Documente Academic
Documente Profesional
Documente Cultură
Chapter Four
Notice that finger displays the following information about the ksanders
account:
– Login This is the username that is used to authenticate to the
system.
– Name This is the user’s full name.
– Directory This is the user’s home directory.
– Shell This is the default shell that will be started by the user.
• Last Login This displays the last time the user logged in and where
from
Linux Commands
ws1:~/Desktop # id tux
uid=1000(tux) gid=100(users)groups=100(users),33(video)
Linux Commands
Notice that on this system, the tux user account has been assigned
a UID of 1000. On a SUSE Linux system, the first regular user
account created on the system is always as- signed a UID of
1000. and Ubuntu linux has been assigned a UID starting from
500 The next user account will be assigned a UID 501
• Other distributions may use a different numbering scheme for
the UID, however.
• For example, UIDs on a Fedora system start at 500 instead of
1000. Next, you can see that the Tracy user on this Fedora
system has a UID of 500 because it was the first standard user
account created:
ID of 1001, and so on.
Linux Commands
root:x:0:0:root:/root:/bin/bash
sshd:x:100:102:SSH daemon:/var/lib/sshd:/bin/false uucp:x:10:14:Unix-
to-Unix CoPy system:/etc/uucp:/bin/bash wwwrun:x:30:8:WWW daemon
apache:/var/lib/wwwrun:/bin/false ksanders:x:1001:100:Kimberly
Sanders:/home/ksanders:/bin/bash tux:x:1000:100:Tux
Penguin:/home/tux:/bin/bash
Linux Commands
For example:
•ksanders:x:1001:100:Kimberly Sanders:/home/ksanders:/bin/bash
Here’s what these fields contain:
•Username The Username field simply identifies the username the
user will supply when logging in to the system. In this example, it is
ksanders.
•Password This is a legacy field. At one time, the user’s password was
stored in encrypted form in this field in the passwd file. However, for
security reasons, the password has been moved from /etc/passwd to
/etc/shadow. (We’ll look at this file in more detail later.) Therefore, only
the character x is shown in this field.
•UID This is the user ID for the user account. We discussed the UID
earlier in this chapter. In this example, the UID for the ksanders
account is 1001.
•GID This field references the group ID number of the user’s default
group. In this example, the GID for the ksanders account is 100. As
we’ll see later in this chapter, this references the users group.
Linux Commands
The /etc/shadow File With most Linux distributions that use local authentication,
your users’ passwords will be stored in encrypted format in the /etc/shadow
file. This file is linked to the /etc/passwd file we discussed previously. Each of
the user ac- counts listed in /etc/passwd has a corresponding entry in
/etc/shadow, as shown in this example:
• ws1:~ # cat /etc/shadow
• root:
$2a$05$h03HfGFSi2i8GlotOYgreeBelUlHc.z/2KxyQQF7RSo./TdLOrDJa:1503
5:::::: sshd:*:14796:0:99999:7:::
• uucp:*:14796::::::
• wwwrun:*:14796::::::
ksanders:
$2a$05$KL1DbTBqpSEMiL.2FoI3ue4bdyR.eL6GMKs7MU6.nZl5SCC7/
REUS:15043:0:99999:7:::
Linux Commands
• Username:Password:Last_Modified:Min_Days:Max_Days:Days
_Warn:Disabled_Days:Expire
• ksanders:
$2a$05$KL1DbTBqpSEMiL.2FoI3ue4bdyR.eL6GMKs7MU6.nZl
5SCC7/ REUS:15043:0:99999:7:::
Linux Commands
• You can add any files and directories to this directory that you want each
and every user to have by default when their account is created on the
system.
• You can override these defaults when running useradd by specifying a
list of options in the command line. You can use the following:
• –c Includes the user’s full name
• –e Specifies the date when the user account will be disabled. Format the
date as yyyy-mm-dd.
• –f Specifies the number of days after password expiration before the
account is disabled.
• –g Specifies the user’s default group
• –G Specifies additional groups that the user is to be made a member of
• –M Specifies that the user account be created without a home directory
• –m Specifies the user’s home directory
Linux Commands
• When working with passwd, you can also use the following options:
– –l Locks the user’s account. This option invalidates the user’s
password.
– –u Unlocks a user’s account
– –d Removes a user’s password
– –n Sets the minimum number of days required before a password
can be changed
– –x Sets the maximum number of days before a password must be
changed
– –w Sets the number of days prior to password expiration when
the user will be warned of the pending expiration
– –i Sets the number of days to wait after a password has expired
to disable the account
Linux Commands
Now that you know how to create a new user and how to
set a user’s password, let’s next review how you go
about modifying an existing user account.
Linux Commands
usermod
usermod From time to time, you will need to modify an existing user
account. This can be done from the command line using the usermod
utility. The syntax for usermod is very similar to that used by useradd.
You enter usermod options username at the shell prompt. The options
for usermod are likewise similar to those used by useradd. They include
the following:
• –c Edits the user’s full name
• –e Sets the date when the user account will be disabled. Format the date
as yyyy-mm-dd.
• –f Sets the number of days after password expiration before the account
is disabled. Use a value of –1 to disable this functionality.
• –g Sets the user’s default group
• –G Specifies additional groups that the user is to be made a member of
• –l Changes the username
Linux Commands
Linux Groups
• Linux Groups
• Like other operating systems, Linux uses groups to
make managing the system easier. In this part of this
chapter, we’re going to discuss the following:
• How Linux groups work
• Managing groups from the command line
Linux Commands
Group
Group
• but just suppose you had 100 users that all needed the same level
of access. What a waste of time
Linux Commands
Group:Password:GID:Users
video:x:33:ksanders,tux,lmorgan,jsanders,rtracy,dtracy
Linux Commands
video:x:33:ksanders,tux,lmorgan,jsanders,rtracy,dtracy
– Group Specifies the name of the group. In the example, the name of
the group is “video.”
– Password Specifies the group password, if one is assigned
– GID Specifies the group ID (GID) number of the group. In this
example, the GID of the video group is 33.
– Users Lists the members of the group. In this case, the ksanders,
tux, lmorgan, jsanders, rtracy, and dtracy users are members of the
video group
• Group_Name:Password:Group_Admins:Group_Members
•
Linux Commands
Managing Groups from the Command Line
• As with users, you can also manage groups with either command-
line or graphical tools. For example, both YaST and User Manager
can be used to create, modify, and delete groups on your Linux
system as well as user accounts. However, for the reasons
specified earlier, we’re going to focus on managing groups from the
shell prompt in this chapter. We will review the following tools:
groupadd
groupmod
groupdel
Linux Commands
• Groupadd
• As you can probably guess from its name, the groupadd utility is
used to add groups to your Linux system. The syntax for using
groupadd at the shell prompt is relatively simple. Just enter
groupadd options groupname. For example, if I wanted to add a
group named farah, I would enter groupadd farah at the shell
prompt. When I do, a group is added to /etc/group using default
parameters specified in /etc/ login.defs.
Linux Commands
• groupmod