Module Linux essentials - Module 14 introduce managing users and groups. After studying this chapter students should be able to: Creating users and groups, understanding user and group commands, creating user IDs.
Trang 1Module 14 Managing Users and Groups
Trang 2Exam Objective 5.2 Creating Users and Groups
Objective Summary
Trang 3Working with Groups
Trang 4Creating a Group
creating or modifying a group, you can verify the changes by viewing the /etc/group file or
running the getent command.
Trang 5The groupadd Command
groupadd -g 506 research
command will automatically provide a GID for the new group.
Trang 6Group ID Considerations
where you expect to create user IDs if your
system uses UPG.
system use.
that will be less than the lowest standard UID.
Trang 7Group Naming Considerations
either an underscore (_) or a lower-case
alphabetic character (a-z).
distributions, but using more than 16 can be
problematic as some distributions may not
accept more than 16.
characters can be alphanumeric, dash (-) and underscore(_).
Trang 8that were associated with that group will no
longer be associated with that group.
Trang 9Deleting a Group
Trang 10Working with Users
Trang 11The /etc/default/useradd File
define default settings when creating user
accounts.
the useradd -D command.
Trang 12The /etc/default/useradd File
user's new home directory will be created
the password expires that the account is disabled
SHELL /bin/bash The SHELL setting indicates the default shell for
user's when they login to the system
SKEL /etc/skel The contents of this directory are copies into the
new user's home directory and the new user is given ownership of these files
CREATE_MAIL_SPO
OL yes A "mail spool" is a file where incoming email is placed ".
Trang 13The /etc/login.defs File
default settings when creating user accounts.
viewing the contents of this file.
editing the file directly.
Trang 14The /etc/login.defs File
MAIL_DIR /var/mail/spool The directory in which the user's mail spool file will be created.
PASS_MAX_DAYS 99999 The maximum number of days that a user can continue to use
the same password
PASS_MIN_DAYS 0 The shortest time that a user are required to keep a password.
PASS_MIN_LEN 5 This indicates the minimum number of characters that a
password must contain
PASS_WARN_AGE 7 This is the default for the warning field
UID_MIN 500 The UID_MIN determines the first UID that will be assigned to
an ordinary user
UID_MAX 60000 The UID_MAX determines the highest possible UID that will be
assigned to an ordinary user
GID _MIN 500 The GID _MIN determines the first GID that will be assigned to
an ordinary group.
GID _MAX 60000 The GID_MAX determines the highest possible GID that will be
assigned to a regular group
CREATE_HOME yes The value of this determines whether or not a new directory
will be created for the user, when their account is created.
UMASK 077 Determines what the default permissions will be for the user's
home directory
Trang 15Working with Account
Information
Trang 16Advantages to Individuals
having Separate Accounts
access to files or services
grant the ability to specify individuals to permit execution of select administrative commands
and rights associated with it allowing for
greater management flexibility
Trang 17Account Considerations
values you want to set for the following:
Trang 18The useradd Command
create new users Example:
useradd -u 1000 -c 'Jane Doe' jane
(/var/spool/mail/jane) and user’s home
Trang 19Password Security
Trang 20Picking a Password
as to make them hard to remember.
reset their passwords.
Trang 21passwd command with no argument.
Trang 22chage Command
Trang 23Using the chage Command
user.
Short option Long option Description
-l list List the account aging information
-d LAST_DAY lastday LAST_DAY Set the date of the last password change to
LAST_DAY -E
EXPIRE_DATE expiredate EXPIRE_DATE Set account to expire on EXPIRE_DATE
-h help Show the help for chage
-I INACTIVE inactive INACTIVE Set account to permit login for INACTIVE days
after password expires -m MIN_DAYS mindays MIN_DAYS Set the minimum number of days before
password can be changed to MIN_DAYS -M MAX_DAYS maxdays MAX_DAYS Set the maximum number of days before a
password should be changed to MAX_DAYS -W
WARN_DAYS warndays WARN_DAYS Set the number of days before a password expires to start displaying a warning to
WARN_DAYS
Trang 24Modifying a User Account
Trang 25Modify a User
the account.
determine if a user is currently logged in to the system.
Trang 26The usermod Command
Option Description
-e
Trang 27Removing a User
Trang 28Delete a User
account.
of the files owned by the user.
directory and the user’s mail spool are deleted.