aix里面useradd和mkuser有什么区别

应该没有什么多大的区别：

useradd是IBM公司为了让aix的命令能够与linux的命令想接近，才增加的的一个命令。

useradd和mkuser 创建的新用户都是默认值，如果想改变属性，还的用chuser命令。

转自aixchina。

还没有具体看过,呵呵.不过给你贴份我的收藏.

主流服务器UNIX *** 作系统用户帐号的设置

账号设置 HP-UX FreeBSD Solaris (SPARC)

密码文件 /etc/passwd

/tcb/files/auth/r/root /etc/passwd

/etc/master.passwd /etc/passwd

/etc/shadow

组文件 /etc/group

/etc/logingroup /etc/group /etc/group

允许最大用户ID 2147483647 65535 2147483647

允许远程登录的用户文件设置 /etc/securetty

{console} /etc/ttys

{secure} /etc/default/login

{CONSOLE=/dev/console}

Nobody的UID -2 65534 60001 &65534(nobody4)

Nobody的GID -2(nogroup) 65534 60002 &65534(nogroup)

找回ROOT密码 >boot

Interact with IPL ? Y

ISL>hpux -iS

passwd root ok boot -s

passwd root boot cdrom -s

mkdir /tmp/a

mount /dev/c0t0d0s0 /tmp/a

vi /tmp/a/etc/shadow

创建新用户 useradd adduser Useradd

删除用户 userdel rmuser Userdel

列出用户 logins Logins

修改用户账号 usermod Usermod

账号设置 AIX Linux( RedHat )

密码文件 /etc/passwd

/etc/security/passwd /etc/passwd

/etc/shadow

组文件 /etc/group

/etc/security/group /etc/group

允许最大用户ID 4294967295 65535

允许远程登录的用户文件设置 /etc/security/user

{rlogin=true} /etc/securetty

{ttyp1}

Nobody的UID 4294967294 99

Nobody的GID 4294967294 99

找回ROOT密码 Boot from CD/Tape

Installation/Maintenance

Start Limited Shell

getrootfs hdisk0

vi /etc/security/passwd {lilo}

control-x

linux S

passwd root

{grub}

c

kernel vmlinuz-2.4.9-13 single ro root=/dev/hda8

initrd /initrd-2.4.9-13.img

boot

passwd root

创建新用户 mkuser Useradd

删除用户 rmuser Userdel

列出用户 lsuser -f ALL

修改用户账号 chuser -a usermod

主流服务器UNIX *** 作系统目录结构对比

Directory Mappings AIX FreeBSD HP-UX

Root filesystem / {/dev/hd4} / {/dev/ad0s1a} / {/dev/vg00/lvol1}

Home Directory /home {/dev/hd1} /home {/dev/vg00/lvol4}

/tmp {/dev/hd3} /tmp {/dev/vg00/lvol6}

/usr {/dev/hd2} /usr {/dev/ad0s1f} /usr {/dev/vg00/lvol7}

/var {/dev/hd9var} /var {/dev/ad0s1e} /var {/dev/vg00/lvol8}

Sample configuration files - /usr/newconfig

Directory Mappings Linux( RedHat ) Solaris Tru64

Root filesystem / {/dev/sda1} / {/dev/vx/dsk/rootvol} /{/dev/rz0a}

Home Directory /export/home {dev/vx/dsk/home}

/tmp {dev/vx/dsk/swapvol}

/usr /usr {/dev/rz0g}

/var

Sample configuration files

主流服务器UNIX *** 作系统常用命令

General Commands AIX FreeBSD HP-UX Linux(RedHat) Solaris Tru64

Unique host ID Hostid uname -i hostid hostid hostid

Administrator Smit Sam linuxconf admintool netconfig

Performance monitor Topas(有过top)

