other groups, defined in the fourth field of the/etc/group file
The name of the user's primary group is related to the GID
-
[root
@kafka01 usergroup]
# useradd chaochao
-
-
[root
@kafka01 usergroup]
# id chaochao
-
-
uid=
1001(chaochao) gid=
1001(chaochao) groups=
1001(chaochao)
-
-
[root
@kafka01 usergroup]
# useradd sc1
-
-
[root
@kafka01 usergroup]
# id sc1
-
-
uid=
1002(sc1) gid=
1002(sc1) groups=
1002(sc1)
What happens behind creating users?
/etc/passwd -- Records user information. This file is viewed when the user logs in
Log a user on a line
-
[root
@kafka01 usergroup]
# tail -3 /etc/passwd
-
-
mysql:
x:
27
:
27
:MariaDB
Server:/var/lib/
mysql:/sbin/nologin
-
-
chaochao:
x:
1001
:
1001
:
:/home/chaochao
:/bin/bash
-
-
sc1:
x:
1002
:
1002
:
:/home/sc1
:/bin/bash
Use: to split
Field 1: User name
Field 2: User password field and password placeholder
Field 3: User ID --> Unique, the common user UIDs created are all + 1 based on the previous user
Field 4: The ID of the base group to which the user belongs --> A group with the same name is created by default when the user creates the group, which becomes the user's base group - g can be specified
Field 5: User's description'--> Default is empty - c can be specified
Field 6: Home directory-d can be specified
Field 7: Login shell information - s can be specified
Exercise: #Intercept the seventh field and find out several
sort first sorts the same text together, then uniq weighting (uniq weighting only removes the same items that are next to each other)
-
[root
@kafka01 usergroup]
# awk -F: '{print $7}' /etc/passwd|sort|uniq
-
-
/bin/bash
#Normal shell
-
-
/bin/false
#Prevent users from logging on
-
-
/bin/sync
#Memory cache synchronization to disk
-
-
/sbin/halt
#
-
-
/sbin/nologin
-
-
/sbin/shutdown
useradd command
Format: useradd [options]... username
Common Command Options
-u: Specify UID tag number
-d: Specify the host directory, default is/home/user name
-e: Specify account expiration time
-g: The base group name (or GID number) of the specified user
-G: Additional group name (or GID number) for the specified user
-M: Do not create and initialize host directories for users
-s: The login Shell for the specified user
-c: User Note Description Information
-r: New system user, no new home directory
Specify Login-s
-
[root
@sc usergroup]
# useradd -s /sbin/nologin sc3 #Logon Prohibited
-
-
[root
@sc usergroup]
# tail -1 /etc/passwd
-
-
sc3:
x:
1063
:
1063
:
:/home/sc3
:/sbin/nologin
-
-
[root
@sc usergroup]
# echo 123456|passwd sc3 --stdin #Specify Password
-
-
Change User sc3 Password.
-
-
passwd: All authentication tokens have been successfully updated.
Remote login command xshell in ssh linux
Remote login to host using sc3 user
-
[root@sc usergroup]# ssh sc3@
192.168.
0.204 -p
2233
-
-
The authenticity
of host
'[192.168.0.204]:2233 ([192.168.0.204]:2233)' can't be established.
-
-
ECDSA
key fingerprint
is SHA256:JccgoJ9N7Tel3N/Zehpgraddu8nLaQUlepsJrQNX34c.
-
-
Are you sure you want
to
continue connecting (yes/no/[fingerprint])? yes
-
-
Warning: Permanently added
'[192.168.0.204]:2233' (ECDSA) to the list of known hosts.
-
-
sc3@
192.168.
0.204
's password:
-
-
Connection closed
by
192.168.
0.204 port
2233
-
-
[root@sc usergroup]# su - sc3
-
-
This account
is currently
not available.
Change user password
-
[root
@sc usergroup]
# useradd -s /bin/false sc4
-
-
[root
@sc usergroup]
# echo 123456|passwd sc4 --stdin
-
-
passwd: All authentication tokens have been successfully updated.
