Beruflich Dokumente
Kultur Dokumente
REDHAT EN
NTERPRISE LLINUX TR
RAININ
NG 5
Trainer
T r: Mr. Kao Sereyrath
h
MSc.ITT (SMU, India), BSc.IT (NU)
ICT Maanager, Sam
mic Microfinaance
Part‐Time Computter lecturer, Norton University
Updated Yeear 2010
HISTORY OF REDHAT ENTERPRISE LINUX
Starting in 2001, Red Hat, Inc. began offering Red Hat Enterprise Linux in addition to their original
consumer operating system, Red Hat Linux. In 2003, Red Hat started the Fedora Project to release
the Fedora Core operating system instead of Red Hat Linux.
The Fedora Project progresses at a rapid rate, releasing a new version of Fedora every four to six
months. This allows new technologies to be tested by millions of users, which in turn decreases the
amount of time it takes for these technologies to stabilize into production‐ ready software. Each
release of Red Hat Enterprise Linux is based on a Fedora operating system release. The kernel and all
of the other software in Red Hat Enterprise Linux are specifically configured and tested for
enterprise‐level usage.
Both Red Hat Enterprise Linux and Fedora are based on open source software developed by the open
source community, some of whom are members of the Red Hat engineering team. The term open
source means that the programming code is freely available to anyone and that anyone can submit
code to an existing open source project as long as the code stays open source. New projects or
programs can be created based on a different open source project or program. Open source
developers live all over the world, and they collaborate on projects every day together.
3
INSTALLING RED
DHAT ENTTERPRISEE LINUX
In this book,, we would gguide you on
n how to install RedHat Enterprise LLinux 5 throu
ugh:
1. VMw
ware Worksttation 6.0
2. Boottable RedHat Enterprise 5 DVD
I‐ Install RedHaat Enterprise Linux with
h VMware w
workstation 6
aa. Suppose you installed VMware 6
6 completelyy.
b
b. Click File menu > New
w > Virtual M
Machine or press Ctrl + N
cc. Click Nexxt button and select Cusstom
d
d. In Hardw
ware compatibility box, sselect Worksstation 6
ee. Select as below dialo
og:
ff. Naming yyour virtual machine filee and select tthe path of yyour virtual machine filee
gg. In Numb
ber of Proceessor dialog,, select Two
o if your computer is having
h 2 pro
ocessors
such as D
Dual Core or Core 2 Duo Processor.
h
h. In Memo
ory dialog, type
t the am
mount of Meemory to allocate in th
his Virtual machine.
m
Look at b
below sample:
i.. In Netwo
ork connectio
on dialog, seelect Use briidge Networrking
j. In SCSI Ad
dapters, seleect LSI Logicc
kk. And then
n select Creaate a new virrtual disk
l.. In Virtual Disk type d
dialog, selectt SCSI
m
m. In Disk caapacity dialo
og, type the size of virtu
ual hard diskk you want tto set. For exxample,
20GB and
d select Allo
ocate disk sp
pace now and click Next and Finish
n
n. In the Device panell, double cliick on CD‐R
ROM and seee sample below
b to select the
location of your ISO file (this is u
used in case you prefer to setup thee Redhat enterprise
m an ISO filee):
linux from
II‐ Install from Bootable Re
edHat Enterp
prise Linux 5
5 DVD
1
1. You need
d to have a b
bootable DVD
2
2. Make surre your BIOSS setting is co
onfigured to
o boot off CD
DROM device
e
3
3. Press Entter to install in Graphic m
mode or typ
pe linux text and Enter to
o install textt mode
4
4. Press OK
K to test yourr DVD beforee installation
n, or Press SSkip
5
5. In Welcome Messagee dialog, clicck Next butto
on
6
6. Select En
nglish (Englissh) language
7
7. Select USS Internation
nal as your kkeyboard settting
8
8. Click Skip his, you wo
p entering installation Number. If you skip th on’t be ablee to get
support o
or online update from th
he RedHat In
nc.
