Free Domain Sign up for PayPal and start accepting credit card payments instantly.

Monday, July 12, 2010

User/Group Management

Features:
1. The ability to control users and groups

Primary tools:
1. useradd - used to add users and modify group membership
2. system-config-users

Task:
1. Create a user named 'student1' using 'useradd'

Note: Default user settings derive from: /etc/login.defs
a. useradd student1
b. set password for user 'student1': passwd student1


Default User Accounts DB: /etc/passwd
student1:x:501:501::/home/student1:/bin/bash

username:shadow_reference:uid:gid:Description(GECOS):$HOME:$SHELL
Note: /etc/passwd is a world-readable file
Note: /etc/shadow now stores passwords in encrypted form
Note: /etc/shadow is NOT world-readable

Fields in /etc/shadow:
student1:$1$XSFMv2ru$lfTACjN.XxaxbHA0EkB4U0:13891:0:99999:7:::

1. username:
2. encrypted_password:
3. Days_since_Unix_epoch_password_was_changed (01/01/1970)
4. Days before password may be changed
5. Days after which the password MUST be changed
6. Days before password is to expire that user is warned
7. Days after password expires, that account is disabled
8. Days since Unix epoch, that account is disabled
9. Reserved field (currently unused)


2. Modify user 'student1' to have password expire after 45 days
a. usermod


Groups:
1. groupadd - adds new group
2. groups - lists groups on the system: /etc/group
/etc/group - maintains group membership information

Task: Create a 'sales' group and add 'linuxbbt' and 'student1' as members
1. groupadd sales
2. usermod -G sales linuxbbt
3. usermod -G sales student1

Note: 2 types of groups exist:
1. Primary - used by default for a user's permissions
2. Supplemental - used to determine effective permissions

Note: use 'id' to determine the group information of user
Note: Create a new shell session to realize new group membership information

userdel/groupdel are used to delete users and groups, respectively

2 comments:

  1. Nice blog keep it up..!good for beginners..

    Add little more contents..!

    ReplyDelete
  2. Thanks Dude, I will keep on updating this ...

    ReplyDelete