-
-
[root
@sc usergroup]
# su - sc4
-
-
[root
@sc usergroup]
# ssh sc4@192.168.0.204 -p 2233
-
-
sc4
@192.
168.0.
204
's password:
-
-
Last login: Tue Aug 3 11:23:46 2021
-
-
Connection to 192.168.0.204 closed.
-
-
-c Specify description information
-
[
root@sc ~]
# useradd -c "this is sc5" sc5
-
-
[
root@sc ~]
# tail -1 /etc/passwd
-
-
sc5:x:
1065:
1065:
this
is sc5:/home/sc5:/bin/bash
-d Specify home directory
-
[root
@sc ~]
# useradd -d /tmp/sc6 sc6
-
-
[root
@sc ~]
# tail -1 /etc/passwd
-
-
sc6:
x:
1066
:
1066
:
:/tmp/sc6
:/bin/bash
-
-
[root
@sc ~]
# su - sc6
-
-
[sc6
@sc ~]
$ pwd
-
-
/tmp/sc6
-g Specify group
-
[root
@sc ~]
# useradd -g sc1 sc7
-
-
[root
@sc ~]
# id sc7
-
-
uid=
1067(sc7) gid=
1061(sc1) group=
1061(sc1)
-
-
[root
@sc ~]
# tail -1 /etc/passwd
-
-
sc7:
x:
1067
:
1061
:
:/home/sc7
:/bin/bash
-u / --u id Specifies user creation id
-
#-u is a short option
-
-
#--uid is a long option
-
-
[root
@sc ~]
# useradd --uid 2000 sc8
-
-
[root
@sc ~]
# tail -1 /etc/passwd
-
-
sc8:
x:
2000
:
2000
:
:/home/sc8
:/bin/bash
-M does not create and initialize a host directory for the user
-
[root
@kafka01 home]
# useradd -M sc4
-
-
[root
@kafka01 home]
# cd /home
-
-
[root
@kafka01 home]
# ls
-
-
admin chaochao sc1 sc2 sc3
-
-
[root
@kafka01 home]
# tail -1 /etc/passwd
-
-
sc4:
x:
1005
:
1005
:
:/home/sc4
:/bin/bash
-e: Specify account expiration time
-
[root@kafka01 usergroup]
# useradd -e "2021-07-01" sc5
-
-
[root@kafka01 usergroup]
# su - sc5
-
-
# Set sc5 password
-
-
[root@kafka01 ~]
# passwd sc5
-
-
Changing password
for user sc5.
-
-
New password:
-
-
BAD PASSWORD: The password
is shorter than
8 characters
-
-
Retype
new password:
-
-
passwd: all authentication tokens updated successfully.
-
-
# Remote connection sc5
-
-
[root@kafka01 ~]
# ssh sc5@172.26.41.201
-
-
The authenticity
of host
'172.26.41.201 (172.26.41.201)' can
't be established.
-
-
ECDSA key fingerprint is SHA256:BVYuFBUnGylWL8m6WdJS/lO2N4DpkA8l4AGQsx0L6lw.
-
-
ECDSA key fingerprint is MD5:f5:3c:e3:98:ed:dd:d8:66:44:3e:41:e5:e9:d4:5f:2d.
-
-
Are you sure you want to continue connecting (yes/no)? ^[[A^[[D^[[C
-
-
Please type '
yes
' or '
no
': yes
-
-
Warning: Permanently added '
172.26
.41
.201
' (ECDSA) to the list of known hosts.
-
-
sc5@172.26.41.201's password:
-
-
Your account has expired; please contact your system administrator
-
-
Authentication failed.