monitor top Top

glance Top top top

System activity reporter Sar sa Sar sar

Virtual Memory statistics Vmstat vmstat vmstat vmstat vmstat vmstat

I/O statistics Iostat iostat iostat iostat iostat

Error logs alog -o -t boot

errpt dmesg dmesg Dmesg dmesg uerf -R -o full

Physical RAM 1M TB4TB 64GB{>2.3.24} 16TB 4TB

Shared Memory 64K TB8TB sysctl kernel.shmmax

Process Data Space 384K TB4TB 900 MB

Swap device /dev/hd6 /dev/ad0s1b /dev/vg00/lvol2 /dev/sda2 /dev/vx/dsk/swapvol /dev/rz0b

Swap file type /etc/swapspaces swap swap partition type 82 swap raw

Display swap size lsps –a swapinfo swapinfo -a Free swap -l swapon -s

Activate Swap swapon -a swapon -a swapon -a swapon -a swap -a swapon -a

主流服务器UNIX *** 作系统打印机、TCP/IP设置

Printers AIX FreeBSD HP-UX

Printer Queues /etc/qconfig /var/spool/print /etc/lp/interface/*

Stop LP stopsrc -s lpd lpshut

Start LP startsrc -s lpd Lpd lpsched

Submit print jobs enq

lp

lpr

qprt Lp lp

LP statistics enq -A

lpq

lpstat

qchk Lpq lpstat

Remove print jobs cancel

lprm

qcan

enq –x Cancel

lprm cancel

Add printer queue smit mkpq lpadmin -p pq

Remove Printer Q smit rmpq lpadmin -x pq

Make default Prt export LPDEST="pq" lpadmin -d pq

TCP/IP AIX FreeBSD HP-UX

Network IP configuration lsattr -E -l inet0 /etc/rc.conf /etc/rc.config.d/netconf

Hosts IP addresses /etc/hosts /etc/hosts /etc/hosts

Name service switch /etc/netsvc.conf /etc/host.conf /etc/nsswitch.conf

Network parameters no –a Sysctl ndd -h

Routing daemon Gated Routed gated

NIC Configurations ifconfig –a ifconfig -a lanscan -v

Secondary IP Addr ifconfig en0 alias IP ifconfig xl0 alias IP ifconfig lan0:1 IP

(solaris also)

Login prompt HERALD @

/etc/security/login.cfg telnetd –b /etc/issue

Increase the # of pseudo-terminals odmget -q "attribute=num and uniquetype=pty/pty/pty" PdAt | sed "s/0-64/0-512/" |

odmchange -q "attribute=num and uniquetype=pty/pty/pty" -o PdAt

chdev -l pty0 -anum=256 -P

reboot rebuild your kernel with these new values NPTY=#

NSTRPY=#

reboot

insf -d ptys -n #

insf -d ptym -n #

insf -d pts -s # -e -v

Maximum # of ptys 512 {MAXUSERS}

Remote Shell Remsh

rsh Rsh remsh

YP/NIS service binder /usr/lib/netsvc/yp/ypbind /usr/sbin/ypbind /usr/lib/netsvc/yp/ypbind

主流服务器UNIX *** 作系统打印机、TCP/IP设置 续

Printers Linux (Redhat) Solaris (SPARC) Tru64

Printer Queues /var/spool/lpd/lp/* /etc/lp/interfaces/* /usr/spool/lpd

Stop LP /etc/init.d/lpd stop /usr/lib/lp/lpshut /sbin/init.d/lpd stop

Start LP /etc/init.d/lpd start /usr/lib/lp/lpsched /sbin/init.d/lpd start

Submit print jobs Lpr Lp

lpr Lp

lpr

LP statistics Lpq Lpstat Lpstat

Remove print jobs Lprm Cancel

lprm cancel

lprm

Add printer queue Printtool lpadmin -p pq Lprsetup

Remove Printer Q lpadmin -x pq Lprsetup

Make default Prt lpadmin -d pq export PRINTER="lp"

TCP/IP Linux( RedHat ) Solaris (SPARC) Tru64

Network IP configuration /etc/sysconfig/network-scripts/ /etc/hostname.*

/etc/inet/*

/etc/defaultrouter /etc/rc.config

Hosts IP addresses /etc/hosts /etc/inet/hosts /etc/hosts

Name service switch /etc/nsswitch.conf /etc/nsswitch.conf /etc/svc.conf

Network parameters sysctl -a | grep net Ndd /dev/[tcp|ip] ?

