Ch.4 Managing Linux Users and Groups

Question 1

/etc/passwd is an example of what database?

Answer 1

flat-file database

Question 2

changes a users last change date

Answer 2

chage -d YYYY-MM-DD

Question 3

changes the current users UID, primary group ID and home directory as well as reads the new users profile which allows you to become exactly like the new user

Answer 3

su - <user></user>

Question 4

changes the current users UID, primary group ID, and home directory

Answer 4

su <user></user>

Question 5

chang a users ID or group command

Answer 5

usermod

Question 6

contains a list of groups and their members

Answer 6

/etc/group

Question 7

contains user account information

Answer 7

/etc/passwd

Question 8

difference between a user and system accounts

Answer 8

System accounts cannot log on to the system, do not require a password, and do not have home directories

Question 9

Displays password aging information

Answer 9

passwd -S
or
chage -l <user></user>

Question 10

format for a record in the /etc/passwd file

Answer 10

user_name:password:UID:GID:comment:home_directory:default_shell

Question 11

how are user account ID ranges specified?

Answer 11

by variables UID_MIN and UID_MAX in /etc/login.defs

Question 12

How can you tell a user is disabled in /etc/shadow?

Answer 12

user account has * in the password field

Question 13

how to change a users aging info with a user interface

Answer 13

chage <user></user>

Question 14

How to create a skeleton directory for users with similar needs?

Answer 14

1. Create a directory named /etc/skel_<group_name>/</group_name>
2. copy all files in /etc/skel/ to that directory, edit the appropriate config files, and add any additional files desired into the new directory.
3. adding users to that group use the option -k
   useradd -k /etc/skel_<groupname> <username></username></groupname>

Question 15

information for users and groups are stored where?

Answer 15

/etc/passwd
/etc/shadow
/etc/group

Question 16

Linux method to permit or restrict access to files

Answer 16

discreationary access control (DAC)

Question 17

Linux supports a more granular permission structure called? What are these rights controlled by?

Answer 17

Mandatory Access Control (MAC)

Controlled by SElinux or AppArmor

Question 18

removes all of the users secondary groups and replaces them with a new secondary group

Answer 18

usermod -G <groupname></groupname>

Question 19

sets the account expiration date

Answer 19

chage -E YYYY-MM-DD

Question 20

sets the default number of days after a password expires for the account to become inactive

Answer 20

useradd -Df <number></number>

Question 21

sets the minimum number of days required before a password can be changed

Answer 21

passwd -n

Question 22

sets the number of days prior to password expiration, when the user will be warned of pending expiration

Answer 22

chage -W

Question 23

The user account ID for a service is in the range

Answer 23

0-99 or between the values set by SYS_UID_MIN and SYS_UID_MAX in /etc/login.defs

Question 24

useradd command obtains default values initially from ____ and next from ____

Answer 24

initially form /etc/login.defs and next from /etc/default/useradd

Question 25

these commands do not remove any groups from /etc/group

Answer 25

userdel or userdel -r

Question 26

unlocks the user account

Answer 26

passwd -u

Question 27

what UID is the default minimum and what is the default maximum UID

Answer 27

Minimum UID 1000 Maximum UID 60000

Question 28

what account is UID 0

Answer 28

root

Question 29

what are the fields format in /etc/group?

Answer 29

Group:password:GID:userlist

Question 30

what command creates a system account

Answer 30

useradd --system

Question 31

what does !! in /etc/shadow mean?

Answer 31

an account password has never been assigned

Question 32

What file directory would you modify if you want all new users to have specific files or settings?

Answer 32

/etc/skel/

Question 33

what kind of database is /etc/group

Answer 33

a flat-file database

Question 34

what will you see in a system accounts default shell portion in the /etc/passwd format?

Answer 34

/sbin/nologin or /bin/false

Question 35

what would you see in /etc/shadow for an account thats locked by passwd -l

Answer 35

!! preceding the encrypted password

Question 36

when using the useradd command, any require setting not specified are supplied where?

Answer 36

/etc/login.defs and /etc/default/useradd

Question 37

where does the min_days password default value get stored?

