Important files

/etc/passwd : all users and accountt data /etc/shadow /etc/group

ID

0: Root id

1-99 are traditionally reserved for special system users (sometimes called pseudo-users), such as wheel, daemon, lp, operator, news, mail, etc.

1-200: system processes (Redhat)
201-999: system users that uses system process but don't own file on the system 1000 - : system users

In [1]:
whatis id

id (1)               - print real and effective user and group IDs
In [7]:
id milad

uid=1000(milad) gid=1000(milad) groups=1000(milad),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),114(lpadmin),115(sambashare),119(vboxusers),123(wireshark)
In [3]:
id -u
id -un

1000
milad
In [4]:
id -g
id -gn

1000
milad
In [5]:
id -G
id -Gn

1000 4 24 27 30 46 114 115 119 123
milad adm cdrom sudo dip plugdev lpadmin sambashare vboxusers wireshark
In [6]:
id -g milad

1000

Adding user

In [ ]:
useradd -mM -c "Milad As" -g [primary group id] --skel SKEL_DIR -s /bin/bash -u UID -e Y-M-D milad
In [ ]:
-U create a same group as username and add user to it  
-m create home dir  
-M do not create home directory  
-d home dir  

/etc/skel                Default SKEL_DIR  
/etc/default/useradd     Default settings
In [ ]:
usermod -L milad # lock # Adds a ! in shadow file password field
usermod -U milad # unlock
In [ ]:
-a, --append                  append the user to the supplemental GROUPS
  -m, --move-home               move contents of the home directory to the

Manage password and login

In [ ]:
# Change user password

passwd # Current user
passwd username
In [ ]:
/usr/sbin/nologin - to prevent login

# have look at:
/etc/shadow
milad:x:17032:0:99999:7:::
user : passHash : lastPassCh : DayToAllowPassCh : DayToRequirePassCh : warnBeforeExpire : activeAfterExpire : expireDate

Manage password policies

/etc/login.defs - shadow password suite configuration
ex: how many day to change pass or shoud change pass

man 5 login.defs

In [ ]:
chage - change user password expiry information
In [9]:
chage -l milad

Last password change					: Aug 19, 2016
Password expires					: never
Password inactive					: never
Account expires						: never
Minimum number of days between password change		: 0
Maximum number of days between password change		: 99999
Number of days of warning before password expires	: 7
In [ ]:
chage -E [`date -d "+10day" +%F` | -1 to remove]

Groups

In [ ]:
groupadd
groupmod
groupdel
gpasswd
In [21]:
getent group sudo

sudo:x:27:milad
In [19]:
groups milad

milad : milad adm cdrom sudo dip plugdev lpadmin sambashare vboxusers wireshark
In [20]:
cat /etc/group | grep milad | wc -l

10
In [26]:
mkdir test
ls -lhd test

drwxrwxr-x 2 milad milad 4.0K Dec 28 07:15 test

chgrp, chown, newgrp

In [32]:
chgrp adm test
ls -lhd test

drwxrwxr-x 2 milad adm 4.0K Dec 28 07:15 test
In [31]:
chown :milad test
ls -lhd test

drwxrwxr-x 2 milad milad 4.0K Dec 28 07:15 test
In [33]:
chgrp adm test
cd test
touch newfile.txt
ls -lhtrFA
newgrp adm
touch newfile2.txt
ls -l

setgid

In [ ]:
chmod g+s test/
# inharite parent directory group

Lecture notes

License

Creative Commons License

Linux Notes by Milad As (Ravexina) is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

ravexina's gitlab

ravexina's github