Routing daemon routed in.routed routed

NIC Configurations ifconfig -a ifconfig –a ifconfig -a

Secondary IP Addr modprobe ip_alias

ifconfig eth0:1 IP ifconfig hme0:1 IP up ifconfig ln0 alias

Login prompt /etc/issue BANNER @

/etc/default/telnetd /etc/issue

Increase the # of pseudo-terminals cd /dev

./MAKEDEV -v pty {/etc/system}

set pt_cnt = # {SYSV}

set npty = # {BSD}

{/etc/iu.ap}

ptsl 0 # ldterm ttcompat

halt

boot –r cd /dev

./MAKEDEV PTY_1

Maximum # of ptys 256 176 {BSD}

3000 {SYSV} 8192

Remote Shell rsh Rsh rsh

YP/NIS service binder /sbin/ypbind /usr/lib/netsvc/yp/ypbind /usr/sbin/ypbin

主流服务器UNIX *** 作系统系统文件

System Files AIX FreeBSD HP-UX

NFS exported /etc/exports /etc/exports /etc/exports

NFS Client mounted directories /etc/xtab /etc/xtab

Max File System 128 GB 128 GB

Max File Size 64 GB 128 GB

Max # File Descriptors 64 K 60~ K

System Files Linux (RedHat) Solaris Tru64

NFS exported /etc/exports /etc/dfs/dfstab

/etc/dfs/sharetab /etc/exports

NFS Client mounted directories /var/lib/nfs/xtab /etc/rmtab /var/adm/mountdtab

Max File System 2 TB 1 TB

8000 TB {vxfs} 128 GB {<= 3.2G}

512 GB {>= 4.0}

16 TB {advfs}

Max File Size 2 GB{512B block size}

8192 GB {8KB block size} 1 TB

2 GB {=<2.5.1} 128 GB {<= 3.2G}

512 GB {>= 4.0}

16 TB {advfs}

Max # File Descriptors sysctl fs.file-max 64 K 64 K

主流服务器UNIX *** 作系统磁盘与逻辑卷命令

DISK/LVM Commands AIX FreeBSD HP-UX

Filesystem table /etc/filesystems /etc/fstab /etc/fstab

Free disk blocks df -k df -k Bdf

Device listing lsdev -C /sbin/ioscan

Disk information bootinfo -s hdisk# fdisk -v ad0 diskinfo /dev/rdsk/c#t#d#

Disk Label lspv -l hdisk# disklabel ad0 pvdisplay -v /dev/dsk/C#t#d#

LVM Concepts Partition sub disk logical extents

Volume Volume logical volume

Plex

Volume group volume group

Journal Filesystem type jfs Vxfs

Default volume group /dev/rootvg /dev/vg00

Display volume group lsvg -l rootvg vgdisplay -v vg00

Modify physical volume chpv Pvchange

Prepare physical disk mkdev -c disk -l hdisk# pvcreate

List physical volume lspv vinum ld pvdisplay

Remove disk from volume group reducevg vgreduce

Move logical volumes to another physical volumes migratepv vinum move -f drive object pvmove