9
9. Click Yess to erase all data in th
he disk. You
u will see th
his messagee when yourr disk is
unallocatted.
1
10. Select Re
emove all paartitions on selected drives and creaate default layout if you
u want
the setup
p to delete aall partitions and create the standard
d partitions for RedHat
enterprisse linux.
emove linux partitions o
Select Re on selected d
drives and ccreate defau
ult layout will let
the setup
p to remove only all linux partitions and create sstandard partitions.
Select Usse free spacee on selecte
ed drives and
d create deffault layout means allow
w setup
to managge the free/u
unallocated partitions to
o create stan
ndards linux partitions.
Select Create custom
m layout meaans to manaage partition
n by your ow
wn.
Tick Review and mod default partiitions that are
dify partitioning layout to edit the d
by Linux.
created b
1
11. In Linux, only 3 bassic partitions are required during installation. Those are / (root
partition), /boot and
d swap. Wheere the size o
of swap parttition equalss to size of m
memory
M, or Logical Volume M
× 2. LVM Manager, is aa storage maanagement ssolution that allows
administrators to divvide hard drrive space in
nto physical volumes (P
PV), which can then
bined into lo
be comb ogical volum
me groups (VG), which
h are then divided
d into
o logical
volumes (LV) on which the filesyystem and m
mount point aare created.
1
12. A boot lo
oader must be installed
d to boot in
nto the operating system. The GRU
UB boot
loader is installed byy default. Op
ptions such aas enabling a boot loadeer password
d can be
selected..
13. Below dialog allowss you to deefine your server’s name and configuring DNS and
1
Gateway IP address.
1
14. Click Editt button to sspecify staticc IP address.
1
15. Select Assia/Phnom_Penh as you
ur region.
1
16. Specify th
he root passsword.
1
17. Select de
efault softwaare installation to install the typicaal software o
or select Cusstomize
Now to in
nstall and ch
hoose more packages.
1
18. Select mo
ore softwaree packages tthat you preffer to installl.
1
19. Click Nexxt to begin your installattion.
UNDERSTANDING LINUX CONCEPT
FILESYSTEM HIERARCHY
The location of the files and directories in a Red Hat Enterprise Linux system are based on the
Filesystem Hierarchy System (FHS) guidelines. The purpose of the FHS is to provide guidelines for file
and directory locations for UNIX‐based operating systems such as Linux.
Instead of an administrator searching the entire filesystem for a particular type of file, he can know
that it will be in one of a few established locations. For example, most configuration files are in the
/etc/ directory, and log files are in the /var/log/ directory.
Because the FHS defines the /var/log/ directory as the location for log files, it is easy for an
administrator to find the log files she is looking for because they are all in one common directory.
Some common directory
Directory FHS Purpose
/bin/ Essential commands for admins and users
/usr/bin/ Common commands for admins and users
/sbin/ Essential commands for admins
/usr/sbin/ Common commands for admins
/tmp/ Temporary files for all users
/usr/local/ Location for locally‐installed software independent of operating
system updates
/usr/share/man/ Manual pages
/usr/src/ Source code
/var/ Variable data files such as spool files and log files
/var/log/ Log files, can include subdirectories
/etc/ Configuration files, can include subdirectories
/proc/ Kernel virtual filesystem
/dev/ Device files
12
SHELL BASIC
S C
Even though
h Red Hat Enterprise
E L
Linux providees a graphiccal desktop and graphical applications for
most administration tassks, it is wisee to know th
he basics of the comman
nd line, also known as the shell
prompt. For example, you will neeed to know
w how to use the shell prompt if you
y are acceessing a
system remo
s otely withou
ut X forward
ding, workingg with a systtem that doees not have a
a graphical desktop
installed, tryying to diag
gnose a pro
oblem with the X Wind
dow System,, or bootingg into rescue mode
without a gr
w raphical deskktop.
There
T are tw
wo ways to
o start a she
ell prompt. If the X Wiindow Systeem is not installed, the system
defaults to aa black screeen with a loggin prompt. A
After you logg in, you aree at a shell p
prompt.