-g and-G
-g: The base group name (or GID number) of the specified user
-G: Additional group name (or GID number) for the specified user
-
[root
@kafka01 ~]
# useradd -g sc4 -G sc3,sc5 sc6
-
-
[root
@kafka01 ~]
# id sc6
-
-
uid=
1007(sc6) gid=
1005(sc4) groups=
1005(sc4),
1004(sc3),
1006(sc5)
-
-
[root
@kafka01 ~]
# less /etc/group
-
-
sc1:
x:
1002:
-
-
sc2:
x:
1003:
-
-
sc3:
x:
1004
:sc6
-
-
sc4:
x:
1005:
-
-
sc5:
x:
1006
:sc6
Userdel-r username-->Remove all home and local mail directories
-
[root
@kafka01 usergroup]
# cd /home
-
-
[root
@kafka01 home]
# ls
-
-
admin chaochao sc1 sc2 sc3 sc5 sc6
-
-
[root
@kafka01 usergroup]
# userdel -r sc6
-
-
[root
@kafka01 usergroup]
# cd /home
-
-
[root
@kafka01 home]
# ls
-
-
admin chaochao sc1 sc2 sc3 sc5
-
-
[root
@kafka01 home]
#
usermod command
Format: usermod [options]... username
Common Command Options
-l: Change the login name of the user account
-
[root
@kafka01 home]
# usermod -l sanchuang03 sc3
-
-
[root
@kafka01 home]
# ls
-
-
admin chaochao sc1 sc2 sc3 sc5
-
-
[root
@kafka01 home]
# tail -1 /etc/passwd
-
-
sanchuang03:
x:
1004
:
1004
:
:/home/sc3
:/bin/bash
-
-
[root
@kafka01 home]
#
-L: Lock user accounts
-
[root
@kafka01 home]
# usermod -L sc3
-
-
sc3:!!
:
18842
:
0
:
99999
:
7
:
::
-
-
# Account lockout means adding one before the password!
-
-
# This will cause a password mismatch when the user logs in
-U: Unlock user accounts
-
[root
@kafka01 home]
# usermod -p 123456 sc3
-
-
[root
@kafka01 home]
# usermod -U sc3
-
-
[root
@kafka01 home]
# less /etc/shadow
-
-
sc3:
123456
:
18843
:
0
:
99999
:
7
:
:
:
The following options have the same meaning as the useradd command
-u,-d,-e,-g,-G,-s
Practice
1. Write to create sanchuang01-sanchuang25
2. Write batch deletion sanchuang01-25, deletion exists, deletion does not exist, output does not exist
Establish:
Method One
-
[root@kafka01 usergroup]
# cat sanchuang.sh
-
-
#!/bin/bash
-
-
-
-
for i
in $(
seq -w 1 25)
-
-
do
-
-
if
id sanchuang
$i &>/dev/null
-
-
then
-
-
echo
"sanchuang$i has exsted"
-
-
else
-
-
useradd sanchuang
$i
-
-
echo
"sanchuang$i Created successfully"
-
-
fi
-
-
done
Method 2:
-
#!/bin/bash
-
-
id sanchuang
$i &>/dev/null &&
echo
"user sanchuang$i Already exists" || useradd sanchuang
$i
-
-
Delete:
-
-
#!/bin/bash
-
-
-
-
for i
in $(
seq -w 1 20)
-
-
do
-
-
id sanchuang
$i &>/dev/null && userdel -r sanchuang
$i &
echo
"sanchuang$i Deleted" ||
echo
"sanchuang$i Non-existent"
-
-
done
passwd command
Format: passwd [options]... username
Common Command Options
-d: Empty the user's password so that it can switch users without a password
-l: Lock the user account number
-S: View the status of the user account (whether locked)
-u: unlock user account number
--stdin: Receive another command, stdout, to set the password for stdin standard input
root users can modify all user passwords without requiring complexity
Ordinary users can only change their passwords, requiring complexity
[root@mysql-binary mail]# passwd sanchuang2
Change the password of user sanchuang2.
New password:
Invalid password: password less than 8 characters
Re-enter the new password:
passwd: All authentication tokens have been successfully updated.
[root@mysql-binary mail]# passwd -l sanchuang2
Lock the password for user sanchuang2.
passwd: Operation successful
#usermod and passwd lock accounts are both shadow-encrypted field information that modifies the accounts so that their passwords do not match when they log on and reach a locked state
#usermod plus one!
