初学者linux_在Linux中管理用户和组的初学者指南

初学者linux

Ubuntu Linux uses groups to help you manage users, set permissions on those users, and even monitor how much time they are spending in front of the PC. Here’s a beginner’s guide to how it all works.

Ubuntu Linux使用组来帮助您管理用户，设置这些用户的权限，甚至监视他们在PC前面花费的时间。这是这一切的初学者指南。

用户和组 (Users and Groups)

Ubuntu is set up for a single person to use when you installed it in your system, but if more than one person will use the computer, it is best for each person to have their own user account. This way each person can have separate settings and documents, and files can be protected from being viewed by the other users on the same PC.

在将Ubuntu安装到系统中时，Ubuntu可以供一个人使用，但是如果要使用一个以上的人，则每个人最好拥有自己的用户帐户。这样，每个人都可以拥有单独的设置和文档，并且可以保护文件，以防止同一台PC上的其他用户查看文件。

Normally Linux computers have two user accounts—your own user account, and the root account, which is the super user that can access everything on the PC, make system changes, and administer other users. Ubuntu works a little differently, though—you can’t login directly as root by default, and you use the sudo command to switch to root-level access when you need to make a change.

通常，Linux计算机有两个用户帐户-您自己的用户帐户和root帐户，root帐户是可以访问PC上的所有内容，进行系统更改和管理其他用户的超级用户。不过，Ubuntu的工作原理有所不同-默认情况下，您无法直接以root用户身份登录，并且在需要进行更改时，可以使用sudo命令切换到root级访问权限。

Linux stores a list of all users in the ‘/etc/groups’ file. You can run this command in the Terminal to to view and edit the groups and users in your system:

Linux将所有用户的列表存储在“ / etc / groups”文件中。您可以在终端中运行以下命令以查看和编辑系统中的组和用户：

sudo vigr /etc/groups

sudo vigr /etc/groups

创建用户帐户 (Creating User Accounts)

To create a new user, you can head to System –> Administration -> User and Groups, and click the “Add” button to add a new user.

要创建新用户，您可以转到系统->管理->用户和组，然后单击“添加”按钮添加新用户。

Give the appropriate name that identifies the other user and tick the “encrypt” checkbox to secure their home folder.

输入标识其他用户的适当名称，然后选中“加密”复选框以保护其主文件夹。

Click the “Advanced Settings” button to configure the user’s privileges.

单击“高级设置”按钮以配置用户的权限。

The user management module lists Anna’s privileges under the “User Privileges” tab.

用户管理模块在“用户权限”选项卡下列出了Anna的权限。

We recommend that you remove the “Administer System” privilege from other user accounts. This is to make sure that other users cannot easily change critical system settings that may jeopardize your Linux box.

我们建议您从其他用户帐户中删除“管理系统”特权。这是为了确保其他用户不能轻易更改可能危及Linux系统的关键系统设置。

Linux文件和文件夹权限 (Linux File and Folder Permissions)

Each file in Linux has a set of user and group permissions, and you can use the ls -l command to show the full set of permissions and attributes from the terminal.

Linux中的每个文件都有一组用户和组权限，您可以使用ls -l命令从终端显示完整的权限和属性集。

Reading from left to right, each item in the list means:

从左到右阅读，列表中的每个项目表示：

<permissions> 1 <file owner> <file group> <file size> <file date> <file name>

<权限> 1 <文件所有者> <文件组> <文件大小> <文件日期> <文件名>

For instance, in the example showing a file named anki, the permissions are rwxr-xr-x, the file is owned by the root user and belongs to the root group, and it’s 159 bytes.

例如，在显示名为anki的文件的示例中，权限为rwxr -xr-x，该文件由root用户拥有，并且属于root用户组，并且为159个字节。

The permission flag has four components, the first character being the flag, usually used to indicate whether it’s a directory or a file—a directory would show a “d” and a regular file will show a “-“. The next 9 characters are broken up into sets of 3 characters, which indicate user, group, and everyone permissions.

许可标志包含四个部分，第一个字符是标志，通常用于指示它是目录还是文件-目录将显示“ d”，而常规文件将显示“-”。接下来的9个字符分成3个字符的集合，分别表示用户，组和每个人的权限。

<flag><user permissions><group permissions><everyone permissions>

<flag> <用户权限> <组权限> <所有人权限>

In this particular example, we’ve got rwxr-xr-x, which can be broken up like this:

在这个特定示例中，我们得到了rwxr-xr-x，可以将其分解为：

<flag><user permissions = rwx><group permissions = r-x><everyone permissions = r-x>

<flag> <用户权限= rwx> <组权限= rx> <每个人权限= rx>

The permissions correspond to the following values:

权限对应于以下值：

r = read permission
r =读取权限
w = write permission
w =写入权限
x = execute permission
x =执行权限

This means that for the file in question, everybody has read and execute permissions, but only root has access to write to the file.