If you have a graphical desktop installed, log in
nto the systeem at the graphical login screen, and then
start a shell prompt by clicking on tthe Applications menu o
on the top p
panel and selecting Acceessories,
Terminal. A
T terminal window as sho
own below.
nds can be eexecuted to navigate arround the fillesystem, reead files, start applicatio
So, comman
S ons, and
perform adm
ministrative tasks.
By default, tthe prompt looks like th
he followingg:
[root@redhatserver ~]##
The ffirst word be
efore the @ symbol is th
he username
e of the persson currently logged in.
The w
word after tthe @ symbo
ol is the hosttname of the system.
The ~ symbol means
m t current working dirrectory is th
that the he home dirrectory of th
he user.
Wheen you start aa terminal, tthe default d
directory is yyour home d
directory.
Some basic command you should know:
To change to a different directory, use the cd <directory> command.
cd ../httpd takes you up one directory and then down into the httpd directory.
To create a directory, use the mkdir <directory> command. The directory will be created in
current directory. If you want to create project1 directory in /home/rath you can type mkdir
/home/rath/project1
To remove an empty directory, invoke the rmdir <directory> command.
To force the removal of a directory with all the files and subdirectories within that directory,
use the rm ‐rf <directory> command.
To remove a file, use the rm <file> command.
Use the ls <directory> command to view the contents of <directory>.
To list all the OpenOffice.org text documents, use the ls *.odt command, or the ls status* to
find all files whose filename begins with status. Multiple wildcards can be used such as ls
*status* to list all files that have status somewhere in their name.
To copy a file from one location to another, use the cp <from> <to>. For example: cp
status.txt dir1/.
The mv <from> <to> command is similar to the cp command. The only difference is that the
original <from> file will no longer exist after the move operation.
Instead of typing the entire command, you can type the first few characters of it and press the
Tab key, then it will show the possibilities message as below:
Display all 112 possibilities? (y or n)
Press the Y key to display all the results, or press the N key to go back to the prompt and
type a few more characters to the desired command.
If you have ever forgotten a recently used command or forgotten which command line
arguments you used for a particular command, you can use history command. Or if you want
to filter some part of command you can use: history | grep ‘part of the command’
The command clear to clear the screen and place the prompt at the top of the screen.
locate .odt to find all OpenOffice.org text files or locate compare to find all filenames that
contain the word compare. The only catch to this command is that it relies on the generation
of a database file so it can quickly display results. The locate command is provided by the
mlocate package, which also provides the cron script /etc/cron.daily/mlocate.cron to
automatically generate this database daily.
14
The find command is a bit more complicated to use and takes longer to produce results
because it does not rely on a database to produce results. Because it takes longer, it is
possible to specify a specific directory to look in. The basic syntax is as follows:
find <directory> ‐name <filename>. To search in the current directory and below, replace
<directory> with a dot (.) character such as find . ‐name guidelines.txt
If you know a command exists on the system but keep getting the error message command
not found, check to make sure you are typing the command correctly. Otherwise, it might not
be in your PATH environment variable. To view the value of your PATH, execute the command
echo $PATH from the command line. As you can see, your PATH is a list of directories. When
you execute a command without providing its full path, it must be in one of the directories
listed in your PATH.
You can provide the full path to the command if you know it, such as /sbin/lspci to execute
the command to list the PCI devices.
To add the /usr/sbin/ and /sbin/ directories to your PATH, add the following line:
export PATH=:$PATH:/usr/sbin:/sbin
To verify which command you are executing, type the command which <command>. If a
match to the command is found in the directories from your PATH, the full path to the
command is displayed.
To read a text file such as a configuration file without having to open a text editor. This is
possible with the less, more, and cat command‐line utilities.
You can type less output.txt, more /var/log/messages, or cat /etc/sysconfig/network.
With the less command, the Page Up and Page Down keys can be used to scroll up and down
the contents of the file. The more command only allows you to scroll down the file using the
spacebar to advance. The cat command outputs the contents of the file to the command line
and then exits, so if the file is longer than the number of lines in your terminal, you will only
see the last part of the file.
