Tanti Technology

My photo
Bangalore, karnataka, India
Multi-platform UNIX systems consultant and administrator in mutualized and virtualized environments I have 4.5+ years experience in AIX system Administration field. This site will be helpful for system administrator in their day to day activities.Your comments on posts are welcome.This blog is all about IBM AIX Unix flavour. This blog will be used by System admins who will be using AIX in their work life. It can also be used for those newbies who want to get certifications in AIX Administration. This blog will be updated frequently to help the system admins and other new learners. DISCLAIMER: Please note that blog owner takes no responsibility of any kind for any type of data loss or damage by trying any of the command/method mentioned in this blog. You may use the commands/method/scripts on your own responsibility. If you find something useful, a comment would be appreciated to let other viewers also know that the solution/method work(ed) for you.

Friday, 1 November 2013

User and Group Management in Redhat Linux


Here are some configuration files which you should be familiar.

/etc/passwd :
Contains the database of information of all the users.
The format of the file is

username:password:uid:gid:gecos:directory:shell

/etc/shadow :
The actual password of every user is stored in /etc/shadow, indicated by an x in the password field.
As /etc/passwd is readable by all users, storing even encrypted passwords in it makes password guessing easier.
However, /etc/shadow is more secure because it is readable only by programs that run with root privileges, such as login and passwd.

Here is a sample line from /etc/shadow
johny:$1$EmRh1cmZ$gkXY30H43D7NtpQXjm9F01:11589:0:99999:7:::

It contains the following fields,
- The account name
- The account’s encrypted password
- The number of days since 1 January 1970 that the password was last changed
- The number of days permitted before the password can be changed
- The number of days after which the password must be changed
- The number of days before the password expires that the user is warned
- The number of days after the password expires before the account is disabled
- The number of days since 1 January 1970 after which the account is disabled
- Reserved for future use


/etc/group :
Contains the database of information of all the groups.
The format of the file is
groupname:password:gid:userlist

where
groupname is the name of the group
- password is an optional field containing the encrypted group password
- gid is the numeric group ID number
- userlist is a comma-separated list of the user account names that comprise the group

For ex,
finance:x:507:jacob,maylyn,nancy


Now lets see some commands,

Q. To create a user account with default settings,

# useradd jacob

In this case,
the home directory will be /home/jacob,
shell will be bash
uid will be the next unused UID

Q. To show the default values taken while creating a user account,

# useradd -D

Q. To set a password for the newly created user account,

# passwd jacob

Q. To change the gecos(description) of a user account,

# usermod -c "Jacob Oyden" jacob

Q. To delete a user account

# userdel jacob

Q. To delete a user account along with its home directory,

# userdel -r jacob

Q. To create a group for finance department,

# groupadd finance

Q. To create a group in a specific guid,

# groupadd -g 1000 finance

Q. To delete a group,

# groupdel finance

Q. To lock a user account,

# passwd -l jacob

Q. To unlock a user account,

# passwd -u jacob

Q. To change the user name of an existing user account,

# usermod -l joyden jacob

above command change the username from jacob to joyden.

Q. To change the 'uid' of a user account,

# usermod -u 1023 jacob

Above command will also update all files and directories rooted in the user’s home directory automatically to the new UID, but any files outside of the user’s home directory must be altered manually.

Q. To show the user account expiry information,

# chage -l jacob

Q. To change user account expiry information,

# chage jacob

Q. To list all the shells (or you can refer the file /etc/shells for the available shells),

# chsh -l

Q. To change the shell of a user,

# chsh jacob

No comments:

Post a Comment