Here are some configuration files which you should be familiar.
/etc/passwd :
Contains the database of information of all the users.
The format of the file is
username:password:uid:gid:gecos:directory:shell
/etc/shadow :
The actual password of every user is stored in /etc/shadow, indicated by an x in the password field.
As /etc/passwd is readable by all users, storing even encrypted passwords in it makes password guessing easier.
However, /etc/shadow is more secure because it is readable only by programs that run with root privileges, such as login and passwd.
Here is a sample line from /etc/shadow
johny:$1$EmRh1cmZ$gkXY30H43D7NtpQXjm9F01:11589:0:99999:7:::
It contains the following fields,
- The account name
- The account’s encrypted password
- The number of days since 1 January 1970 that the password was last changed
- The number of days permitted before the password can be changed
- The number of days after which the password must be changed
- The number of days before the password expires that the user is warned
- The number of days after the password expires before the account is disabled
- The number of days since 1 January 1970 after which the account is disabled
- Reserved for future use
/etc/group :
Contains the database of information of all the groups.
The format of the file is
groupname:password:gid:userlist
where
groupname is the name of the group
- password is an optional field containing the encrypted group password
- gid is the numeric group ID number
- userlist is a comma-separated list of the user account names that comprise the group
For ex,
finance:x:507:jacob,maylyn,nancy
Now lets see some commands,
Q. To create a user account with default settings,
# useradd jacob
In this case,
the home directory will be /home/jacob,
shell will be bash
uid will be the next unused UID
Q. To show the default values taken while creating a user account,
# useradd -D
Q. To set a password for the newly created user account,
# passwd jacob
Q. To change the gecos(description) of a user account,
# usermod -c "Jacob Oyden" jacob
Q. To delete a user account
# userdel jacob
Q. To delete a user account along with its home directory,
# userdel -r jacob
Q. To create a group for finance department,
# groupadd finance
Q. To create a group in a specific guid,
# groupadd -g 1000 finance
Q. To delete a group,
# groupdel finance
Q. To lock a user account,
# passwd -l jacob
Q. To unlock a user account,
# passwd -u jacob
Q. To change the user name of an existing user account,
# usermod -l joyden jacob
above command change the username from jacob to joyden.
Q. To change the 'uid' of a user account,
# usermod -u 1023 jacob
Above command will also update all files and directories rooted in the user’s home directory automatically to the new UID, but any files outside of the user’s home directory must be altered manually.
Q. To show the user account expiry information,
# chage -l jacob
Q. To change user account expiry information,
# chage jacob
Q. To list all the shells (or you can refer the file /etc/shells for the available shells),
# chsh -l
Q. To change the shell of a user,
# chsh jacob
/etc/passwd :
Contains the database of information of all the users.
The format of the file is
username:password:uid:gid:gecos:directory:shell
/etc/shadow :
The actual password of every user is stored in /etc/shadow, indicated by an x in the password field.
As /etc/passwd is readable by all users, storing even encrypted passwords in it makes password guessing easier.
However, /etc/shadow is more secure because it is readable only by programs that run with root privileges, such as login and passwd.
Here is a sample line from /etc/shadow
johny:$1$EmRh1cmZ$gkXY30H43D7NtpQXjm9F01:11589:0:99999:7:::
It contains the following fields,
- The account name
- The account’s encrypted password
- The number of days since 1 January 1970 that the password was last changed
- The number of days permitted before the password can be changed
- The number of days after which the password must be changed
- The number of days before the password expires that the user is warned
- The number of days after the password expires before the account is disabled
- The number of days since 1 January 1970 after which the account is disabled
- Reserved for future use
/etc/group :
Contains the database of information of all the groups.
The format of the file is
groupname:password:gid:userlist
where
groupname is the name of the group
- password is an optional field containing the encrypted group password
- gid is the numeric group ID number
- userlist is a comma-separated list of the user account names that comprise the group
For ex,
finance:x:507:jacob,maylyn,nancy
Now lets see some commands,
Q. To create a user account with default settings,
# useradd jacob
In this case,
the home directory will be /home/jacob,
shell will be bash
uid will be the next unused UID
Q. To show the default values taken while creating a user account,
# useradd -D
Q. To set a password for the newly created user account,
# passwd jacob
Q. To change the gecos(description) of a user account,
# usermod -c "Jacob Oyden" jacob
Q. To delete a user account
# userdel jacob
Q. To delete a user account along with its home directory,
# userdel -r jacob
Q. To create a group for finance department,
# groupadd finance
Q. To create a group in a specific guid,
# groupadd -g 1000 finance
Q. To delete a group,
# groupdel finance
Q. To lock a user account,
# passwd -l jacob
Q. To unlock a user account,
# passwd -u jacob
Q. To change the user name of an existing user account,
# usermod -l joyden jacob
above command change the username from jacob to joyden.
Q. To change the 'uid' of a user account,
# usermod -u 1023 jacob
Above command will also update all files and directories rooted in the user’s home directory automatically to the new UID, but any files outside of the user’s home directory must be altered manually.
Q. To show the user account expiry information,
# chage -l jacob
Q. To change user account expiry information,
# chage jacob
Q. To list all the shells (or you can refer the file /etc/shells for the available shells),
# chsh -l
Q. To change the shell of a user,
# chsh jacob
No comments:
Post a Comment