IT2204: Systems Administration I 1 6b). Introduction to Linux.

Slides:



Advertisements
Similar presentations
Linux Users and Groups Management
Advertisements

Linux File & Folder permissions. File Permissions In Ubuntu, files and folders can be set up so that only specific users can view, modify, or run them.
Race Condition Zutao Zhu 10/09/09. Outline Race Condition –Some functions –File format of /etc/passwd and /etc/shadow –Input Redirection Format-string.
1 The Attack and Defense of Computers Dr. 許 富 皓. 2 Passwords in Unix/Linux Systems.
User Account Management WeeSan Lee. Roadmap Add An Account Delete An Account /etc/{passwd,shadow} /etc/group How To Disable An Account? Root Account Q&A.
Linux+ Guide to Linux Certification, Second Edition
User Accounts and Permissions Chapter IV / Part II.
CS 497C – Introduction to UNIX Lecture 15: - File Attributes Chin-Chih Chang
Linux+ Guide to Linux Certification, Second Edition
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
1. This presentation covers :  User Interface Administration  Files System and Services Management 2.
Workbook 3 Users and Groups
Introduction to Linux Installing Linux User accounts and management Linux’s file system.
The University of Akron Summit College Business Technology Dept.
The file structure and related utilities CS240 Computer Science II.
Lesson 7-Creating and Changing Directories. Overview Using directories to create order. Managing files in directories. Using pathnames to manage files.
Files & Directories Objectives –to be able to describe and use the Unix file system model and concepts Contents –directory structure –file system concepts.
Guide to Linux Installation and Administration, 2e1 Chapter 8 Basic Administration Tasks.
File Permissions. What are the three categories of users that apply to file permissions? Owner (or user) Group All others (public, world, others)
Linux+ Guide to Linux Certification, Second Edition
Samba Advanced System Administration Course James Lwali University computing Centre Ltd, University of Dar es salaam,
Adding New Users User as an entity - username(UID), GID. UID - typically a number for system to identify the user. GID – a number that recognizes a set.
Unix System Administration Chapter 6 Adding New Users.
Module 4 - File Security. Security Overview File Ownership Access to Files and Dircetories Changing File and Directory Ownership Changing File and Directory.
Linux+ Guide to Linux Certification, Third Edition
Chapter Two Exploring the UNIX File System and File Security.
Managing Users Objectives Contents Practicals Summary
File Permission and Access. Module 6 File Permission and Access ♦ Introduction Linux is a multi-user system where users can assign different access permission.
ITI-481: Unix Administration Meeting 3 Christopher Uriarte, Instructor Rutgers University Center for Applied Computing Technologies.
Lesson 9-Setting and Using Permissions. Overview Describing file permissions. Using execute permissions with a file. Changing file permissions using mnemonics.
Users Greg Porter V1.0, 26 Jan 09. What is a user? Users “own” files and directories Permission based on “ownership” Every user has a User ID (UID) 
User Management Burgess, Ch.5.
There are three types of users in linux  System users: ?  Super user: ?  Normal users: ?
Managing Users  Each system has two kinds of users:  Superuser (root)  Regular user  Each user has his own username, password, and permissions that.
Chapter Two Exploring the UNIX File System and File Security.
Chapter 10: Rights, User, and Group Administration.
Chapter 3 & 6 Root Status and users File Ownership Every file has a owner and group –These give read,write, and execute priv’s to the owner, group, and.
Managing Users Objectives –to be able to add, modify and remove Unix user accounts Contents –requirements for a user account –configuration files (passwd,
Linux+ Guide to Linux Certification, Third Edition
Linux+ Guide to Linux Certification, Third Edition
The Saigon CTT Chapter 10 Managing Users. The Saigon CTT  Objectives  Define the requirements for user accounts  Explain group and group accounts 
Manually Creating a New User Account Presented by Carl South.
User Management. User Registration Policy The issues of creation and management often clash in distributed organisations Central creation and management.
© 2006 ITT Educational Services Inc. Linux Operating System :: Unit 3 :: Slide 1 Downloading and Installing Software yum pirut Bit Torrent rmp.
ITI-481: Unix Administration Meeting 3 Christopher Uriarte, Instructor Rutgers University Center for Applied Computing Technologies.
Lecture – Users and groups
Working with users and Groups. 1. Manage users and group 2. Manage ownership, permissions, and quotas.
Linux Use the Command-Line Interface to Administer the System.
CSC414 “Introduction to UNIX/ Linux” Lecture 6. Schedule 1. Introduction to Unix/ Linux 2. Kernel Structure and Device Drivers. 3. System and Storage.
SUSE Linux Enterprise Desktop Administration Chapter 9 Manage Users, Groups, and Permissions.
Chapter 6 Adding New Users. Computer Center, CS, NCTU 2 Steps to add a new user 1.Edit the password and group files >vipw, pw 2.Set an initial password.
Managing Users CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University.
Experiment No 4 Prepared by, Mr. Satish Pise. Objectives View the /etc/passwd file and describe its syntax. View the /etc/shadow file and describe its.
Agenda Customizing a Unix/Linux account Environment Introduction to Start-up Files (.bash_profile,.bashrc,.profile,.kshrc) Safe Methods for Changing Start-up.
This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group Module 14 Managing.
Linux Filesystem Management
Module X (Unix/Linux Password Security)
Lab 05 Firewalls.
Chapter 11: Managing Users
Chapter 2 User Management
Linux Users and Groups Management
Adding New Users, Storage, File System
Exploring the UNIX File System and File Security
Security and File Permission
OPS235 Lab4: Investigations 5 – 9
The Attack and Defense of Computers
Module 13 System and User Security
Administering Users and Groups
Administering Users and Groups
Adding New Users.
Presentation transcript:

IT2204: Systems Administration I 1 6b). Introduction to Linux

2 Supplementary notes on accounts and Logging

More on Accounts and Logging Account manipulation is a common task for System Administrators: Files and commands Account information is stored in two main files: – /etc/passwd – /etc/group To view contents of the passwd or group files: –$ cd / –$ cd ect –$ cat passwd 3

/etc/passwd file Stores most of the details of user accounts. Each line of this file represents one account and has seven fields, separated by colons (':'). For example for user 'John M‘ username:password:uid:gid:gecos:homedir:shell johnm:aljgLashGEDygC:5432:100:John M:/home/johnm:/bin/csh A description of each of the seven fields appears in the figure below. The file is globally accessible, which is necessary for commands like ‘ ls ’ which use the /etc/passwd file to display a username instead of a numerical user id when listing the contents of a directory. 4

/etc/passwd fields 5

/etc/group file Is similar to the ' /etc/passwd ' file. It stores information about groups. Every file on the system is associated with a particular group. In addition, every user on the system is associated with at least one group (their primary group). All files created by a user are associated with one of the user’s groups. Each line in /etc/group represents one group and has four fields, separated by colons (':'). For example, for the staff group: staff:*:50:janedoe,bill group ‘staff’ has a group identifier of 50. The fields of the /etc/group file are explained in the figure below. 6

/etc/group fields 7

/etc/shadow file The shadow password file stores encrypted passwords Some systems also support an ‘ /etc/gshadow ’ file to shadow the passwords in /etc/group. If shadow passwords are enabled, then the ‘ passwd ’ command is automatically aware of this fact, and stores passwords in /etc/shadow automatically (as will gpasswd on those systems which support it.) 8

Account creation/manipulation-1 Creating an account: Select a unique username and user id for the new account, eg ‘ dcs2 ’. Any unused user id could be used, such as 10, 000. Decide which groups the account will be a member of, and which of these will be the primary group. e.g. ‘ dcs2 ’ a member of the group ‘ users ’ (which we will assume has group id 100) and ‘ student ’ (group id 50) with 'users' being the primary group. Decide where the account’s home directory will be, and what the login shell will be. A common is the ‘ /home ’ directory. '/home/dcs2' will suffice and we shall assign them the standard shell ‘ /bin/sh ’. 9

Account creation/manipulation-2 Edit the /etc/passwd and /etc/group files appropriately. The passwd field for the account should have a ‘*’ in it. It will be changed later using the passwd command. We add the following line to the /etc/passwd file: dcs2:*:10000:100:dcs2:/home/dcs2:/bin/sh and we would need to add the name ` dcs2 ’ to the list of members for the group ‘ student ’ in the ‘/etc/group ’ file. For example student:*:50:bscs2,dcs2 10

Account creation/manipulation-3 Use the passwd command to give the account a password. In this case the command we want is passwd dcs2 Create a home directory for the account using the ‘mkdir’ command. In this case the command we want is mkdir /home/dcs2 11

Account creation/manipulation-4 Place any default configuration files that are necessary in the home directory. Typically a new account will contain configuration files for the login shell, ‘.profile ’ for example. Change the owner and group of the home directory and any files within it, using the ‘ chown ’ and ‘ chgrp ’ commands. Also set the permissions for the home directory (and any files in it) using the ‘ chmod ’ command. In this case chown -R dcs2 /home/dcs2 12

Account creation/manipulation-5 Remove/ delete an account: Change the passwd of the account, so the user can no longer log in, and ensure that the user is not logged in. The command is passwd dcs2 Remove the account’s home directory, and the files within it. The following command is used: rm -r /home/dcs2 13

Account creation/manipulation-6 Remove/ delete an account: Remove any files associated with the account, such as the mail file. Unfortunately it is sometimes possible for files belonging to the account to remain in well hidden locations. Use find / -user dcs2 14

Account creation/manipulation-7 Remove the entry for the account from the ‘ /etc/passwd ’ file. Disable an account: Care must be taken or access to some services will still be possible from a disabled account. A common method for disabling an account is to change the login shell to a so-called ‘tail script ’ which explains to the user why their account is disabled. Here is an example of such a script: #!/usr/bin/tail +3 Your account has been disabled because...

Logging Log files are used to store information about what happens on the system. For example, the log file might store the date and time when each user logs in or out of the system. This can be useful in tracking security violations, because an administrator can tell who was logged in when the violation occurred. Unfortunately, even modern hard disks only have a finite amount of space, so log files must be correctly managed or they will gradually consume all available space on the disk. 16

17 Qn: How can log files be viewed in: 1.Windows 2.Ubuntu?

Q & A