For example, to view only the kernel messages in the system log file, use the following
command:
cat /var/log/messages | grep kernel
15
Insteead, you can
n temporarily start a teerminal session as root. From a she
ell prompt, execute
the ffollowing command to temporarily b
become the root user:
su –
Wheen you no longer need tto be root, type the exitt command and then prress Enter to
o return
to yo
our user shell.
To reead the man
nual page forr a command
d, execute m
man <command> from aa shell prompt.
To o v <file> at tthe shell prrompt. If thee file does not exist, it will be
open a file in Vi, type vi
creatted with the
e filename yyou provided
d the first time you saved it. To usee it, you mu
ust have
the vvim‐minimal RPM packaage installed
d.
To sttart making changes to
o the file or start typingg content intto a new fille, change to insert
mode by pressing the i keey. You will notice thatt the status at the botttom of thee screen
nges to ‐‐ INSSERT ‐‐. Nextt, start typin
chan ng.
Wheen you are finished typin
ng the contents of the fille, press thee Esc key to eexit insert m
mode. To
save a file, exit in
nsert mode, type :w (thee w is for wrrite), and preess Enter.
Common V
Vi Commands
FILE PERMISSION
Every file on your system has an accompanying set of permissions based on ownership.
You can examine the default permissions for a file you create by:
$ touch file
$ ls ‐l file
‐rw‐r‐‐r‐‐ 1 root root 0 2009‐04‐01 23:46 file
The first character of the field is the type of file created: A dash is for a plain file, d is for
directory, c for character device (such as a serial communications Ex: /dev/ttys0) and b for
block device (a device that transfers and caches data in block Ex: blocks/dev/hda).
Permissions—Read, Write, and eXecute permission for the owner, group, and other users on
the system.
Number of links to the file—The number one (1) designates that there is only one file,
whereas any other number indicates that there might be one or more linked files. Links are
created with the ln command.
The owner—The account that created or owns the file; you can change this designation by
using the chown command.
The group—The group of users allowed to access the file; you can change this designation by
using the chgrp command.
File size and creation/modification date—The last two elements indicate the size of the file in
bytes and the date the file was created or last modified.
Assigning Permissions
Under Linux, permissions are grouped by owner, group, and others, with read, write, and execute
permission assigned to each, like so:
Owner Group Others
rwx rwx rwx
4+2+1=7 4+2+1=7 4+2+1=7
r = open and read file = 4
w = open and write file = 2
x = execute the file or read directory = 1
17
Using chmod command to modify permission
$chmod a‐w readme.txt
$ ls ‐l readme.txt
‐r‐‐r‐‐r‐‐ 1 andrew andrew 12 Jan 2 16:48 readme.txt
Some option you could use with chmod command:
u—Adds or removes user (owner) permission
g—Adds or removes group permission
o—Adds or removes for others not in a file’s group
a—Adds or removes for all users
r—Adds or removes read permission
w—Adds or removes write permission
x—Adds or removes execution permission
Ex:
$ chmod u+rw readme.txt
$ ls ‐l readme.txt
‐rw‐‐‐‐‐‐‐ 1 andrew andrew 0 2007‐10‐23 19:08 readme.txt
Or
$ chmod 600 readme.txt
INITIALIZATION SCRIPT
Network services such as the Apache HTTP Server and DHCP along with other programs such as cron
and syslog require a daemon to be running at all times. The daemon performs actions such as
listening for connections to a service on specific ports, making sure commands are executed at
specific times, and capturing data such as log messages when they are sent out by other
programs.Programs that require a daemon to be started have an initialization script in the
/etc/rc.d/init.d/ directory.
This program first executes the /etc/rc.d/rc.sysinit script to perform actions such as loading kernel
modules for hardware support, loading the default keymap, and setting the hostname. The
18
/etc/inittab script is run next, which then tells init which runlevel to start. The runlevel defines which
services to start at boot time, or which initialization scripts to execute.
