Presentation is loading. Please wait.

Presentation is loading. Please wait.

This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group 2013. Module 14 Managing.

Published byJacob Richards Modified over 8 years ago

Similar presentations

Presentation on theme: "This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group 2013. Module 14 Managing."— Presentation transcript:

1 This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group 2013. Module 14 Managing Users and Groups

2 This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group 2013. Exam Objective 5.2 Creating Users and Groups Objective Summary – Understanding user and group commands – Creating User IDs

3 This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group 2013. Working with Groups

4 This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group 2013. Creating a Group The most common reason to create a group is to provide a way for users to share files. After creating or modifying a group, you can verify the changes by viewing the /etc/group file or running the getent command.

5 This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group 2013. The groupadd Command The groupadd command creates a new group. The -g option can be used to specify a group id : groupadd -g 506 research If the -g option is not provided, the groupadd command will automatically provide a GID for the new group.

6 This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group 2013. Group ID Considerations Avoid creating GIDs in the same numeric ranges where you expect to create user IDs if your system uses UPG. Recall that GIDs of under 500 are reserved for system use. The -r option will assign the new group a GID that will be less than the lowest standard UID.

7 This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group 2013. Group Naming Considerations The first character of the name should be either an underscore (_) or a lower-case alphabetic character (a-z). Up to 32 characters are allowed on most Linux distributions, but using more than 16 can be problematic as some distributions may not accept more than 16. After the first character, the remaining characters can be alphanumeric, dash (-) and underscore(_). The last character should not be a hyphen (-).

8 This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group 2013. Modifying a Group The groupmod –n command changes a group’s name. The groupmod –g command changes a group’s ID. If you change the GID for a group, then all files that were associated with that group will no longer be associated with that group. These are called “orphaned” files. To find “orphaned” files: find / -nogroup

9 This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group 2013. Deleting a Group Delete a group with the groupdel command. This may result in “orphaned” files. Only supplemental groups can be deleted.

10 This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group 2013. Working with Users

11 This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group 2013. The /etc/default/useradd File The /etc/default/useradd file is used to define default settings when creating user accounts. Default settings can be viewed of modified with the useradd -D command. Editing this file required root access.

12 This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group 2013. The /etc/default/useradd File FieldExampleDescription GROUP100The default primary group for a new user. HOME/homeThe default base directory under which the user's new home directory will be created INACTIVEThis value represents the number of days after the password expires that the account is disabled. EXPIREAccount expiration date. SHELL/bin/bashThe SHELL setting indicates the default shell for user's when they login to the system. SKEL/etc/skelThe contents of this directory are copies into the new user's home directory and the new user is given ownership of these files CREATE_MAIL_SPOOLyesA "mail spool" is a file where incoming email is placed. ".

13 This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group 2013. The /etc/login.defs File The /etc/login.defs file is used to define default settings when creating user accounts. These default settings can be viewed only by viewing the contents of this file. These settings can also only be modified by editing the file directly. Editing this file required root access.

14 This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group 2013. The /etc/login.defs File FieldExampleDescription MAIL_DIR/var/mail/spoolThe directory in which the user's mail spool file will be created. PASS_MAX_DAYS99999The maximum number of days that a user can continue to use the same password. PASS_MIN_DAYS0The shortest time that a user are required to keep a password. PASS_MIN_LEN5This indicates the minimum number of characters that a password must contain. PASS_WARN_AGE7This is the default for the warning field UID_MIN500The UID_MIN determines the first UID that will be assigned to an ordinary user. UID_MAX60000The UID_MAX determines the highest possible UID that will be assigned to an ordinary user. GID _MIN500The GID _MIN determines the first GID that will be assigned to an ordinary group. GID _MAX60000The GID_MAX determines the highest possible GID that will be assigned to a regular group. CREATE_HOMEyesThe value of this determines whether or not a new directory will be created for the user, when their account is created. UMASK077Determines what the default permissions will be for the user's home directory.

15 This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group 2013. Working with Account Information

16 This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group 2013. Advantages to Individuals having Separate Accounts Accounts can be used to grant selective access to files or services. The sudo command can be configured to grant the ability to specify individuals to permit execution of select administrative commands. Each account can have group memberships and rights associated with it allowing for greater management flexibility.

17 This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group 2013. Account Considerations Before creating a user account, consider what values you want to set for the following: – User name – UID – Primary Group – Supplementary group(s) – Home Directory – Skeleton Directory – Shell – Comment

18 This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group 2013. The useradd Command The useradd command will allow you to create new users. Example: useradd -u 1000 -c 'Jane Doe' jane Modifies the following files: – /etc/passwd – /etc/shadow – /etc/group – /etc/gshadow Creates mail spool ( /var/spool/mail/jane ) and user’s home directory (/home/jane ).

19 This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group 2013. Password Security

20 This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group 2013. Picking a Password Avoid using personal information in passwords. Encourage complex passwords. Encourage longer passwords, but not too long as to make them hard to remember. Consider how often users will be required to reset their passwords.

21 This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group 2013. Setting a Password The passwd command will allow you to change a password. The root user can change any user password: passwd user_name The root user can break password rules besides “no empty passwords”. A user can change their own password by running the passwd command with no argument. Regular users can not break password rules. Password rules vary from one distribution to another.

