2.2 Given a scenario, manage users and groups

Question 1

What are the commands used for creating users?

Answer 1

• useradd

- groupadd

Question 2

Describe how to use the useradd command

Answer 2

The useradd command is used by the root user to create a user account

useradd julia

Question 3

Describe how to add a user to a group

Answer 3

The groupadd command is used by the root user to create a group account

groupadd -g 2050 test
The -g option is used to specify the GID for the new group

Question 4

What are the main commands designed to modify user and group accounts?

Answer 4

• usermod
• groupmod
• passwd
• chage

Question 5

How do you use the usermod command?

Answer 5

The usermod command is used by the root user to modify a user account

[root@OCS ~]$ usermod -s /bin/tcsh julia

Question 6

What is the groupmod command used for?

Answer 6

The groupmod command is used by the root user to modify a group account

[root@OCS ~]$ groupmod -n proj test

Here are some important options for groupmod command:

• g change the GID
• n Change the group name

Question 7

What is the command that allows a user to change their password?

Answer 7

The passwd command allows a user to change their password. The root user can also use this command to change any user password or change other password based features for a user account.

-d

Delete the user’s password.

-e

Expire the user account immediately.

-l

Lock the account.

-u

Unlock the account.

-m

Change the Min field of the /etc/shadow file for the user.

-M

Change the Max field of the /etc/shadow file for the user.

-w

Change the Warn field of the /etc/shadow file for the user.

Question 8

What is the command used to modify password aging features for a user?

Answer 8

The chage command is executed by the root user to modify password-aging features for a user account. Here are some important options for the chage command

Question 9

What are the commands used to delete users and groups?

Answer 9

The commands used to delete users and groups are

• userdel
• groupdel

Question 10

How do you delete a user?

Answer 10

The userdel command is used by the root user to delete a user account

[root@OCS ~]$ userdel susan

An important option for the userdel command is the -r option, which deletes the user account as well as the user’s home directory and mail spool

Question 11

What is the command used to delete a group?

Answer 11

The groupdel command is used by the root user to delete a group account

[root@OCS ~]$ groupdel test

mportant Note

Be sure to remove all files owned by the group before running this command (or reassign the files to another group).

Question 12

What does the query id do?

Answer 12

The id command will display basic account information. When run with no arguments, it displays the current user’s UID, username, primary GID and name, as well as all secondary group memberships:

[root@OCS ~]$ id
uid=0(root) gid=0(root) groups=0(root)

You can pass a name as a parameter:

id zackbunch

Question 13

What does the whoami command do?

Answer 13

The whoami command displays the effective user ID

Question 14

What is the command to see WHO is currently logged in?

Answer 14

The who command shows who is currently logged in

The output of the who command includes the username, the terminal device the user is using, the login date and time, and where the user logged in from (:0 means a local login)

[root@OCS ~]# who
student :0 2017-02-18 01:52 (:0)
student pts/0 2017-02-18 01:52 (:0)
student pts/1 2017-03-05 19:55 (:0)
student pts/2 2017-03-06 18:24 (:0)
root pts/3 2017-03-06 18:24 (localhost)

Question 15

What is the w command used for?

Answer 15

The w command displays who is logged in as well as other useful information:

[root@OCS ~]# w
18:25:08 up 3 days, 1:24, 5 users, load average: 0.27, 0.08, 0.07
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
student :0 :0 18Feb17 41:48 1.01s gdm-session-wor
student pts/0 :0 18Feb17 4.00s 0.46s 20.33s /usr/libexec/gn
student pts/1 :0 Sun19 1:32 0.04s 0.00s less -s
student pts/2 :0 18:24 12.00s 0.05s 0.01s /usr/bin/sss_ss
root pts/3 localhost 18:24 12.00s 0.03s 0.03s -bash

Question 16

What command would you use to view current and previous logins?

