|SM1: Open-source Operating Systems||ASIX/DAW/DAM-1||Task
A5: Managing users and grups accounts on Linux
A5: Managing users and groups accounts on Linux
* A user is a real person or program which can access to some resources of a computer such as folders, files, programs, hardware and so on.
* A group is a collection of users. Groups are used as a basis for determining file access permissions. It depends on your groups membership that you will be able to access or not to certain folders, files, hardware, databases and so on.
In order to define properly a new user, you
must provide to the system some basic information. A system user
a) A username
b) Usually, an encrypted password
c) Most times (but it is not mandatory), a personal home directory where the user can store his/her/its personal data and personal configuration files and enviroment variables.
d) A numerical value called User IDentifier or UID associated with the username. The user will be identified by the system thanks to its UID rather than its username.
e) A default group. A user must be member of one or more groups. If a user is member of just one group, that group will be its default group. The group name must exist. Instead of a group name, you can write the unique number that identifies the group.
f) A default shell, usually /bin/bash.
g) Another additional characteristics like comments, expiry date, additional groups memberships and so on.
h) User environment variables. This variables are a tool to customize how the user interacts with the system. The value of an environment variable can for example be the location of all executable files in the file system, the default editor or browser that should be used, default language, colors used in the terminal, location of some personal configuration files and folders,.....
i) An entry in files /etc/passwd and /etc/shadow where the vast majority of this information about the user is stored.
In order to define properly a new group, you
must provide to the system some basic information. A system
group will need:
a) A group name.
b) A numerical value called Group IDentifier or GID associated with the group name. The group will be identified by the system thanks to its GID rather than its group name.
c) Users which are member of that group.
h) An entry in files /etc/group and /etc/gshadow where all this information about the group is stored.
In order to configure and manage system users and groups, the Linux operating provides you with a set of command-line utilities: a) useradd adds a new user account to the system, b) userdel deletes a user's account, c) usermod modifies a user's account, d) groupadd adds a new group to the system, e) groupdel removes a group and f) groupmod modifies a group.
The purpose of this exercise is:
a) Firstly, to learn how to manage (add, delete and modify) user and group account on Linux.
b) Secondly, we will study the main chararacterisitics of system user and groups, and how to modify these characteristics.
c) Finally, we will study the contents of /etc/passwd, /etc/group and /etc/shadow.
a) Descrition: The command-line utility mkpasswd encrypts a given password. This command is part of a package called whois. You have to install whois in order to install mkpasswd on your system.
b) Synopis: mkpasswd PASSWORD
c) As a result, a encrypted version of PASSWORD will be displayed on screen
linux:~ # mkpasswd FjeClot@20
a) Description: The useradel command deletes an user account.
b) Synopsis 1: userdel username ==> The user will be deleted but not its home folder. Entries in /etc/passwd, /etc/shadow and /etc/group will be deleted. Folder /home/username will not be deleted.
c) Synopsis 2: userdel -r username ==> The user will be deleted and its home folder as well. Entries in /etc/passwd, /etc/shadow and /etc/group will be deleted. Folder /home/username will be deleted.
d) Example: If you want to completely remove the user tux, you should run the following command: userdel -r tux
9- gpasswd: Removing a user from a group. Adding a user to a group
PART I - Working with commands
1- Install a package called whois on your system. This package contains mkpasswd, a command that provides encrypted versions of any given password.
2- Create a group
called clot with GID = 2000. Look at
changes at /etc/group. Check and
show clearly that a new group called clot
has been added to your system.
3- Add to the skeleton the following directories: Desktop, Documents, Downloads, Public and Temporal.
4- Create a new user called clot, with the following characteristics:
a) User identifier will be 2000
b) By default is member of the clot group
c) Home directory will be /home/clot
d) The default shell will be the bash program
e) The password (the version with no encryption for the user) will be p47KL#a$
f) Additionally, the new user will be member of vboxsf and cdrom groups
g) /etc/skel will be the skeleton directory for the new user
5- Create a new user called fje, with the following characteristics:
a) User identifier will be 2001
b) By default is member of the users group
c) The Home directory will be /home/fje
d) The default shell will be the bash program,
e) The password (the version with no encryption for the user) will be At5R@JmK
f) Additionally, the new user will be member of the vboxsf and audio groups.
g) /etc/skel will be the skeleton directory for the new user.
Do the following tasks:
a) Look at changes at /etc/passwd and /etc/shadow. Check and show clearly that a new user called clot has been added to your system.
b) Check that a new directory called /home/clot has been created on your system.
c) Check the contents of /home/clot.
7- Working on terminal: Become clot. Check now:
a) Show clearly your personal home folder now that you have become the clot user. Has it changed?. Why?
b) Show the groups user clot is in. Is clot member of sudo?. Can run clot commands as a user with root privileges with the help of sudo?. Why?
c) Can create clot a new user?. Why?.
8- Create a new group called
students with GID = 200. Look at changes
at /etc/group. Check and show clearly that a new
group called students has been added to
9- Modify clot UID and change it to 3000. Look at changes at /etc/passwd. Check and show clearly that user clot has been modified.
10- Add clot and fje users to the students group. Look at changes at /etc/group. Check and show clearly that
users clot and fje have
been added to the grup students.
11- Change clot default group to adm group. Look at changes at /etc/passwd. Check and show clearly that user clot has been modified.
12- Modify students GID and change it to 300. Look at changes at /etc/group. Check and show clearly that
group students has been modified.
13- Show members of group students.
14- Modify clot's password. The new password will be tJEpcRom47@
15- Remove clot and fje from students group. Look at changes at /etc/group. Check and show clearly that users clot and fje have been removed from students.
clot and his/her home directory. Check and show clearly that:
a) User clot has been removed from /etc/passwd and /etc/shadow.
b) Directory /home/clot has been removed from your system.
students and clot. Look at changes at /etc/group. Check and show clearly
that students has
been removed from your system.
Disable and lock the fje user account. Try to gain access to the fje account. What
19- Enable and unlock the fje user account again. Try to gain access to the fje account. What happens?.
PART II - Checking the effects of being member of a group or not
your 10GiB (11GB Volume) hard drive. We learned how
to mount a hard drive in sm1act04.
b) Run the following commands with root privileges:
sudo chgrp -R users /media
c) Check that your user
is member of a group called users with the help of
the command id.
d) Gain access to the 11GB Volume and create a new file called test. Have you experienced any problem. Why?
e) Remove your user from the group users wit the help of gpasswd. Afterwards logout and login again on the system. Check that your user is no member of users any longer.
f) Can you gain access to the 11GB Volume. Why?
g) Add your user to the group users wit the help of gpasswd. Afterwards logout and login on the system. Check that your user is member of users again.
h) Gain access to the volume and create a new file called test01. Have you experienced any problem?.Why?
i) What is the effect of adding users to/deleting user from a group?