Chapter 6 Adding New Users. Computer Center, CS, NCTU 2 Steps to add a new user 1.Edit the password and group files >vipw, pw 2.Set an initial password.

Slides:



Advertisements
Similar presentations
Unit 5 – User Administration Randy Marchany VA Tech Computing Center.
Advertisements

6. Adding New Users Xiang Sha Cmsc 691x. 6.1 The /etc/passwd File The /etc/passwd File is a list of users recognized by the system. Login name Encrypted.
Race Condition Zutao Zhu 10/09/09. Outline Race Condition –Some functions –File format of /etc/passwd and /etc/shadow –Input Redirection Format-string.
Adding New users This is a routine chore on most systems
User Account Management WeeSan Lee. Roadmap Add An Account Delete An Account /etc/{passwd,shadow} /etc/group How To Disable An Account? Root Account Q&A.
Linux+ Guide to Linux Certification, Second Edition
Chapter 6 Adding New Users. Computer Center, CS, NCTU 2 Steps to add a new user 1.Edit the password and group files >vipw 2.Set an initial password >passwd.
User Accounts and Permissions Chapter IV / Part II.
Linux+ Guide to Linux Certification, Second Edition
Linux System Administration LINUX SYSTEM ADMINISTRATION.
O.S security Ge Zhang Karlstad University. Outline Why O.S. security is important? Security schemes in Unix/Linux system Security schemes in windows system.
Introduction to Linux Installing Linux User accounts and management Linux’s file system.
CIS 218 Advanced UNIX 1 User and System Information CIS 218.
Guide to Linux Installation and Administration, 2e1 Chapter 8 Basic Administration Tasks.
Unix System Administration Rootly Powers Chapter 3.
Managing User Accounts. Module 2 – Creating and Managing Users ♦ Overview ► One should log into a Linux system with a valid user name and password granted.
2/19/2003 Lecture 3 Computer System Administration Lecture 3 Setup (continued)
File Permissions. What are the three categories of users that apply to file permissions? Owner (or user) Group All others (public, world, others)
Linux+ Guide to Linux Certification, Second Edition
Adding New Users User as an entity - username(UID), GID. UID - typically a number for system to identify the user. GID – a number that recognizes a set.
IT2204: Systems Administration I 1 6b). Introduction to Linux.
Unix System Administration Chapter 6 Adding New Users.
Module 4 - File Security. Security Overview File Ownership Access to Files and Dircetories Changing File and Directory Ownership Changing File and Directory.
Linux+ Guide to Linux Certification, Third Edition
CIT 470: Advanced Network and System AdministrationSlide #1 CIT 470: Advanced Network and System Administration Accounts and Namespaces.
Managing Users Objectives Contents Practicals Summary
ITI-481: Unix Administration Meeting 3 Christopher Uriarte, Instructor Rutgers University Center for Applied Computing Technologies.
Lesson 9-Setting and Using Permissions. Overview Describing file permissions. Using execute permissions with a file. Changing file permissions using mnemonics.
Users Greg Porter V1.0, 26 Jan 09. What is a user? Users “own” files and directories Permission based on “ownership” Every user has a User ID (UID) 
Linux Security. See who's logged in 1) w (more information) 2) who (less information)
There are three types of users in linux  System users: ?  Super user: ?  Normal users: ?
Managing Users  Each system has two kinds of users:  Superuser (root)  Regular user  Each user has his own username, password, and permissions that.
Chapter 3 & 6 Root Status and users File Ownership Every file has a owner and group –These give read,write, and execute priv’s to the owner, group, and.
Introduction to System Admin Sirak Kaewjamnong. 2 The system administration’s job  Adding a new user  Doing backup and restoring files from backups.
Managing Users Objectives –to be able to add, modify and remove Unix user accounts Contents –requirements for a user account –configuration files (passwd,
Linux+ Guide to Linux Certification, Third Edition
Linux+ Guide to Linux Certification, Third Edition
Linux Based Networks University of Education Instructor: Muhammad Amer Irshad.
User Management. Adding New Users Computer Center, CS, NCTU 3 ID  User ID, Group ID % id liuyh  uid=10047(liuyh) gid=200(dcs) groups=200(dcs),0(wheel),700(ta),800(security),888(wwwadm)
The Saigon CTT Chapter 10 Managing Users. The Saigon CTT  Objectives  Define the requirements for user accounts  Explain group and group accounts 
© 2006 ITT Educational Services Inc. Linux Operating System :: Unit 3 :: Slide 1 Downloading and Installing Software yum pirut Bit Torrent rmp.
ITI-481: Unix Administration Meeting 3 Christopher Uriarte, Instructor Rutgers University Center for Applied Computing Technologies.
Working with users and Groups. 1. Manage users and group 2. Manage ownership, permissions, and quotas.
Linux Use the Command-Line Interface to Administer the System.
1. Edit the password and group files > vipw(8), pw(8) 2. Set an initial password > passwd lwhsu 3. Set quota > edquota [-u] lwhsu 4. Create user home.
CSC414 “Introduction to UNIX/ Linux” Lecture 6. Schedule 1. Introduction to Unix/ Linux 2. Kernel Structure and Device Drivers. 3. System and Storage.
SUSE Linux Enterprise Desktop Administration Chapter 9 Manage Users, Groups, and Permissions.
Managing Users CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University.
Karlstad University Operating System security Ge Zhang Karlstad University.
Experiment No 4 Prepared by, Mr. Satish Pise. Objectives View the /etc/passwd file and describe its syntax. View the /etc/shadow file and describe its.
This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group Module 14 Managing.
User Management Lctseng, arr. by pschiu.
Module X (Unix/Linux Password Security)
User Management.
Chapter 11: Managing Users
User Management.
Chapter 2 User Management
Linux Users and Groups Management
Adding New Users, Storage, File System
Security and File Permission
LINUX SYSTEM ADMINISTRATION
User Management lctseng.
User Management.
Chapter Introduction 3.2 The UNIX Model of Ownership
Module 13 System and User Security
Adding New Users Chapter 6.
Administering Users and Groups
Adding New Users.
Chapter 6 Adding New Users
Presentation transcript:

Chapter 6 Adding New Users

Computer Center, CS, NCTU 2 Steps to add a new user 1.Edit the password and group files >vipw, pw 2.Set an initial password >passwd liuyh 3.Set quota >edquota liuyh 4.Create user home directory >mkdir /home/liuyh 5.Copy startup files to user ’ s home (optional) 6.Set the file/directory owner to the user >chown –R liuyh:dcs /home/liuyh

Computer Center, CS, NCTU 3 Step to add a new user – 1. password and group file (1)  /etc/passwd Store user information:  Login name  Encrypted password (* or x)  UID  Default GID  GECOS information –Full name, office, extension, home phone  Home directory  Login shell Each is separated by “:” /etc $ grep liuyh passwd liuyh:*:1002:20:User &:/home/liuyh:/bin/tcsh

Computer Center, CS, NCTU 4 Step to add a new user – 1. password and group file (2)  Encrypted password The encrypted password is stored in shadow file for security reason  /etc/master.passwd(BSD)  /etc/shadow(Linux) /etc $ sudo grep liuyh master.passwd liuyh:$1$4KQcUPbi$/nVs5bPDUXoyLLxw9Yp9D.:1002:20::0:0:User &:/home/liuyh:/bin/tcsh /etc $ grep liuyh passwd liuyh:*:1002:20:User &:/home/liuyh:/bin/tcsh /etc/passwd (BSD) /etc/master.passwd /etc] sudo grep liuyh passwd liuyh:$1$4KQcUPbi$/nVs5bPDUXoyLLxw9Yp9D.:14529:0:99999:7::: /etc/shadow /etc] grep liuyh passwd liuyh:x:1002:20:User &:/home/liuyh:/bin/tcsh /etc/passwd (Linux)

Computer Center, CS, NCTU 5 Step to add a new user – 1. password and group file (3)  Encrypted methods des  Plaintext: at most 8 characters  Cipher: 13 characters long  vFj42r/HzGqXk md5  Plaintext: arbitrary length  Cipher: 34 characters long started with “ $1$ ”  $1$xbFdBaRp$zXSp9e4y32ho0MB9Cu2iV0 blf  Plaintext: arbitrary length  Cipher: 60 characters long started with “ $2a$ ”  $2a$04$jn9vc7dDJOX7V335o3.RoujuK/uoBYDg1xZs1OcBOrIXve3d 1Cbm6  login.conf(5), “AUTHENTICATION“ section: passwd_format

Computer Center, CS, NCTU 6 Step to add a new user – 1. password and group file (4)  GECOS General Electric Comprehensive Operating System Commonly used to record personal information “,” separated “finger” command will use it Use “chfn” to change your GECOS #Changing user information for liuyh. Shell: /bin/tcsh Full Name: User & Office Location: Office Phone: Home Phone: Other information: liuyh:*:1002:20:User &:/home/liuyh:/bin/tcsh

Computer Center, CS, NCTU 7 Step to add a new user – 1. password and group file (5)  Login shell Command interpreter  /bin/sh  /bin/csh  /bin/tcsh  /bin/bash (/usr/ports/shells/bash) Use “chsh” to change your shell liuyh:*:1002:20:User &:/home/liuyh:/bin/tcsh #Changing user information for liuyh. Shell: /bin/tcsh Full Name: User & Office Location: Office Phone: Home Phone: Other information:

Computer Center, CS, NCTU 8 Step to add a new user – 1. password and group file (6)  /etc/group Contains the names of UNIX groups and a list of each group’s member:  Group name  Encrypted password  GID  List of members, separated by “, ” Only in wheel group can do “su” command wheel:*:0:root,liuyh daemon:*:1:daemon staff:*:20:

Computer Center, CS, NCTU 9 Step to add a new user – 1. password and group file (7)  In FreeBSD Use “vipw” to edit /etc/master.passwd Three additional fields  Login class –Refer to an entry in the /etc/login.conf –Determine user resource limits and login settings –default  Password change time  Expiration time /etc $ sudo grep liuyh master.passwd liuyh:$1$4KQcUPbi$/nVs5bPDUXoyLLxw9Yp9D.:1002:20::0:0:User &:/home/liuyh:/bin/tcsh /etc $ grep liuyh passwd liuyh:*:1002:20:User &:/home/liuyh:/bin/tcsh

Computer Center, CS, NCTU 10 Step to add a new user – 1. password and group file (8)  /etc/login.conf of FreeBSD Set account-related parameters including  Resource limits –Process size, number of open files  Session accounting limits –When logins are allowed, and for how long  Default environment variable  Default path  Location of the message of the day file  Host and tty-based access control  Default umask  Account controls –Minimum password length, password aging login.conf(5)

Computer Center, CS, NCTU 11 Step to add a new user – 1. password and group file (9) default:\ :passwd_format=md5:\ :copyright=/etc/COPYRIGHT:\ :welcome=/etc/motd:\ :setenv=MAIL=/var/mail/$,BLOCKSIZE=K,FTP_PASSIVE_MODE=YES:\ :path=/sbin /bin /usr/sbin /usr/bin /usr/games /usr/local/sbin /usr/local/bin:\ :nologin=/var/run/nologin:\ :cputime=unlimited:\ :datasize=unlimited:\ :stacksize=unlimited:\ :memorylocked=unlimited:\ :memoryuse=unlimited:\ :filesize=unlimited:\ :coredumpsize=unlimited:\ :openfiles=unlimited:\ :maxproc=unlimited:\ :sbsize=unlimited:\ :vmemoryuse=unlimited:\ :priority=0:\ :umask=022:

Computer Center, CS, NCTU 12 Step to add a new user – 1. password and group file (10)  In Linux Edit /etc/passwd and then Use “pwconv” to transfer into /etc/shadow  Fields of /etc/shadow Login name Encrypted password Date of last password change Minimum number of days between password changes Maximum number of days between password changes Number of days in advance to warn users about password expiration Number of inactive days before account expiration Account expiration date Flags /etc] sudo grep liuyh passwd liuyh:$1$4KQcUPbi$/nVs5bPDUXoyLLxw9Yp9D.:14529:0:99999:7:::

Computer Center, CS, NCTU 13 Step to add a new user – 2, 3, 4  Initialize password passwd liuyh  Set quota edquota liuyh edquota –p dcsq liuyh  Home directory mkdir /home/liuyh Quotas for user liuyh: /raid: kbytes in use: , limits (soft = , hard = ) inodes in use: 9728, limits (soft = 50000, hard = 60000)

Computer Center, CS, NCTU 14 Step to add a new user – 5, 6  Startup files System wide  /etc/{csh.cshrc, csh.login, csh.logout, profile} Private  csh/tcsh .login,.logout,.tcshrc,.cshrc  sh .profile  vi .exrc  startx .xinitrc In this step, we usually copy private startup files  /usr/share/skel/dot.*  Change onwer chown –R liuyh:dcs /home/liuyh

Computer Center, CS, NCTU 15 (Chap 1) UNIX Concepts – ID  User ID, Group ID % id liuyh  uid=10047(liuyh) gid=300(gcs) groups=300(gcs),0(wheel),800(security),700(ta),888(wwwadm) % id  uid=10047(liuyh) gid=300(gcs) groups=300(gcs),0(wheel),800(security),700(ta),888(wwwadm)  Super user root  uid=0(root) gid=0(wheel) groups=0(wheel), …  Other Important Users daemon: owner of unprivileged software bin: owner of system commands sys: owner of the kernel and memory images nobody: owner of nothing

Computer Center, CS, NCTU 16 Remove accounts  Delete the account entry [FreeBSD] vipw, pw userdel [Linux] remove the row in /etc/passwd and pwconv  Backup file and mailbox tar jcvf liuyh-home tar.bz /home/liuyh tar jcvf liuyh-mail tar.bz /var/mail/liuyh chmod 600 liuyh-* tar.bz  Delete home directory rm –rf /home/liuyh rm –f /var/mail/liuyh

Computer Center, CS, NCTU 17 Disabling login  Ways to disable login Change user’s login shell as /sbin/nologin Put a “#” in front of the account entry Put a '-' in front of the account entry Put a “*” in the encrypted password field Add *LOCKED* at the beginning of the excrypted password field  pw lock/unlock Write a program to show the reason and how to remove the restriction