Create volume group mkvg vgcreate

Remove volume group vgremove

Volume group availability chvg

varyonvg

varyoffvg vgchange

Restore volume group vgcfgrestore

Exports volume group exportvg vgexport

Imports volume group importvg vgimport

Volume group listing lsvg Vgscan 是一样的么？

Change logical volume characteristics chlv lvchange

List logical volume lslv vinum lv lvdisplay

Make logical volume mklv lvcreate

Extend logical volume extendlv lvextend

Reduce logical volume AIX reduce LV Lvreduce 如何用？

Remove logical volume rmlv vinum rm vol lvremove

Prepare boot volumes bootlist -m normal lvlnboot

Remove boot volumes lvrmboot

Extend File system chfs -a size=# /mt extendfs /dev/vg00/lvol8

fsadm -F vxfs -b {LE * 1024} /mt

Reduce/Split mirrors rmlvcopy lvsplit

Merge mirrors lvmerge

Create mirrors mklv -c 2 vinum mirror drive lvcreate -m 1

Add mirrors mklvcopy lv 2lvextend -m 1

Create striped volumes mklv -u 3 -S 64K vinum stripe drive lvcreate -i 3 -I 64

System recovery tape mksysb -i /dev/rmt0 /opt/ignite/bin/make_recovery

Backup savevg -i rootvg vinum saveconfig fbackup

Restore restvgfrecover

主流服务器UNIX *** 作系统磁盘与逻辑卷命令 续

DISK/LVM Commands Linux (RedHat) Solaris (SPARC) Tru64

Filesystem table /etc/fstab /etc/vfstab /etc/fstab

Free disk blocks df -k df –k df -k

Device listing cat /proc/devices Sysdef

Disk information cat /proc/scsi/scsi0/sda/model format -d c#t#d#

format>current

format>inquiry file /dev/rrz0c

Disk Label fdisk -l Prtvtoc disklabel -p rz0

LVM Concepts logical extents sub disk sub disk

logical volume Volume Volume

Plex Plex

volume group disk group disk group

Journal Filesystem type ext2 居然是jfs的？ Vxfs Advfs 居然是jfs的？

Default volume group /dev/vx/dsk/rootdg

居然有 vg？ /dev/vol/rootdg

居然有 vg？

Display volume group vgdisplay -v vxprint -l -g rootdg volprint -l -g rootdg

Modify physical volume pvchange

Prepare physical disk pvcreate vxdiskadd voldiskadd

List physical volume pvdisplay vxprint -dl volprint -dl

Remove disk from volume group vgreduce vxdg rmdisk voldg rmdisk

Move logical volumes to another physical volumes pvmove vxassist move volassist move

Create volume group vgcreate vxdg init voldg init

Remove volume group vgremove

Volume group availability vgchange

Restore volume group vgcfgrestore

Exports volume group vgexport vxdg deport voldg deport

Imports volume group vgimport vxdg import voldg import

Volume group listing vgscan

Change logical volume characteristics lvchange vxedit set voledit set

List logical volume lvdisplay vxprint -vl volprint -vl

Make logical volume lvcreate vxassist make volassist make

Extend logical volume lvextend vxassist growto volassist growto

Reduce logical volume lvreduce vxassist shrinkto volassist shrinkto

Remove logical volume lvremove vxedit rm voledit -g rootdg -rf rm vol1

Prepare boot volumes lilo vxbootsetup

Remove boot volumes

Extend File system resize2fs vxva

mkfs -M

Reduce/Split mirrors lvsplit

Merge mirrors lvmerge

Create mirrors vxassist mirror volassist make vol 100mb mirror=true

Add mirrors

Create striped volumes lvcreate -i 3 -I 64 vxassist make vol 100mb layout=raid5 volassist make vol 100mb layout=stripe

