###User/Group Management###
Features:
1. The ability to control users and groups
Primary tools:
1. useradd - used to add users and modify group membership
2. system-config-users
Tasks:
1. Create a user named ''student1'' using ''useradd''
Note: Default user stttings derive from: /etc/login.defs
a. ''useradd student1''
b. ''passwd student1'' - set password for user ''student1''
Default User Accounts DB: /etc/passwd
william:x:1000:1000:WilliamHerry,,,:/home/william:/bin/bash
student1:shadow_reference:uid:gid:Description(GECOS):$HOME:$SHELL
Note: /etc/passwd is a world-readable file
Note: /etc/shadow now stores passwords in encrypted form
Note: /etc/shadow is NOT world-readable
Fields in /etc/shadow:
student1:$1$Ku5s0Hv7$hyZXb3PcHEWLy5fM/6vxF1:14935:0:99999:7:::
1. username:
2. encrypted_password:
3. Days_since_Unix_epoch_password_was_changed (01/01/1970)
4. Days before password may be changed
5. Days after which the password MUST be changed
6. Days before password is to expire that user is warned
7. Days after password expires, that account is disabled
8. Days since Unix epoch, that account is disabled
9. Reserved field (currently unused)
2. Modify user ''student1'' to have password expire after 45 days
a. ''usermod''
Groups:
1. groupadd - adds new group
2. groups - lists groups on the system: /etc/group
Note: /etc/group - maintains group membership information
Task: Create a ''sales'' group and add ''linuxcbt'' and ''student1'' as members
1. ''groupadd sales''
2. ''usermod -G sales linuxcbt''
3. ''usermod -G sales student1''
Note: 2 types of groups exist:
1. Primary - used by default for a user''s permissions
2. Supplemental - used to determine effective permissions
Note: use ''id'' to determine the group information of user
Note: Create a new shell session to realize new group membership information
userdel/groupdel are used to delete users and groups, respectively
3. chage
a. ''chage -l username''
b. ''chage -d 0 username'' - make user have to change password
c. ''chage -m 0 -M 90 -W 7 -l 14 username''
|