#passwd plus two!
group related commands
groupadd New Group
groupdel delete group
[root@kafka01 ~]# groupadd -g 20001 g1
[root@kafka01 ~]# less /etc/group
[root@kafka01 ~]# tail -1 /etc/group
g1:x:20001:
[root@kafka01 ~]# groupdel g1
[root@kafka01 ~]# tail -1 /etc/group
sanchaung09:x:1036:
groupadd command
Format: group add [-g GID] group account name
groupdel command
Format: groupdel group account name
[root@mysql-binary ~]# groupadd -g 5000 sanle
[root@mysql-binary ~]# less /etc/group
[root@mysql-binary ~]# groupdel sanle
[root@mysql-binary ~]# less /etc/group
groupmod command
Purpose: Set group name and group id
Format: groupmod [options]... group account name
Common Command Options
-n: modify the group name
-g: modify group id
selinux(security Linux)
A security program in #linux system
#There are many default rules
#For example, useradd can only create a home directory at/home
# SELINUXTYPE= can take one of three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
#No fish till water is clear--open one eye-selinux-no sand in eyes
selinux rules are very large and cumbersome and are generally turned off in daily work
Temporarily Closed
[ sc6@sc ~]$getenforce #Get the status of selinux
Disabled
[ sc6@sc ~]$setenforce 0 #Temporarily set to relaxed 0-->Temporarily close 1--->on behalf of enforcing
setenforce: SELinux is disabled
Permanent shutdown
[sc6@sc ~]$ vim /etc/selinux/config
SELINUX=disabled
Server restart will take effect
Directories and files about users and groups
passwd and shadow
/etc/passwd to store user information related files
/etc/shadow to store user password related files
Two backup files: /etc/passwd- /etc/shadow-
Group related files
/etc/group -->Stores group information
/etc/gshadow -->Stores the group password
/etc/group-and/etc/gshadow-backup files
/etc/skel
New user, copy to user's home directory
-rw-r--r--. 1 root root 18 Oct 31 2018 .bash_logout
-rw-r--r--. 1 root root 193 Oct 31 2018 .bash_profile
-rw-r--r--. 1 root root 231 Oct 31 2018 .bashrc
The above three files are three scripts, which execute at special times
.bash_logout user executes each time he or she logs out
.bash_profile user performs user personalized environment configuration each time they log on
.bashrc is executed every time a user enters a new environment
Configure these files in your #home directory for the current user only
Commonly used for personalization
-
[sc1
@kafka01
~]$ ls
-al
-
-
total
24
-
-
drwx
------ 2 sc1 sc1 4096 Aug 4 16:49 .
-
-
drwxr
-xr
-x.
8 root root
4096 Aug
4
16:
23 ..
-
-
-rw
------- 1 sc1 sc1 44 Aug 5 09:57 .bash_history
-
-
-rw
-r
--r-- 1 sc1 sc1 18 Oct 31 2018 .bash_logout
-
-
-rw
-r
--r-- 1 sc1 sc1 193 Oct 31 2018 .bash_profile
-
-
-rw
-r
--r-- 1 sc1 sc1 231 Oct 31 2018 .bashrc
.bash_history Record History Commands Used Before Logging Out
User Default Property Settings File
/etc/login.defs file
Initial property settings for the account
Set UID and GID ranges for normal users, etc.