System recovery tape /usr/sys/bin/btcreate

Backup tar cvf /dev/rst0 / ufsdump vdump

Restore tar xvf /dev/rst0

这一列对不对？ ufsrestore vrestore

主流服务器UNIX *** 作系统安装与卸载

Software AIX FreeBSD HP-UX

Install Software installp -a pkg_add swinstall

Uninstall software installp -u pkg_delete swremove

List installed software lslpp -L all pkg_info -a swlist

Verify installed software lppchk -v swlist -l fileset -a state

List all files lslpp -f fileset pkg_info -L package swlist -l file fileset

List installed patches instfix -i swlist -l patch

what /stand/vmunix

Package owner lslpp -w path swlist -l file | grep path

SW Directory /usr/lpp /var/db/pkg /var/adm/sw/

Software Linux (RedHat) Solaris (SPARC) Tru64

Install Software rpm -i package pkgadd setld -l

Uninstall software rpm -e package pkgrm setld -d

List installed software rpm -qa pkginfo setld -i

Verify installed software rpm -V package pkginfo -i

pkginfo -p setld -v

List all files rpm -ql package pkgchk -l package setld -i package

List installed patches patchadd -p dupatch -track -type patch

Package owner rpm -qf file pkgchk -l -p path

SW Directory /var/lib/rpm /var/sadm /var/adm/smlogs

主流服务器UNIX *** 作系统技术支持信息

Links AIX HP-UX Linux (RedHat)

