Tuesday, August 24, 2010

User & Group Administration

########## USER, GROUP ADMINISTRATION. ##########

*Unix/Linux is multi user and multi tasking OS.
*Scheme :-
  #User always get created with primary group
  # One Primary Group per User

*When a user is created in Linux :--
--> home directory ( /home/username)
--> mail account     (/var/spool/mail/username)
--> unique UID & GID

*Types of Users.
System Users--> 0 — 499
Normal Users--> 500 — 60,000

User and Group Administration Database Files.
#/etc/passwd
root:x:0:0:root:/root:/bin/bash
u1:x:500:500::/home/u1:/bin/bash

#vim /etc/passwd
    u1:x:500:500:prog:/home/u1:/bin/bash
    |  |  |   |    |      |        |
    1  2  3   4    5      6        7

    Discription : -

    1. First field     : - Login name of the User
    2. Second field    : - Clear text encrypted password
                            Note: In case if shadowing is enabled it always denotes a
                            "x" which means the password is stored in /etc/shadow file
    3. Third field     : - User id which is unique to every user
    4. Fourth field    : - Group id which is unique to every group
    5. Fifth field     : - Comments i.e. user related info like Full Name, Office Add.,Off. No., Home No.
    6. Sixth field     : - Home directory
    7. Seventh field   : - Login shell
################################################################

#/etc/shadow
root:$1$d.MWHOEJ$zeLZ2sfTBhNVVWxzpwoAv/:14281:0:99999:7:::
u1:$1$SIOUwX2W$VO/QJmvEp13mlZ9E5B/EP1:14285:0:99999:7:::

#vim /etc/shadow
    u1: hjkadfhs8974uyh5jrt/ :13536:0:99999:7: : :
    |           |               |   |   |   | | | |
    1        2               3   4   5   6 7 8 9

      Discription : -

        1. First field     : - Login name of the User.
        2. Second field    : - Clear text encrypted password.
        3. Third field     : - Number of days since January 1 1970, when the password was last changed.
        4. Fourth field    : - Minimum number of days gap before a password can be changed again.
        5. Fifth field     : - Maximum number of days for the validity of a password.
        6. Sixth field     : - Warning for password expiry to be given before the stipulated number of days.
        7. Seventh field   : - Number of days after the expiration of password that the account should be disabled.
    8. Eight field     : - Number of days since 1 January 1970, the account is disabled.
    9. Ninth field     : - Reserved field.

###############################################################

#/etc/group
root:x:0:root
u1:x:500:

/etc/group
    u1:x:500:sachin,tom
    |  |  |     |
    1  2  3     4

    Discription :-
    1. Group Name
    2. Shadow passwd
    3. GID
    4. Groupmembers



###################### NEW USERS ###############################

*To create new users.

1)To change UID.
#useradd -u 501 u1
#passwd u1

2)To change primary group.
#useradd -g 501 u2
#passwd u2

*If we change & overwrite the group id so that
should be existed.

3)To overwrite.
#useradd -u 700 -o lax
#usermod -g 700 -o u3

4)To change secondary group.
#useradd -G 700 lax2
#usermod -G 700 lax3

5)To insert the comment.
#useradd -c "pranay" u4
#usermod -c "vijay" u3

6)To change the home directory.
#useradd -d /vikas u4
#usermod -d /vikas u3


7)To change the shell.
#useradd -s /bin/csh u1
#passwd u1
To check.
#tail /etc/passwd
u1:x:561:562::/home/u1:/bin/csh

##################### MODIFY USERS #############################

To modify the existing users by "usermod" command.

1)To modify the user login name.
#usermod -l vikas u1
            (N.N) (O.N)
N.N- new name.
O.N- old name.

To check.
# tail /etc/passwd
vikas:x:561:562::/home/u1:/bin/csh

2)To lock the account.
#usermod -L u1

3)To unlock the account.
#usermod -U u1

4)To change the comments.
#usermod -c "laxman" u1
#tail /etc/passwd
u1:x:561:562:laxman:/home/u1:/bin/csh

5)To modify the shell.
#usermod -s /bin/bash u1
#tail /etc/passwd
u1:x:561:562:laxman:/home/u1:/bin/bash

6)To change the UID.
#usermod -u 600 u1
#tail /etc/passwd
u1:x:600:562:laxman:/home/u1:/bin/bash

7)To change the GID with other existing users GID .
#usermod -g 560 u1
#tail /etc/passwd
raj:x:560:560::/home/raj:/bin/bash
u1:x:600:560:laxman:/home/u1:/bin/bash

8)To change the home directory.
#usermod -d /home/u1 u2
#tail /etc/passwd

Before modify the home directory.
u2:x:601:601::/home/u2:/bin/bash

After modify the home directory.
u2:x:601:601::/home/u1:/bin/bash


################### T0 DLETE A USER  ##############################


To Delet the user without home directory.
#userdel u1

To Delet the user with home directory.
#userdel -r u1
-r --> recursively.

##################################################################

*To change user setting.
#chage u3
Changing the aging information for u3
Enter the new value, or press ENTER for the default

        Minimum Password Age [0]:
        Maximum Password Age [99999]:
        Last Password Change (YYYY-MM-DD) [2009-02-09]:
        Password Expiration Warning [7]:
        Password Inactive [-1]:
        Account Expiration Date (YYYY-MM-DD) [1969-12-31]:



############### GROUP ADMINISTRATION ########################


1)To create a group.
#groupadd sales

2)To change the GID on new group.
#groupadd -g 700 mkt

3)To check.
#tail /etc/group
sales:x:602:
mkt:x:700:

4)To override.
#groupadd -g 800 -o admin
#tail /etc/group
sales:x:602:
mkt:x:700:
admin:x:800:

*To modify the group.

1)To modify the existing group.
#groupmod -g 610 sales
#tail /etc/group

Before.
sales:x:602:
After.
sales:x:610:

2)To change the groupname.
#groupmod -n marketing mkt
             (N.N)    (O.N)
#tail /etc/group

Before.
mkt:x:710:
After.
marketing:x:710:

3)To add user into group.

Add single user.
#gpasswd -a u3 admin
Adding user u3 to group admin

Add multyple users.
#gpasswd -M u4,u5 admin

To check.
#tail /etc/group
admin:x:800:u4,u5,u3

To delet a user from group.
#gpasswd -d u3 admin
Removing user u3 from group admin
You have new mail in /var/spool/mail/root

#tail /etc/group
admin:x:800:u4,u5

*To Delet a group.
# groupdel sales
################## END #########################