/etc/login.defs
PASS_MAX_DAYS 99999 #Default password expiration days
PASS_MIN_DAYS 0
PASS_MIN_LEN 5
PASS_WARN_AGE 7
linux encryption
sha512 algorithm is used by default
Hash algorithm (Hash)--"hash value evaluation
Map any length of input to a fixed length output that is a hash value
Is a one-way encryption technology
hash algorithm: md5 sha1 Sha2 sha256 sha512
less /etc/shaodw
sc2:$6$hd8RxF9i$PpBk2kB7HVmllk8tODKgpQhVekIBWuxnSiS7LP1FxIb2Gsm8jIHb4HJebikz8WYuiJwJ9k2GRjI/dfQvUZ6p30:18842:0:99999:7:::
Use $to split into three fields:
The first field 6 represents the sha512 (hash) algorithm
Second Field Salt Value
Hash value after third field encryption
Password field: $Encryption algorithm id$Salt value$True ciphertext
The crypt function of the kernel is used for the crypt implementation at the bottom level of encryption
>>> import crypt
>>> crypt.crypt("123456","$6$hd8RxF9i")
'$6$hd8RxF9i$PpBk2kB7HVmllk8tODKgpQhVekIBWuxnSiS7LP1FxIb2Gsm8jIHb4HJebikz8WYuiJwJ9k2GRjI/dfQvUZ6p30'
>>>
Expand
who
View local and remote login users
The difference between su and su -
-
[root
@kafka01 usergroup]
# su sc1
-
-
[sc1
@kafka01 usergroup]
$ pwd
-
-
/lianxi/usergroup
-
-
[sc1
@kafka01 usergroup]
$ exit
-
-
exit
-
-
[root
@kafka01 usergroup]
# su - sc1
-
-
Last
login: Thu Aug
5
09:
56:
17 CST
2021 on pts/
0
-
-
[sc1
@kafka01 ~]
$ pwd
-
-
/home/sc1
su switches the user, does not switch the user environment, does not change the current variable
su - is a variable to switch to the user
su can only get root's execute permissions, not environment variables, but su - is to switch to root and get root's environment variables and execute permissions
vsftpd service and local users
#ftp is a file transfer service used to upload and download files for file sharing
https://www.cnblogs.com/mikeguan/p/7118229.html
1. Service Installation
yum install vsftpd
2. Start Services
[root@mysql-binary xulilin]# service vsftpd restart
3. Install Client
Yum install LFTP ftp-y #These are both FTP clients
The vsftpd service in #centos8 does not allow anonymous users to log on by default
#Modify the configuration in /etc/vsftpd/vsftpd.conf if you want to log on using anonymous users (ftp)
anonymous_enable=YES
Restart vsftpd service after modifying configuration file
After login, read the ftp user's home directory file in the system by default
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
ftp: Text Transfer Protocol
Common ftp commands:
Upload file:put
Download file:get
View:ls
Switch Path: cd
-
[root@kafka01 sc3]# service vsftpd restart
-
-
Redirecting
to /bin/systemctl restart vsftpd.service
-
-
[root@kafka01 sc3]# ftp
172.26.
41.201
-
-
Connected
to
172.26.
41.201 (
172.26.
41.201).
-
-
220 (vsFTPd
3.0.
2)
-
-
Name (
172.26.
41.201:root): ftp
-
-
331 Please specify the password.
-
-
Password:
-
-
230 Login successful.
-
-
Remote system type
is UNIX.
-
-
Using
binary mode
to transfer files.
-
-
ftp> ^C
Anonymous and local users can log on to the ftp service, and they can only operate files or folders in their home directory after logging in.
Three types of users:
1. Anonymous users
2. Local Users
3. Virtual Users
How can 10,000 machines be managed?
Environment Normalization--Operating System Unification, Host Name Specification
Network Partitioning
Automation and monitoring based on infrastructure specifications
Practice
1. How do I know if a user exists on a linux system?
id or/etc/passwd
2. How to disable a user from logging on to the linux system
Usermod-L lock
Usermod-e Sets the expiration time
usermod -s /sbin/nologin (bin/false)
