Differences

This shows you the differences between two versions of the page.

@@ Line 1: / Line 1: @@
+<markdown>
+# Managing Users and Groups
+## Date: Mon Sep 24 12:17:52 EDT 2018
+## The passwd file
+On my Fedora 28 virtual machine, I can see the following information about my user account:
+```bash
+$ grep "sean" /etc/passwd
+sean:x:1000:1000:sean:/home/sean:/bin/bash
+```
+The fields are:
+- username
+- password indicator
+- user id
+- group id
+- gecos ingo
+- home directory
+- default shell
+This is a pretty standard Linux file, but some things will change
+depending on the distribution. For example, the user id may start at a
+different point depending on the system. However, nowadays both Ubuntu
+and Fedora set the starting UID and group ID for new users at 1000.
+## The shadow file
+Need to be root to examine the shadow file:
+```bash
+$ sudo su
+# grep "sean" /etc/shadow
+sean:ENCRYPTED_PASSWORD::0:99999:7:::
+```
+The fields are:
+- login name (username)
+- encrypted password
+- days since 1/1/1970 since password was last changed
+- days after which password must be changed
+- days before password is to expire that user is warned
+- days after password expires that account is disabled
+- days since 1/1/1970 that account is disabled
+- a reserved field
+## The group file
+This file holds group information about the entire system:
+```bash
+$ cat /etc/group
+$ # note one group of interest
+$ grep "project1" /etc/group
+project1:x:1001:sean,captkirk
+```
+The fields are:
+- group name
+- group password
+- group ID (GID)
+- group members
+## Management Tools
+The book discusses the following tools:
+- */usr/sbin/useradd*
+- */usr/sbin/usermod*
+- */usr/sbin/userdel*
+- */usr/sbin/groupadd*
+- */usr/sbin/groupdel*
+- */usr/sbin/groupmod*
+## Practice
+### Create a new user; modify account
+Let's create a new user and modify the account. First note the defaults
+in **/etc/login.defs**, **/etc/skel**, and **/etc/default/useradd**.
+And then let's change some defaults. We can either user *sudo* or
+become *su*. Here I become *su*:
+```bash
+$ sudo su
+# nano /etc/skel/.bashrc
+```
+Now we're in *nano*, and we want to add these lines at the end. Feel free to add the comments:
+```bash
+# make "c" a shortcut for "clear"
+alias c='clear'
+# new files are 600; new directories are 700:
+umask 0077
+```
+Now use *nano* again to create a README file. This file will be added to the home directories of all new users. Add any welcome message you want to add, plus any guidelines for using the system.
+```bash
+# nano /etc/skel/README
+```
+After writing (saving) and exiting *nano*, we can go ahead and create the new user:
+```bash
+# useradd linus
+# grep "linus" /etc/passwd
+linus:x:1002:1003::/home/linus:/bin/bash
+# grep "linus" /etc/shadow
+linus:!!:17798:0:99999:7:::
+# # Let's create a password for 'linus'
+# passwd linus
+# grep "linus" /etc/shadow
+# # Let's modify the maximum password lifetime
+# passwd -n 90 linus
+# # Let's modify the maximum password lifetime
+# passwd -x 180 linus
+```
+### Create a new group; add users to group
+```bash
+# grep "linus" /etc/group
+# groupadd project2
+# grep "project2" /etc/group
+project2:x:1004:
+# usermod -aG project2 linus
+# usermod -aG project2 sean
+# grep "project2" /etc/group
+project2:x:1004:linus,sean
+```
+### Delete, delete, delete
+. Delete user 'linus'
+. Confirm not listed in **passwd** and **shadow** files.
+. Confirm home directory is gone
+#### User deletion
+```bash
+# userdel -r linus
+# grep "linus" /etc/passwd
+# grep "linus" /etc/shadow
+# cd /home ; ls -l
+```
+#### Group deletion
+. Look for groups in **group** file that begin with the string
+"project".
+. Delete "project2" group
+. Look again.
+```bash
+# grep "project*" /etc/group
+# groupdel project2
+# grep "project*" /etc/group
+```
+</markdown>

C. Sean Burns: Notebook

User Tools

Site Tools

Differences

Page Tools