Answer 16

The last command displays information about current and previous logins:

[root@OCS ~]# last -10
root pts/3 localhost Mon Mar 6 18:24 still logged in
student pts/2 :0 Mon Mar 6 18:24 still logged in
student pts/1 :0 Sun Mar 5 19:55 still logged in
student pts/1 :0 Sat Feb 18 01:56 - 01:56 (00:00)
student pts/0 :0 Sat Feb 18 01:52 still logged in
student :0 :0 Sat Feb 18 01:52 still logged in
(unknown :0 :0 Sat Feb 18 01:48 - 01:52 (00:03)
reboot system boot 3.10.0-327.18.2.
Tue Jan 24 13:43 - 19:15 (41+05:31)
student pts/1 :0 Sun Jan 22 08:22 - 01:46 (26+17:24)
student pts/0 :0 Thu Jan 19 12:19 - 01:46 29+13:27)

wtmp begins Sat Jun 11 20:51:56 2016

Question 17

What are quotas?

Answer 17

Quotas allow the administrator the ability to limit how much disk space can be used by individuals or groups. Quotas are per filesystem. This section focuses on how to enable and view quotas.

Question 18

What are user quotas?

Answer 18

To enable user quotas, you must mount the filesystem with the usrquota mount option. This can be accomplished by adding usrquota to the mount option field of the /etc/fstab file:

/dev/sdb1 / ext4 usrquota 1 1

Note

To enable group quotas, use the grpquota boot option. Both options can be used together (usrquota,grpquota) to enable both user and group quotas on a filesystem.

Question 19

Group Quotas

Answer 19

Group quotas are quotas that apply to every member of a group

Question 20

What is a non-login shell?

Answer 20

When a user starts a new shell after login, it is referred to as a non-login shell

Question 21

BASH Parameters

Answer 21

Initialization files can be used to modify several bash shell features. For example, shell variables can be set to modify the behavior of the bash shell or other programs

Question 22

User Entries

Answer 22

Users can control their individual environment by modifying initialization files in their home directory

• .bashrc
• .bash_profile
• .profile

Question 23

.bashrc

Answer 23

When a user opens a new BASH shell, the commands in the ~/.bashrc file are executed. This allows the user to set up the account by placing commands in this file.

Question 24

.bash_profile

Answer 24

When a user logs in to the system and the user’s login shell is a BASH shell, the commands in the ~/.bash_profile file are executed if this file exists. This enables the user to set up the account by placing commands in this file.

Question 25

.profile

Answer 25

When a user logs in to the system and the user’s login shell is a BASH shell, the commands in the ~/.profile file are executed if this file exists. This allows the user to set up the account by placing commands in this file

Question 26

Global Entries

Answer 26

The administrator can control the BASH environment for all users by modifying initialization files in the /etc directory

• /etc/bashrc
• /etc/profile.d/
• /etc/skel
• /etc/profile

Question 27

/etc/bashrc

Answer 27

When a user opens a new BASH shell, the commands in the /etc/bashrc file are executed. Only the root user should be allowed to modify the /etc/bashrc file. This allows the root user to set up all bash user accounts by placing commands in this file

Question 28

/etc/profile.d/

Answer 28

Software developers often have the need to modify the BASH environment of user accounts. For example, consider a software program that uses shell variables as a means to pass the program key information, such as user account information or system information.

Software is normally installed by the root user, so developers could use this elevated privilege to directly modify global initialization files, such as the /etc/profile or /etc/bashrc file. The danger is that this modification may accidently affect other global settings.

Instead of modifying the primary configuration files, software developers (and sometimes administrators) will place files in the /etc/profile.d directory. This directory is also considerd a location for initialization files because of the following code in the /etc/profile file:

Question 29

/etc/skel

Answer 29

The /etc/skel directory is used when a new user account is created to provide the new account with default files, such as BASH configuration files (.bashrc, .profile, and so on)

Question 30

/etc/profile

Answer 30

When a user logs in to the system and the user’s login shell is a BASH shell, the commands in the /etc/profile file are executed. Only the root user should be allowed to modify the /etc/profile file

Question 31

/etc/passwd

Answer 31

The /etc/passwd file is used to store user account information. It contains most of the user account data, except the password and password-aging policies

Question 32

/etc/group

Answer 32

The /etc/group file is used to store group account information. Each line in the /etc/group file describes one group account

Question 33

/etc/shadow

Answer 33

The /etc/shadow file is used to store user password information