Lastly, the /etc/rc.d/rc.local script is executed. Commands can be added to this file for custom
initialization.
The initialization scripts can also be used to start, stop, and restart services after the system has
booted. These actions are performed with the service command as the root user.
To perform an action, use the following syntax:
service <service> <action>
For example, the following starts the OpenSSH service:
service sshd start
RUNLEVELS
How does the system know which initialization scripts to run so that only the desired services are
started at boot time? Linux uses the concept of runlevels to define which services to start at boot
time.
There are 7 runlevels, with each having its own general purpose:
0 Halt the system
1 Single‐user mode or rescue mode
2 Not used
3 Multi‐user mode with text login
4 Not used
5 Multi‐user mode with graphical login
6 Reboot
Each runlevel has its own directory named rcX.d in /etc/rc.d/, where X is the runlevel number. Each
of these directories contains symbolic links to the actual initialization scripts in /etc/rc.d/init.d/. Each
symbolic link start with the letter S or K followed by a number. The S stands for start, and the K
stands for kill, which means to stop a process. When a runlevel is initialized, all the services starting
with K are stopped first, and then all the services starting with S are started.
19
Changing the Default Runlevel
By default, Red Hat Enterprise Linux boots into runlevel 5 with a graphical login screen and a
graphical desktop once the user successfully authenticates. Runlevel 3 is essentially the same except
the text login is used.
The default runlevel is configured on the following line from the /etc/inittab file:
id:5:initdefault:
To change to a different runlevel without rebooting the system, please type the command:
init <runlevel>
Configuring runlevel
To configuring which services are started for a runlevel, use one of three programs: chkconfig
(command line only), ntsysv (simple text‐based application that doesn’t require a graphical desktop),
or the Service Configuration Tool (graphical application).
The chkconfig command can be used to configure runlevels and list the current runlevel
configuration. It must be run as root if modifying a runlevel.
To list the status of all services, execute the chkconfig ‐‐list command.
httpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
To list the status for just one service, provide the name of the service:
chkconfig ‐‐list <service>
To modify whether the service is turned on or off for the runlevel, specify the service name and then
on, off, or reset. Set it to on to have the service started at boot time. Set it to off to have the service
stopped at boot time. Setting it to reset resets the values of all runlevels to the defaults from the
initialization script. The syntax is as follows:
chkconfig <service> [on|off|reset]
OR
chkconfig ‐‐level <levels> <service> [on|off|reset]
20
WORKING W
W WITH RPM SSOFTWARE
A
A large partt of a system
m administrator’s job iss to maintain the software on a co
ompany’s servers as
well as the
w software on
n the users’ desktops. R
Red Hat Nettwork is based on a softtware mainttenance
d RPM (Red Hat Package
utility called e Manager).
A proper RP
A pecific naming convention:
PM file should follow a sp
<packagena
< on>‐<releasse>.<arch>.rpm
ame>‐<versio
For examplee, pciutils‐2..2.1‐1.2.i386
6.rpm is thee RPM filenaame for the 1.2 release of version 2.2.1 of
the PCI utilit
t ties softwaree package bu
uilt for the i3
386 architeccture.
Why the pa
W ckage needss to have diffferent architecture?
Because diffferent proce
essors must u
use different software liibraries, havve different ssystem calls,, and
utilize different optimizations, sofftware mustt be built with
w the prroper versio
on of the compiler
compatible with the arcchitecture.
System
S Arch
hitectures Us
sed by RPM
Installing So
oftware
Installing an
n RPM packaage can be d
done via thee command line or a graaphical program. Becausse some
ways have a graphical deesktop instaalled, it is im
systems succh as serverss do not alw mportant to learn at
least the basics of how to use the comman
nd‐line version of RPM
M. The command is sim
mple to
m command.
remember: It is the rpm
Before instaalling any so
oftware, con
nfirm that it was packagged by a tru
usted sourcee and has no
ot been
altered since the trusteed source bu
uilt it. This p
process is do
one by checcking the GP
PG signaturee of the
package.