FAQ AIX-FAQ

HP-UX FAQ 这个和我知道的一个？ LINUX FAQ

Online Manual AIX 4.3 Books

HP-UX 11.00 Collection

Linux Documentation Project

Technical Support RS/6000 TechSupport

IT Resource Center

Red Hat support

Phone Number 1-800-CALL-AIX 1-800-633-3600 1-888-REDHAT1

Free Software Bull

HP-UX Ports

Linux Software Map

Certification www.ibm.com

education.hp.com

RHCE

Links FreeBSD Solaris (SPARC) Tru64

FAQ FreeBSD FAQ

Solaris 2 FAQ

Tru64 FAQ

Online Manual FreeBSD Hand Book

Solaris 7 Documentation

Tru64 Documents

Technical Support SunSolve

Alpha Systems Support

Phone Number 1-800-USA-4SUN

Free Software FreeBSD Primary Site

Sun Freeware

Tru64 Demos, Shareware &Freeware

Certification suned.sun.com

ASE Information

主流服务器UNIX *** 作系统其它命令

MISC AIX FreeBSD HP-UX

Startup script /etc/rc /etc/rc /sbin/rc

Kernel /usr/lib/boot/unix_up /kernel /stand/vmunix

Kernel Parameters lsattr -E -l sys0 sysctl -a sysdef kmtune kmsystem

Reconfigure the kernel

chdev -l sys0 -a cd /sys/i386/conf

vi KERNEL

config KERNEL

cd ../../compile\

/KERNEL

make depend

make

make install cd /stand/build\

/usr/lbin/sysadm\

/system_prep -v -s system

vi system

mk_kernel -s system

cd /stand

mv system system.prev

mv vmunix vmunix.prev

mv dlkm dlkm.prev

mv /stand/build\

/system system

kmupdate /stand/build\

/vmunix_test

List modules genkex kldstat kmadmin –s

Load module kldload kmadmin –L

Unload module kldunload kmadmin –U

Initialize system install_assist /stand/sysinstall set_parms initial

Physical RAM bootinfo -r sysctl hw.physmem grep -i Physical\ /var/adm/syslog\

/syslog.log

Kernel Bits bootinfo -k getconf KERNEL_BITS

Crash utility Crash crash Adb

Trace System Calls Syscalls truss tusc

Machine model uname -m

bootinfo -m uname -m model

uname -m

OS Level Oslevel uname -r uname -r

Run Level who –r who -r

Core dump files /var/adm/ras /var/adm/crash

Boot single user Key on service mode/F4

Boot from CD/Tape

Select Maintenance

Limited function Shell ok boot –s >boot

Interact with IPL ? Y

ISL>hpux -iS

Maintenance mode ok boot –as >boot

Interact with IPL ? Y

ISL>hpux -lm

Interrupt Key control-B

Return to console Co

Timezone Management /etc/environment

/etc/profile /etc/localtime /etc/TIMEZONE

NTP Daemon

如何用它？ /etc/ntp.conf

startsrc -s xntpd /etc/rc.conf {xntpd enable="YES"}

/etc/rc.network /etc/rc.config.d\

/netdaemons

/sbin/init.d/xntpd

主流服务器UNIX *** 作系统其它命令 续

MISC Linux (RedHat) Solaris (SPARC) Tru64

Startup script /etc/rc.d/rc /sbin/init.d /sbin/init.d

Kernel /boot/vmlinuz /kernel/genunix /vmunix

Kernel Parameters sysctl -a sysdef –I sysconfig dxkerneltuner

Reconfigure the kernel cd /usr/src/linux

make mrproper

make menuconfig

make depcleanbzImageinstall

make modules

make modules_install

cp arch/i386/boot/bzImage /boot/vmlinuz

mkinitrd /boot/initrd-2.4.img 2.4

vi /etc/lilo.conf

lilo vi /etc/system

reboot doconfig

List modules lsmod modinfo

Load module insmod modload

Unload module rmmod modunload

Initialize system netconf sys-unconfig netsetup

Physical RAM free prtconf uerf | grep memory

