Managing Local Linux Users and Groups

Overview
Goal To manage local linux users and groups and administer local password policies
Objectives
  • Explain the role of users and groups on a Linux system and how they are understood by the computer.
  • Run commands as the superuser to administer a Linux system.
  • Create, modify, lock, and delete locally defined user accounts.
  • Create, modify, and delete locally defined group accounts.
  • Lock accounts manually or by setting a password-aging policy in the shadow password file.
Sections
  • users and groups (and practice)
  • Gaining Superuser Access (and Practice)
  • Managing Local User Accounts (and Practice)
  • Managing Local Group Accounts (and Practice)
  • Managing User Passwords (and Practice)
Lab Managing Local Linux User and Groups

 

Part 1: Users and Groups

Question: What is a User?

Every process (running program) on the system runs as a particular user. Every file is owned by a pariticular user. Access to files and directories are restricted by user. The user associated with a running process determines the files and directories accessible to that process.

 

 

[elewei@localhost Desktop]$id

The id command is used to show information about the current logged-in user.

 

[elewei@localhost Desktop]$ls -l /tmp

View the user associated with a file or directory. The third column shows the username

 

[elewei@localhost Desktop]$ps au

To view the process information, use the ps command. The default is to show only processes in the current shell. Add the a option to view all processes with a terminal.

To view the user associated with process, include the u option. 

 

The mapping of names to numbers is defined in databases of account information. By default, systems use a simple "flat file" the /etc/passwd file, to store information about local users.

username password UID GID GECOS: /home/dir: shell

 

username: is a mapping of a UID to a name for the benefit of human users.

password: historically, passwords were kept in an ecrypted format. Today, they are stored in a separate file called /etc/shadow.

UID: is a number that identifies the user at the most fundamental level.

GID: the user's primary group ID number.

GECOS: is arbitrary text, which usually includes the user's real name.

/home/dir: is the location of the user's personal data and configuratoin files.

shell: a program that runs as the user logs in. For a regualr user, this is normally the program that provides the user's command line prompt.

 

Question: What is a group?

Like users, groups have a name and a number (GID). Local groups are defined in /etc/group.

 

posted @ 2015-08-21 22:47  elewei  阅读(268)  评论(0)    收藏  举报