Beruflich Dokumente
Kultur Dokumente
Roadmap
Add An Account Delete An Account /etc/{passwd,shadow} /etc/group How To Disable An Account? Root Account Q&A
Add An Account
Create /home/foo $ cp -a /etc/skel/* /home/foo $ chown -R foo:users /home/foo $ chmod 711 /home/foo
Delete An Account
/etc/passwd
A file that contains a list of users recognized by the system World readable
Why?
Each line represents one user, eg. foo:x:500:500:Foo Bar:/home/foo:/bin/bash 7 fields separated by colons Login name or username Encrypted passwd UID Default GID GECOS information: fullname, office, extension, phone # Home directory Login shell
/etc/passwd (cont)
foo:x:500:500:Foo Bar:/home/foo:/bin/bash
Login name
32 chars long 8 for NIS (Network Information Service) Case sensitive, usually lower case Usually used as email address
Encrypted passwd
See /etc/shadow UID 32-bit unsigned integers Start from 500. See /etc/logins.defs
/etc/passwd (cont)
foo:x:500:500:Foo Bar:/home/foo:/bin/bash
Login name
32 chars long 8 for NIS (Network Information Service) Case sensitive, usually lower case Usually used as email address
Encrypted passwd
See /etc/shadow UID 32-bit unsigned integers Start from 500. See /etc/logins.defs
/etc/passwd (cont)
foo:x:500:500:Foo Bar:/home/foo:/bin/bash
Login name
32 chars long 8 for NIS (Network Information Service) Case sensitive, usually lower case Usually used as email address
Encrypted passwd
See /etc/shadow UID 32-bit unsigned integers Start from 500. See /etc/logins.defs
/etc/passwd (cont)
foo:x:500:500:Foo Bar:/home/foo:/bin/bash
Default GID
Defined in /etc/group
For personal information $ finger foo Cd to home directory after login Valid shells defined in /etc/shells
GECOS field
Home directory
Login shell
/etc/passwd (cont)
foo:x:500:500:Foo Bar:/home/foo:/bin/bash
Default GID
Defined in /etc/group
For personal information $ finger foo Cd to home directory after login Valid shells defined in /etc/shells
GECOS field
Home directory
Login shell
/etc/passwd (cont)
foo:x:500:500:Foo Bar:/home/foo:/bin/bash
Default GID
Defined in /etc/group
For personal information $ finger foo Cd to home directory after login Valid shells defined in /etc/shells
GECOS field
Home directory
Login shell
/etc/passwd (cont)
foo:x:500:500:Foo Bar:/home/foo:/bin/bash
Default GID
Defined in /etc/group
For personal information $ finger foo Cd to home directory after login Valid shells defined in /etc/shells
GECOS field
Home directory
Login shell
/etc/shadow
A file contains the encrypted passwd for the users Only readable by root or processes with root privilege Each line represents user, eg.
foo:$1$naYPGQnr$2Xyp.Q1KrWSf//VFR.yBL0:13690:0:99999:7::: Login name or username Encrypted passwd Date of last passwd change Min. # of days between password changes Max # of days between password changes # of days in advance to warn users about passwd expiration # of days after passwd expiration that account is disabled Account expiration date A reserved field
/etc/shadow (cont)
usermod
$ usermod -e 2007-06-26
/etc/group
A file contains the names of UNIX groups and a list of groups members, eg.
foo:x:500: installer:x:200:foo,bar
Group name (8 chars) Encrypted passwd or x for /etc/gshadow GID (starts from 500. see /etc/login.defs) List of members, separated by commas (no space)
/etc/false /sbin/nologin
Root Account
Special and powerful account UID 0 Guard your root passwd with your life!!!
At least 8 chars. long Dont write it down Mix letters, numbers and punctuations
Eg. Bambo0!
$ sudo /bin/bash /etc/sudoers All commands are logged $ visudo foo ALL=(root) ALL
To edit /etc/sudoers
References
LAH