Kernel Bits getconf WORD_BIT isainfo -kv 64

Crash utility lcrash

crash kdbx

Trace System Calls strace truss trace

Machine model uname -m uname -imp uname -p

OS Level uname -r uname -r sizer -v

Run Level runlevel who -r who -r

Core dump files /var/crash/`uname -n`

Boot single user {lilo}

control-x

linux S

{grub}

c

kernel vmlinuz-2.4.9-13 single ro root=/dev/hda8

initrd /initrd-2.4.9-13.img

boot ok boot -s >>>boot -fl s

Maintenance mode ok boot -as

Interrupt Key Stop-A control-P

Return to console ok go

Timezone Management /etc/sysconfig/clock /etc/TIMEZONE

/etc/default/init /etc/svid3_tz

timezone

NTP Daemon /etc/ntp.conf

/etc/rc.d/init.d/xntpd /etc/inet/ntp.conf

/etc/init.d/xntpd rcmgr set XNTPD_CONF YES

/sbin/init.d/xntpd

主流服务器UNIX *** 作系统设备管理

Devices AIX FreeBSD HP-UX

Devices /dev /dev /dev

Install devices for attached peripherals cfgmgr –v /dev/MAKEDEV insf -e

Remove device rmdev –l rmsf

Device drivers Lscfg lsdev

CPU lsdev -Cc processor sysctl hw.model ioscan -fnC processor

List Terminal lsdev -Cc tty ioscan -fnC tty

Diagnostics Diag pciconf -l Stm

Whole Disk /dev/hdisk# /dev/ad0s1c /dev/dsk/c#t#d0

CDROM /dev/cd0 /dev/acd0c /dev/dsk/c#t2d0

CDROM file type Cdrfs cd9660 Cdfs

Rewinding tape drive /dev/rmt0 /dev/rwt0d /dev/rmt/0m

Floppy drive /dev/rfd0 /dev/fd0 -

Non-rewinding tape drive /dev/rmt0.1 /dev/nrwt0d /dev/rmt/0mn

Devices Linux (RedHat) Solaris (SPARC) Tru64

Devices /dev /devices /dev

Install devices for attached peripherals /dev/MAKEDEV drvconfig

devlinks

disks

tapes

ports scu scan edt

scsimgr -scan_all

Remove device rem_drv

Device drivers prtconf -D

CPU cat /proc/cpuinfo psrinfo -v psrinfo -v

List Terminal pmadm -l

Diagnostics /usr/platform/`uname -m`/

sbin/prtdiag

ok test-all

/opt/SUNWvts/bin/sunvts

Whole Disk /dev/sda /dev/c#t#d0s2 /dev/rz0c

CDROM /dev/cdrom /dev/dsk/c#t6d0s2 /dev/rz3c

CDROM file type iso9660 hsfs cdfs

Rewinding tape drive /dev/rst0 {c 9 0} /dev/rmt/0 /dev/rmt0

Floppy drive /dev/fd0 /dev/diskette /dev/fd0c

Non-rewinding tape drive /dev/nrst0 {c 9 128} /dev/rmt/0n /dev/nrmt0

AIX 下面新建用户的命令是：#smitty mkuser 或者：#smit mkuser但新新用户会涉及到非常多的内容，以下内容供参考：AIX 中的命令请记住，本文讨论的命令和方法应该可以在配置文件中有本地用户和组的 AIX 系统上使用。如果系统处理来自远程源（例如 Network Information System，即 NIS）的用户和组，那么不应该使用 chuser 和 chgroup 等命令。/etc/passwd/etc/security/.profile/etc/security/limits/etc/security/passwd/etc/security/user/usr/lib/security/mkuser.default/etc/passwd/etc/passwd 文件包含用户的基本信息，它可能是 UNIX® 和 Linux® 用户最熟知的用户管理文件。清单 1 给出 /etc/passwd 文件的示例。清单 1. /etc/passwd 文件示例root:!:0:0::/:/usr/bin/kshdaemon:!:1:1::/etc:bin:!:2:2::/bin:sys:!:3:3::/usr/sys:adm:!:4:4::/var/adm:uucp:!:5:5::/usr/lib/uucp:guest:!:100:100::/home/guest:nobody:!:4294967294:4294967294::/:lpd:!:9:4294967294::/:lp:*:11:11::/var/spool/lp:/bin/falseinvscout:*:6:12::/var/adm/invscout:/usr/bin/kshsnapp:*:200:13:snapp login user:/usr/sbin/snapp:/usr/sbin/snappdipsec:*:201:1::/etc/ipsec:/usr/bin/kshnuucp:*:7:5:uucp login user:/var/spool/uucppublic:/usr/sbin/uucp/uucicopconsole:*:8:0::/var/adm/pconsole:/usr/bin/kshesaadmin:*:10:0::/var/esa:/usr/bin/kshsshd:*:206:201::/var/empty:/usr/bin/kshatc:!:8000:400:Adam Cormany,Sr UNIX Admin:/home/atc:/bin/kshamdc:!:8001:401:AMDC:/home/amdc:/bin/kshpac:!:8002:400:PAC,Jr UNIX Admin:/home/pac:/bin/kshatc2:!:8003:402:ATCv2:/home/atc2:/bin/ksh可以看到这个文件使用冒号 (:) 作为分隔符，每个条目按以下格式包含 7 个字段（为了便于阅读，在分隔符前后添加了空格）：Username : Password Flag : UID : GID : GECOS : Home : Shell/Command下面逐一解释这些字段：Username。