3. How to know which groups a user belongs to
id
/etc/passwd
/etc/group fourth field showing which user's affiliated group is this group
4. How do you know which users are now logged in to linux? Which users have logged on to the Linux system?
#Log on to the linux system
who w users
#ever logged on
last lastlog
5. How to reset the password for the user
echo password|passwd username
6. linux's root password has been forgotten
Enter single user mode
1. Turn on, press any key to stop the startup interface, then select the corresponding kernel, press e to edit
2. Find the root line and replace ro with rw init=/sysroot/bin/bash
3. Press Ctrl-x to enter single user mode
4. chroot/sysroot/
5. LANG=en, change the password echo "1234567"|passwd root --stdin or enter passwd
7. How to kick out users who are already logged in to the system? And prevent it from landing again?
1. Find the process number (ps, who am i) and kill it
[root@kafka01 ~]# w
16:50:21 up 2 days, 5:33, 2 users, load average: 0.00, 0.01, 0.05
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root pts/0 113.246.76.120 16:36 5.00s 0.00s 0.00s w
root pts/1 113.246.76.120 16:50 2.00s 0.00s 0.00s -bash
[root@kafka01 ~]# pkill -kill -t pts/1
pkill can kill a specified pseudo-terminal
2. Kick the suspected root login user and change the password immediately
3.sshd—>/etc/hosts.deny hosts.allow -->ip
4./etc/ssh /sshd_ Config -->DenyUsers -->Users
8. How to Make Ordinary User root User
1. Modify passwd file directly, change user's uid to 0, perform shutdown test
(2) usermod-u 0-o user name, add-o option, otherwise the prompt already exists.
9. Create directories/tech/cali and/tech/sanle, which are used to store the host directories of user accounts in project groups, respectively.
Add group accounts cali and sanle for the two project groups, with GID numbers 1001 and 1002, respectively. Add group account number tech for Technology Department, GID number is 200;
Add two users, B1 and b2, respectively, requiring their basic group to be Cali and their additional group to be tech. The Host Directory uses folders with the same name as the account number in the / tech/cali directory (for example, the host directory of B1 users/tech/cali/b1); Among them, the B2 user account settings will expire after 12-31, 2012;
Add two users, A1 and a2, requiring their basic group to be Sanle and the additional group to be tech. Host directories use folders in the / tech/sanle directory with the same name as the account number (e.g. A1 user's host directory / tech/cali/a1); Where the shell for A2 user account login is/bin/ksh
All new user passwords are 123456;
-
[root
@chaochao ~]
# mkdir -p /tech/cali /tech/sanle
-
-
[root
@chaochao ~]
# groupadd -g 1001 /tech/cali
-
-
groupadd: "/tech/cali"Not a valid group name
-
-
[root
@chaochao ~]
# groupadd -g 1001 cali
-
-
groupadd: GID "
1001"Already exists
-
-
[root
@chaochao ~]
# groupadd -g 1002 cali
-
-
[root
@chaochao ~]
# groupadd -g 1003 sanle
-
-
[root
@chaochao ~]
# groupadd -g 200 tech
-
-
[root
@chaochao ~]
# useradd -g cali -G tech -d /tech/cali/b1 b1
-
-
[root
@chaochao ~]
# useradd -g cali -G tech -d /tech/cali/b2 -e "2012-12-31" b2
-
-
[root
@chaochao ~]
# useradd -g sanle -G tech -d /tech/sanle/a1 a1
-
-
[root
@chaochao ~]
# useradd -g sanle -G tech -d /tech/sanle/a2 -s /bin/ksh a2
-
-
[root
@chaochao ~]
# echo 123456|passwd a1 --stdin
-
-
Change User a1 Password.
-
-
passwd: All authentication tokens have been successfully updated.
-
-
[root
@chaochao ~]
# echo 123456|passwd a2 --stdin
-
-
Change User a2 Password.
-
-
passwd: All authentication tokens have been successfully updated.
-
-
[root
@chaochao ~]
# echo 123456|passwd b1 --stdin
-
-
Change User b1 Password.
-
-
passwd: All authentication tokens have been successfully updated.
-
-
[root
@chaochao ~]
# echo 123456|passwd b2 --stdin
-
-
Change User b2 Password.
-
-
passwd: All authentication tokens have been successfully updated.
-
-
[root
@chaochao ~]
# less /etc/passwd
-
-
b1:
x:
1002
:
1002
:
:/tech/cali/b1
:/bin/bash
-
-
b2:
x:
1003
:
1002
:
:/tech/cali/b2
:/bin/bash
-
-
a1:
x:
1004
:
1003
:
:/tech/sanle/a1
:/bin/bash
-
-
a2:
x:
1005
:
1003
:
:/tech/sanle/a2
:/bin/ksh