First, as the root user, im
mport the GPG signaturee of the trussted party with the
rpm ‐‐imporrt <keyfile> command, w
where <keyffile> is the file containing the key.
Key files fo
or software distributed H can be found in th
d by Red Hat he root directory of the first
installation CD:
To
T verify that the key was
w importeed properly,, execute th
he rpm ‐qa ggpg‐pubkeyy* command
d. If you
imported the RPM‐GPG
G‐KEY‐redhatt‐release ke
ey, the outpu
ut will be sim
milar to the ffollowing:
gpg‐pubkey
g y‐37017186‐4
45761324
To view the
T details of th
he key, execu
ute the rpm ‐qi gpg‐pub
bkey‐370171
186‐4576132
24 command
d.
After
A imporrting the keyy, the signature on thee package caan be verifieed with thee rpm –K <rrpmfile>
command.
If the packagge was not ccorrupted sin
nce it was signed, the ou hrase md5 gpg OK.
utput will include the ph
If the packagge is not sign
ned, the outtput will include output such as: NO
OT OK.
If you haven
n’t imported the corresp
ponding public key, the ffollowing meessage is given: MISSING
G KEYS.
After verifyi
A ng that the package is trrustworthy, install it witth this comm
mand:
rpm ‐Uvh <rrpmfile>
The ‐Uvh arg
T guments tell the rpm co
ommand to iinstall the paackage (U), display verb
bose information
about the in
a nstallation (vv), and displlay the proggress of the iinstallation (h) with hassh marks (#)).
For examplee: To install ssome packagges in RedHaat Linux Enteerprise DVD.
1. You need to change to the p
package directory in the DVD by:
media/RHELL‐5 i386 Discc/Server
cd /m
2. So if you want to
o install tftp packages:
Sometimes a
S a package re
equires additional RPM packages to be installed
d or updated
d.
To
T solve thiis problem, Download the
t addition
nal package as well and install all the packagess at the
same time:
rpm ‐Uvh <rrpmfile1> <rrpmfile2>
If the packaage is alread
dy installed aand you onlly want to upgrade the
u package, use the ‐F arrgument
instead:
packagenam
rpm ‐Fvh <p me>‐<version
n_number>.<arch>.rpm
Optional rpm Arguments When Installing or Updating
Argument Description
‐‐nodeps Install or upgrade the package without checking for dependencies.
The software will most likely not function properly without the
software dependencies installed. If you contact Red Hat support with
problems, they will most likely ask you to reproduce the problem on
a system where all package dependencies have been satisfied.
‐‐excludedocs Do not install packages marked as documentation files such as man
pages.
‐‐oldpackage Allow a package to be replaced with an older version.
‐‐test Check for potential conflicts such as package dependencies but do
not install the package.
To remove a package, issue the following command:
rpm ‐e <packagename>
Notice that this time, only <packagename> is used, not the full name of the file used to install the
software.
If multiple versions of a package are installed, you can use:
rpm ‐e <packagename>‐<version>‐<release>
If the package that depends on the package you are trying to remove is still needed on the system,
you should not try to remove the package. If the package that depends on the package you are trying
to remove is also not needed, both must be removed at the same time to resolve the dependency:
rpm ‐e <packagename1> <packagename1>
If a configuration file is part of the package being removed but it has been modified, the file will be
renamed instead of removed with the .rpmsave extension, and a message similar to the following is
displayed:
warning: /etc/sysconfig/samba saved as /etc/sysconfig/samba.rpmsave
What if you want to verify that the files associated with a package haven’t been corrupted?
if you suspect your system has been accessed by a non‐authorized user, you can verify that the files
from a package have not been changed with the RPM verify feature.
24
If the verify function is used, file properties such as file size, MD5 sum, file permissions, file type, and
file ownership are compared to the original values stored in the RPM database.