这是与用户账户相关联的登录名/用户名。Password Flag。这个字段因 UNIX 和 Linux 的风格而异。在 AIX 上，第二个字段可以包含两个字符之一：! 或 *。如果显示 !，那么已经为此用户设置了密码。如果还没有设置密码，就会出现 *。密码本身存储在 /etc/security/passwd 中。UID。User Identifier (UID) 是用户的数字标识符。GID。Group Identifier (GID) 与 UID 相似，但是它与组相关联。GID 在 /etc/group 中定义。GECOS。General Electric Comprehensive Operating System (GECOS) 信息存储在第五个字段中。这里存储用户的姓名、电话号码和其他一般个人信息。Home。这是用户的主目录。Shell/Command。通常情况下，最后一个字段包含在用户登录时启动的 shell。管理员也可以通过修改这个字段执行其他命令而不是 shell（例如 /bin/false），从而限制访问。/etc/security/.profile/etc/security/.profile 文件可以节省宝贵的时间和减少麻烦。在使用 mkuser 命令创建用户时，执行 /usr/lib/security/mkuser.sys 脚本。这个脚本创建用户的目录，设置正确的权限，“创建” 用户的 .profile。mkuser.sys 脚本实际上是把 /etc/security/.profile 文件复制到新用户的主目录中。如果您正在构建新系统，或者一个新部门有 100 名员工需要在系统上建立账户，那么一定要先修改 /etc/security/.profile 文件，然后再开始创建用户账户。如果已经创建了账户，然后意识到需要对某个变量或其他设置做简单的修改，就不得不手工修改每个用户的 profile。可以使用脚本简化这个过程，但是如果提前修改了 /etc/security/.profile，会简单得多。export PATHif [ -s "$MAIL" ] # This is at Shell startup. In normalthen echo "$MAILMSG"# operation, the Shell checksfi # periodically./etc/security/limits/etc/security/limits 文件包含所有 ulimit，即用户的系统资源限制。表 1 列出 /etc/security/limits 文件中的字段及其用途。表 1. /etc/security/limits 中的字段软限制硬限制说明fsizefsize_hard用户可以创建的文件的大小corecore_hard用户可以创建的核心文件的大小cpucpu_hard允许的系统时间量datadata_hard进程数据段的大小stackstack_hard进程堆栈段的大小rssrss_hard允许的物理内存量nofilesnofiles_hard同时打开的文件描述符数量nprocnproc_hard同时运行的进程数量软限制和硬限制的区别是什么？在最大值（硬限制）范围内，用户或应用程序可以动态地修改软限制。硬限制 就是参数可以设置的最大值。如果把参数设置为数字值太困难（例如，如果开发人员不知道程序将使用的内存量或它需要打开的文件数量），那么可以把参数设置为 -1，这表示无限制。但是，不必为每个用户设置所有 ulimit。/etc/security/limits 文件包含一个 default 部分，它为每个用户定义一组标准值，如果用户没有设置定制的值，就会使用这些值。如果 default 部分不存在，系统会设置预先确定的限制。IBM 的默认值如下：* AttributeValue* ======================* fsize_hardset to fsize* cpu_hard set to cpu* core_hard -1* data_hard -1* stack_hard 8388608* rss_hard -1* nofiles_hard -1清单 3 给出一个 /etc/security/limits 文件示例。清单 3. /etc/security/limits 文件示例default:fsize = 4194303core = 16384cpu = -1data = 262144rss = 65536stack = 65536pac:fsize = 131072fsize_hard = 262144core = 262144假设用户 “pac” 是一位初级 UNIX 管理员，他的软限制值 fsize 由 default 部分的 4,194,303 降低到 131,072；但是，允许他在需要时把这个值增加到 262,144。另外，pac 经常把自己的程序弄坏。因此，把他的 core ulimit 增加到 262,144。/etc/security/passwd/etc/security/passwd 文件包含 AIX 用户的密码信息。在这个文件中，每个用户有三个字段：password。加密的密码。注意：如果这个字段只包含星号 (*)，那么账户被锁定，直到设置密码为止。lastupdate。最后一次更新密码的时间（系统纪元以来的秒数）。flags。对修改用户密码的限制。可以设置三个标志：ADMIN。如果设置，那么只有根用户可以修改用户的密码。ADMCHG。如果设置，那么在用户下一次登录或执行 su 时提示修改密码。NOCHECK。如果设置，那么忽略 /etc/security/user 中的任何其他限制。清单 4 提供一个 /etc/security/password 文件示例。清单 4. /etc/security/password 文件示例amdc:password = oBQaUkPkUryCYlastupdate = 1243972006flags = ADMCHG在这个示例中，用户 “amdc” 的密码是在 2009 年 6 月 2 日星期二 15:46:46 EDT 设置的。当用户下一次登录或执行 su 时，会提示修改密码。

---