这意味着对于有问题的文件，每个人都有读取和执行权限，但只有root有权访问该文件。

更改文件和目录的组所有权 (Changing Group Ownership of Files and Directories)

Anna is a 7th grader and her brother Peter just enrolled in a programming course in a university. Anna will be more interested to use the educational software for her mathematics or geography homework, compared to Peter who is more interested to use software development tools.

安娜(Anna)是一名7年级生，她的兄弟彼得(Peter)刚刚在大学里修读编程课程。与对使用软件开发工具更感兴趣的彼得相比，安娜对使用教育软件进行数学或地理作业更感兴趣。

We can configure Anna’s and Peter’s access to these applications by assigning them to the appropriate groups from the “Manage Groups” module.

通过从“管理组”模块将它们分配给适当的组，我们可以配置Anna和Peter对这些应用程序的访问。

Let’s create two user groups, a K-12 student group, a University student group, and assign the appropriate user accounts to each group.

我们创建两个用户组，一个K-12学生组，一个大学学生组，并为每个组分配适当的用户帐户。

We should give the K-12 students the privileges to run the educational software.

我们应该给予K-12学生运行教育软件的特权。

Linux stores most of the executables under /usr/bin, for example, Linux stores Anki under /usr/bin/anki. If you’re not sure where a file is located, the which command is a convenient way to find out the location from the terminal:

Linux将大多数可执行文件存储在/ usr / bin下，例如，Linux将Anki存储在/ usr / bin / anki下。如果不确定文件位于何处，可以使用w hich命令从终端查找位置：

which anki

which anki

Let’s assign Anki and Kig to the k12 group using the chown command, which uses the following format:

让我们使用chown命令将Anki和Kig分配给k12组，该命令使用以下格式：

sudo chown :[group name] [files list]

sudo chown :[group name] [files list]

You can also revoke the read and execute access from other user groups using the chmod command.

您还可以使用chmod命令撤消其他用户组的读取和执行访问。

sudo chown :[group name] [files list]

sudo chown :[group name] [files list]

This command gives the member of K12 group access to Anki and Kig. We should restrict the access rights of the university group from Anki and Kig by removing the read and execute permission from the “Other” groups. The format of the command is:

此命令使K12组的成员可以访问Anki和Kig。我们应该从“其他”组中删除读取和执行权限，从而限制Anki和Kig对大学组的访问权限。该命令的格式为：

chmod [ugoa][+-=][rwxXst] fileORdirectoryName

chmod [ugoa][+-=][rwxXst] fileORdirectoryName

The first command that we executed in the command line removes the read (r) and execute (x) privilege from the “Other” group. The “O” option indicates that we are modifying the access right of the Other group. The ‘-‘ option means that we want to remove certain file permissions specified in the parameters that follow the ‘-‘ option. The man page of chmod gives a detailed explanation of these options.

我们在命令行中执行的第一条命令从“其他”组中删除了读取(r)和执行(x)特权。 “ O”选项表示我们正在修改“ 其他”组的访问权限。 “-”选项意味着我们要删除“-”选项后面的参数中指定的某些文件权限。 chmod的手册页提供了有关这些选项的详细说明。

man chmod

man chmod

监控计算机使用率 (Monitoring Computer Usage)

Timekpr allows us to set give each user a limited amount of computing time, and you’ll need to add the following PPA to your software sources so that you can install Timekpr from the Ubuntu Software Center.

Timekpr允许我们设置给每个用户有限的计算时间，并且您需要在软件源中添加以下PPA，以便可以从Ubuntu软件中心安装Timekpr。

deb http://ppa.launchpad.net/timekpr-maintainers/ppa/ubuntu lucid main deb-src http://ppa.launchpad.net/timekpr-maintainers/ppa/ubuntu lucid main

deb http://ppa.launchpad.net/timekpr-maintainers/ppa/ubuntu lucid main deb-src http://ppa.launchpad.net/timekpr-maintainers/ppa/ubuntu lucid main

Ubuntu Software Center is the easiest way to install Timekpr—just use the search box and it should come right up.

Ubuntu软件中心是安装Timekpr的最简单方法，只需使用搜索框，它便会出现。

Timekpr allows us to limit the computer usage time by a certain time frame on each day of the month. For example, we can specify the computer time usage for 300 minutes on Sunday and 60 minutes on Monday.

通过Timekpr，我们可以在每月的每个特定时间段内限制计算机使用时间。例如，我们可以将计算机时间使用情况指定为星期日300分钟和星期一60分钟。

Timekpr will appear on the user’s task bar and lock the desktop when the computing time of the user is up.

当用户的计算时间到时，Timekpr将出现在用户的任务栏上并锁定桌面。

User and Groups is quite a big concept to cover within one article. Did we miss something important ? Feel free to share some knowledge with the other readers in the comments.

用户和组是一个相当大的概念，需要在一篇文章中介绍。我们错过了重要的事情吗？随时在评论中与其他读者分享一些知识。

翻译自: https://www.howtogeek.com/howto/36845/the-beginners-guide-to-managing-users-and-groups-in-linux/