Ch 03 Managing Users and Groups

There are 3 type of user

Super user /admin ---> root

Normal user

System user

To  Create new user (Normal)

#adduser  username

#useradd  username

to change passwd for normal user

#passwd username

to change root password.

#passwd

/etc/passwd  (File for user password and user name information)

file with 7 field .

1      :   2      :  3  :  4  :5:    6         :    7

xyz   :   X      : 501 : 501 : : /home/xyz :/bin/bash

username:password:userid:groupid:finger information:home dir :shell

whenever we create user /etc/defaults/useradd file has read by system

/etc/defaults/useradd

to give a special permission

/etc/defalts/useradd

group   = 100

* disallow the user

home    = /home

inactive = -1

Expire   =                    !! disallow the user

Shell    = /bin/bash

Skel     = /etc/skel

To clear Password.

#vi /etc/passwd

2nd field of this file is :x: password information :x: does means user having password.

If we remove :x: (x) password will be null (blank)

---------------------------------------------------------------------

Password reset for Root User.

If we have current password then simple process

#passwd

Enter  new password  :

Conform new Password :

If we haven’t password for Root:

Stat system ----> Press E (edit Grub file’s line by edit it may ask grub password )put password and edit line

Put single --------> in spite of : RO

Press b  (For boot)

System start with Single user:

It will prompt #

Put command    #passwd (And change password).

If we haven’t password for Grub:

Start your system----------> with 1st  disk of installed os. (it could be Centos,redhat ,any Linux flavors which is installed)

After booting from CD linux installation prompt will come

:linux rescue ( type this to rescue password)

mount file system:

hit command # passwd

Password Group and user related Configuration files.

/etc/passwd

/etc/gshadow

/etc/login.defs

/etc/group

/etc/skel

/etc/defaults/useradd

/etc/shadow

/etc/shells

#useradd username

#useradd –u 555 username   (to give special UID)

# useradd –s /bin/sh username (to assign special Shell)

# useradd –e 2007-7-29 username (Assigning Expiry date)

# useradd –f 10 username (de active after certain day)

# useradd –G group1,group2,group3 username (add in multi group)

#mkdir ghar

#useradd –d /ghar/newusername newusername

(to assign particular home directory for user)

# useradd –d badman username

(not tested above command please verify command by testing)

# useradd –l newuser exiting username

(to change login name)

# useradd –c “user is for testing” username

(to add comment on user)

to Edit exiting User use all above commands with

#usermod    (page no 11,12 commands)

#usermod –L username (to lock user)

#usermod –U username (to unlock user)

#chsh  username   (to change shell)

#chfn  username   (to change finger information)

#finger username  (display finger information of user)

#useradd –u 707 –c “all field” –e 2007.10-29 –s /bin/sh –G g1,g2,g3

(add user name with particular uid (707),comment ,time ,shell and multi group)

# Add root user

#useradd –u 0 –o –g 0 username

(To add root user 0 (zero) is uid for root)

#who am I (to know which user login)

SUDO User

# /etc/sudoers

To make other user to limited administrator or full administrator.

#visudo

To give command in sudo user

#sudo command path

#visudo

(we can add sudo user in this file , also can add wheel (root) group and edit user.

#allow

b1 ALL=(ALL) ALL

# % wheel ALL

Adding Alias for SUDO

#user_alias U=nl

Cmmd_Alias C= /usr/sbin/useradd , more commands if required

#common Alias

cmnd_Aliasc=/usr/sbin/useradd

U ALL = C

Also can Add more alias like “Network”

U ALL = NETWORKING

#useradd –G groupname

User_Alias U = n1

Cmnd_alias C= /usr/sbin/useradd

U ALL = C

Group

To Create group and assign different login IDs

#vi /etc/login.defs

#id –u username  (to know about particular user ID)

#groupadd newgroupname

/etc/group

#useradd –G groupname newusername

#groupdel groupname

#usermod –G groupname existing username

/etc/shadows

to know password information

(Linux use MD5 protection for encryption )

/etc/shadows has 8 field .

fields

username          : username  (root)

encryption        :$d7748jj%&^fb (add ! before $ to inactive user)

days remaining    : Remaining days before expire

change password   :(after how many day user has to change passwd)

password must change :(after how many day passwd must change)

warning           : password expiry warning

inactive          :user will inactive after days

days counting     :  since user created

/etc/skel

Whatever file stored in this folder are automatically added for new user creation.

#vi /etc/group

Groupname:password:groupid

/etc/gshadows

to know about group password

groupname: password: users

#gpasswd  (to change group password)

#groupadd group name

#groupadd –u gid

(group add with special gid. means particular gid no {I.E 1000} )

#groupdel groupname

#grupmod  (with all about switch for exiting group)