22 This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group 2013. chage Command

23 This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group 2013. Using the chage Command Used to change password aging settings for a user. Short optionLong optionDescription -l--listList the account aging information -d LAST_DAY--lastday LAST_DAYSet the date of the last password change to LAST_DAY -E EXPIRE_DATE--expiredate EXPIRE_DATESet account to expire on EXPIRE_DATE -h--helpShow the help for chage -I INACTIVE--inactive INACTIVESet account to permit login for INACTIVE days after password expires -m MIN_DAYS--mindays MIN_DAYSSet the minimum number of days before password can be changed to MIN_DAYS -M MAX_DAYS--maxdays MAX_DAYSSet the maximum number of days before a password should be changed to MAX_DAYS -W WARN_DAYS--warndays WARN_DAYSSet the number of days before a password expires to start displaying a warning to WARN_DAYS

24 This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group 2013. Modifying a User Account

25 This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group 2013. Modify a User The user may need to be logged off to modify the account. Use the who, w or last commands to determine if a user is currently logged in to the system.

26 This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group 2013. The usermod Command Used to modify a user account. OptionDescription -c COMMENTSets the value of the GECOS or comment field to COMMENT. -d HOME_DIRSets a new home directory for the user. -e EXPIRE_DATESet account expiration date to EXPIRE_DATE. -f INACTIVESet account to permit login for INACTIVE days after password expires. -g GROUPSet GROUP as primary group. -G GROUPSSet supplementary groups to a list specified in GROUP. -aAppend the user's supplemental groups with those specified by – G. -hShow the help for usermod. -l NEW_LOGINChange the user's login name. -LLock the user account. -s SHELLSpecify the login shell for the account. -u NEW_UIDSpecify the user's UID to be NEW_UID. -UUnlock the user account.

27 This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group 2013. Removing a User

28 This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group 2013. Delete a User Use the userdel command to delete a user account. By default, only the account is deleted, not any of the files owned by the user. By using the –r option, files in the user’s home directory and the user’s mail spool are deleted.

Download ppt "This slide deck is for LPI Academy instructors to use for lectures for LPI Academy courses. ©Copyright Network Development Group 2013. Module 14 Managing."

Similar presentations

Unit 5 – User Administration Randy Marchany VA Tech Computing Center.

Unit 5 – User Administration Randy Marchany VA Tech Computing Center.
Linux Users and Groups Management

Linux Users and Groups Management
6. Adding New Users Xiang Sha Cmsc 691x. 6.1 The /etc/passwd File The /etc/passwd File is a list of users recognized by the system. Login name Encrypted.

6. Adding New Users Xiang Sha Cmsc 691x. 6.1 The /etc/passwd File The /etc/passwd File is a list of users recognized by the system. Login name Encrypted.
Race Condition Zutao Zhu 10/09/09. Outline Race Condition –Some functions –File format of /etc/passwd and /etc/shadow –Input Redirection Format-string.

Race Condition Zutao Zhu 10/09/09. Outline Race Condition –Some functions –File format of /etc/passwd and /etc/shadow –Input Redirection Format-string.
User Account Management WeeSan Lee. Roadmap Add An Account Delete An Account /etc/{passwd,shadow} /etc/group How To Disable An Account? Root Account Q&A.

User Account Management WeeSan Lee. Roadmap Add An Account Delete An Account /etc/{passwd,shadow} /etc/group How To Disable An Account? Root Account Q&A.
Linux+ Guide to Linux Certification, Second Edition

Linux+ Guide to Linux Certification, Second Edition
SUSE Linux Enterprise Server Administration (Course 3037) Chapter 2 Manage User Access and Security.

SUSE Linux Enterprise Server Administration (Course 3037) Chapter 2 Manage User Access and Security.
Resource Sharing Over a Network

Resource Sharing Over a Network
Linux+ Guide to Linux Certification, Second Edition

Linux+ Guide to Linux Certification, Second Edition
Linux System Administration LINUX SYSTEM ADMINISTRATION.

Linux System Administration LINUX SYSTEM ADMINISTRATION.
Filesystem Hierarchy Standard (FHS) –Standard of outlining the location of set files and directories on a Linux system –Gives Linux software developers.

Filesystem Hierarchy Standard (FHS) –Standard of outlining the location of set files and directories on a Linux system –Gives Linux software developers.
Guide to Operating System Security Chapter 4 Account-based Security.

Guide to Operating System Security Chapter 4 Account-based Security.
Guide to Linux Installation and Administration, 2e1 Chapter 8 Basic Administration Tasks.

Guide to Linux Installation and Administration, 2e1 Chapter 8 Basic Administration Tasks.
Managing User Accounts. Module 2 – Creating and Managing Users ♦ Overview ► One should log into a Linux system with a valid user name and password granted.

Managing User Accounts. Module 2 – Creating and Managing Users ♦ Overview ► One should log into a Linux system with a valid user name and password granted.
Linux+ Guide to Linux Certification, Second Edition

Linux+ Guide to Linux Certification, Second Edition
Adding New Users User as an entity - username(UID), GID. UID - typically a number for system to identify the user. GID – a number that recognizes a set.

Adding New Users User as an entity - username(UID), GID. UID - typically a number for system to identify the user. GID – a number that recognizes a set.
IT2204: Systems Administration I 1 6b). Introduction to Linux.

IT2204: Systems Administration I 1 6b). Introduction to Linux.
Unix System Administration Chapter 6 Adding New Users.

Unix System Administration Chapter 6 Adding New Users.
Module 4 - File Security. Security Overview File Ownership Access to Files and Dircetories Changing File and Directory Ownership Changing File and Directory.

Module 4 - File Security. Security Overview File Ownership Access to Files and Dircetories Changing File and Directory Ownership Changing File and Directory.
Linux+ Guide to Linux Certification, Third Edition

Linux+ Guide to Linux Certification, Third Edition

Similar presentations

Ads by Google