Chapter 2 : Managing Users

Description

Understanding when to use root • Creating and removing users • Understanding the /etc/passwd and /etc/shadow files • Distributing default configuration files with /etc/skel • Switching between users • Managing groups • Managing passwords and password policies • Configuring administrator access with sudo • Setting permissions on files and directories
Instaviral com
Note by Instaviral com, updated more than 1 year ago
Instaviral com
Created by Instaviral com over 4 years ago
19
0

Resource summary

Page 1

Understanding when to use root

1. Exists in all Linux distributions 2. Can do anything even deleting the whole file system 3. Use root account only in needed situation. 4. Ubuntu require no root password setup during installation.     i. Except Linode / DigitalOcean, root account is enabled at their Ubuntu server.  5. Use command sudo when using non-root account to perform root-level operations. 6. During installation, Ubuntu will automatically grant sudo access to the first user account created. Additional user account will not have sudo access unless explicitly granted.

Page 2

Creating & removing users

1. New user could be added by using either #adduser or #useradd. 2. # sudo useradd -d /home/newuser -m newuser i. -d flag = directory, -m flag = auto create the home directory during the process of creating newuser directory ii. newuser = the new account which will be added   3. # sudo passwd newuser i. set new password for the newly created account   4. # sudo adduser newuser2 i. this command will auto create /home/newuser2 directory & asking to set the new password   5. Both of the command will auto i. assign the next available UID (User ID) & GID (Group ID)  ii. copy the /etc/skel1 dir to /home/newuser dir   6. #adduser is not available in all distributions of Linux. It is a shell script written in Perl which use #useradd command as part of its code.

Removing user. 1. #userdel i. By default, it will not delete the /home/userdelete dir 2. #sudo userdel newuser 3. #sudo userdel -r newuser i. this will remove the user's home directory & the account

Extra note #sudo mkdir -p /ebsitename.com/public_html. This enable the system to auto create the parent directory if not exist. beware of using #rm as root user. etc type of #rm / home/newuser will delete the whole file system of Ubuntu.

Page 3

Understanding the /etc/passwd and /etc/ shadow files

1. User account information is stored in /etc/passwd & /etc/shadow 2. Only root has access to /etc/shadow 3. Sample of /etc/passwd contents   testuser:x:1000:1000::/home/testuser:0 testuser2:x:1006:1006:Test user,,,:/home/testuser2:/bin/bash myuser:x:1002:1002::/home/myuser: myuser2:x:1003:1003::/home/myuser2: jdoe:x:1004:1004::/home/jdoe: bsmith:x:1005:1005::/home/bsmith:/bin/bash jdoe2:x:1007:1007::/home/jdoe2:   Entries are split into columns, seperated by semicolon 1st column is username 2nd co is user's password , x meant pass is encrypted 3rd col is UID 4th col is GID 5th col is user information (Name etc) 6th col is user's home directory path 7th col is user's shell , the default shell user will use.   4. Sample of /etc/shadow content   myuser2:$6$maFOiNL.:16809:0:99999:7::: jdoe:$6$TPxx8Z.:16809:0:99999:7::: bsmith:$6$KoShUY.:16809:0:99999:7::: testuser3:$6$QAGTNqR:16809:0:99999:7::   1st col is username 2nd col is hash for user's password 3rd col is number of days since the UNIX Epoch (1st Jan 1970) that the pass has been last changed. 4th col is number of days required to pass before the next password changes. 5th col is the max number of days to pass before required to change new pass. 6th col is the number of days that will elapse before getting warned that they soon need to change their password. 7th col is the number of days to pass after the password expires, before the account is disabled. 8th col is the number of days since the UNIX Epoch will elapse before the account is disabled. Zero meant no disabled day set. (Date of account being disabled)

Extra Notes edit the 7th column to invalid shell will cause the user unable to logging.  # cat /etc/shadow | grep root , only show relevant root information #passwd -S <username>, can view any account on the system.  

Show full summary Hide full summary

Similar

computer systems and programming quiz
Molly Batch
Fetch-decode-excecute
Brodie McMeowface
Types of systems
Brodie McMeowface
DATA
Haha_fizul
Hardware mindmap
demi cheo
INFORMATION SYSTEM
ahmed hany
expert system
limy12345
Data
Jing Heng
Fetch-decode-excecute
джордж гаврилович
computer systems and programming quiz
Jack Wheat
DATA_v1
chong.lee.soong