To verify that the files are associated with a package, use the following command:
rpm ‐V <packagename>
If no output is returned, the files from the package have not been modified since installation. If a file,
such as a configuration file, has been modified, the output is similar to:
.M.....T /etc/httpd/conf/httpd.conf
RPM Verification Codes
Code Explanation
S File size has changed
M Mode has changed, including file permissions and file type
5 MD5 sum has changed
D Device major or minor number has changed
L The path of the symbolic link has changed
U The owner of the file has changed
G The group of the file has changed
T The last modified time has changed
Querying Package Files
How do you know which files are associated with which RPM packages? You can query the RPM
database and find out:
rpm ‐qf <filename>
The <filename> must be the full path to the file. If the file is associated with an RPM package
installed, the name of the package and the version installed is displayed.
To query the package of the command, you could use:
rpm ‐qf `which <filename>`
To retrieve a list of configuration files from a package installed, use the following command:
rpm ‐qc <packagename>
A similar query can be performed to list any documentation files installed with a package:
rpm ‐qd <packagename>
Note: Documentation files include man pages and text or HTML formatted files in /usr/share/doc/
installed by the package.
25
SYSTEM ADMINISTRATION
Managing user and group
Each user on a Red Hat Enterprise Linux system is assigned a unique user identification number, also
known as a UID. UIDs below 500 are reserved for system users such as the root user.
By default in Red Hat Enterprise Linux, when a user is added, a private user group is created.
By default, the directory /home/<username>/ is created as the user’s home directory.
Adding/modifying/deleting user
The basic syntax to create new user is useradd <option> <username>.
Some options you can use along with useradd command:
Command‐Line option Description
Full name of the user (or a comment about the user). If more than
‐c <fullname>
one word is needed, place quotation marks around the value
Home directory for the user. The default value is /home/
‐d <directory>
<username>/
Date on which the user account will expire and be disabled. Use
‐e <date>
the format YYYY‐MM‐DD (default: never expire or disable).
Default group for the user specified as a group name or group ID
‐g <group>
number.
‐G <group> Comma‐separated list of additional group names or GIDs to which
the user will be a member.
‐p <password> Specify an encrypted password for the user
‐s <shell> Specify the user login shell for the user. The default shell if not
specified is /bin/bash.
‐u <uid> Integer to use for the user ID. Values less than 500 are reserved for
system users.
To modify the user usermod <options> <username>.
To create a password for the user, use the command passwd <username>.
To delete user userdel <username>. To remove the user’s home directory and mail spool, use the
userdel ‐r <username> command.
26
Managing Group
A unique integer known as a GID is associated with each group. GIDs below 500 are reserved for
system groups just like UIDs below 500 are reserved for system users.
The basic syntax to create new user is groupadd <groupname>.
To specify a GID, use the groupadd ‐g <gid> <groupname> command.
The modify the group such as changing the GID of a group, use the
groupmod ‐g <gid> <groupname> command.
To change the name of the group, use the groupmod ‐n <newname> <groupname> command.
To delete an existing group, use the groupdel <groupname> command.
Where they store?
A list of all local users is stored in the /etc/passwd file. This file is in plain text format and is readable
by anyone logged in to the system.
Each user is listed on a separate line, with the following format:
username:password:uid:gid:real_name:/home/directory:shell
Field Description
username Login name for the user. Can’t contain spaces or tabs.
The x character that denotes the encrypted password is stored in
password /etc/shadow. If shadow passwords are not used, this field contains
the encrypted user password.
uid Unique integer used as the user ID.
gid Unique integer used as the group ID.
real_name Full name of the user (not required).
/home/directory Full path to the home directory of the user.
shell Login shell for the user. /bin/bash is the default.
If shadow passwords are used (the default), the encrypted passwords are stored in the /etc/shadow
file. All user’s groups are stored in the /etc/group file, readable by everyone but only writable by
root. Each group is listed on a separate line in the following format:
groupname:password:gid:users
The default values used when adding a user are stored in the /etc/default/useradd file.
if you edit the file /etc/default/useradd you will see:
# useradd defaults file
GROUP=100
HOME=/home
INACTIVE=‐1
EXPIRE=
SHELL=/bin/bash
SKEL=/etc/skel
27
28