Thursday, December 31, 2009

USER/GRUOP MANAGEMENT IN REDHAT LINUX

USER/GRUOP MANAGEMENT

Features:
The ability to control users and groups

Primary tools:

1. useradd - used to add users and modify group membership

2. system-config-users

Task:

1. Create a user named 'student1' using 'useradd'

Note:

a.Default user settings derive from: /etc/login.defs

b.useradd student1

c.set password for user 'student1': passwd student1

d.Default User Accounts DB: /etc/passwd

e.student1:x:501:501::/home/student1:/bin/bash

f.username:shadow_reference:uid:gid:Description(GECOS):$HOME:$SHELL

Note:

a./etc/passwd is a world-readable file

b./etc/shadow now stores passwords in encrypted form

c./etc/shadow is NOT world-readable

Fields in /etc/shadow:

a.student1:$1$XSFMv2ru$lfTACjN.XxaxbHA0EkB4U0:13891:0:99999:7:::

b.username:

encrypted_password:
Days_since_Unix_epoch_password_was_changed (01/01/1970)
Days before password may be changed
Days after which the password MUST be changed
Days before password is to expire that user is warned
Days after password expires, that account is disabled
Days since Unix epoch, that account is disabled
Reserved field (currently unused)

2. Modify user 'student1' to have password expire after 45 days
usermod

Groups:

1. groupadd - adds new group

2. groups - lists groups on the system: /etc/group
/etc/group - maintains group membership information

Task:
a.Create a 'sales' group and add 'linuxcbt' and 'student1' as members
b.groupadd sales
c.usermod -G sales linuxcbt
d.usermod -G sales student1

Note: 2 types of groups exist:

1. Primary - used by default for a user's permissions
2. Supplemental - used to determine effective permissions

Note:
• use 'id' to determine the group information of user
• Create a new shell session to realize new group membership information
userdel/groupdel are used to delete users and groups, respectively

No comments:

Post a Comment