Answer 37

/etc/login.defs

Question 38

where is group information stored?

Answer 38

/etc/group and /etc/gshadow

Question 39

where is the default password INACTIVE value specified?

Answer 39

/etc/default/useradd

Question 40

adds a new secondary group

Answer 40

usermod -aG

Question 41

changes the location of the users home directory

Answer 41

usermod -d

Question 42

changes the username (logon name)

Answer 42

usermod -l

Question 43

command sys admins use to create user accounts

Answer 43

useradd

Question 44

command that displays all logged on users but not the processes they are executing

Answer 44

who

Question 45

command to change other users passwords as root

Answer 45

passwd

Question 46

command to display the current UID or GID

Answer 46

id

Question 47

command to modify an existing user

Answer 47

usermod

Question 48

command to remove a user and the users home directory and mail

Answer 48

userdel -r

Question 49

command to rename user student2 to user2

Answer 49

usermod -l user2 -d /home/user2 -m student2

Question 50

command to specify which user to display UID, GID and primary group ID

Answer 50

id

Question 51

command to view the default values set in /etc/default/useradd

Answer 51

useradd -D

Question 52

contains user password and password aging information

Answer 52

/etc/shadow

Question 53

displays password aging for a specific user

Answer 53

chage -l

Question 54

displays the UID of all logged on users, what processes they are executing and what devices the processes are executing from

Answer 54

w

Question 55

for better security, admins set password rules with

Answer 55

chage

Question 56

format for a record in /etc/shadow

Answer 56

username:password:last_modified:min_days:max_days:warn_days:inactive:expire

Question 57

how to open a text terminal

Answer 57

ctrl + alt + f2

Question 58

locks the user account but does not remove the current password

Answer 58

passwd -l

Question 59

moves (renames) the current users home directory to the new users name

Answer 59

usermod -m

Question 60

non-privileged accounts created by a sys admin or application

Answer 60

service or system accounts

Question 61

removes a user account

Answer 61

userdel

Question 62

set the default absolute path to the location of the home directory in /etc/default/useradd

Answer 62

useradd -Db

Question 63

sets INACTIVE

Answer 63

chage -I

Question 64

sets the default absolute path to the default shell in etc/default/useradd

Answer 64

useradd -Ds

Question 65

sets the defualt expiration date in /etc/default/useradd

Answer 65

useradd -De

Question 66

sets the max number of days before a password must be changed

Answer 66

passwd -x

Question 67

sets the max number of days before a password must be changed

Answer 67

chage -M

Question 68

sets the min number of days required before a password can be changed

Answer 68

chage -m

Question 69

sets the number of days prior to password expiration. When the user will be warned of the pending expiration

Answer 69

passwd -w

Question 70

sets the number of inactive days to wait after a password has expired before disabling the account

Answer 70

passwd -i

Question 71

to change default primary group in /etc/default/useradd

Answer 71

useradd -Dg

Question 72

used to populate the new users home directory

Answer 72

/etc/skel/

Question 73

user sets a password with

Answer 73

passwd

Question 74

useradd option that allows an administrator to manually specify a user ID

Answer 74

useradd -u

Question 75

useradd option that creates the home directory

Answer 75

useradd -m not necessary if the variable CREATE_HOME in /etc/login.defs is yes

Question 76

useradd option that defines the location of the home directory

Answer 76

useradd -d

Question 77

useradd option that specifies that the user being created is a system user

Answer 77

useradd -r range specified by SYS_UID_MIN and SYS_UID_MAX in /etc/login.defs

Question 78

useradd option that specifies the absolute path to the default shell for the user

Answer 78

useradd -s

Question 79

useradd option that specifies the date when the user will be disabled

Answer 79

useradd -e YYYY-MM-DD

Question 80

useradd option that specifies the users secondary group memberships

Answer 80

useradd -G

Question 81

useradd option to leave a user comment field

Answer 81

useradd -c

Question 82

what changes are advisable to change due to the default aging setting being a security risk?

Answer 82

Change INACTIVE=30 in /etc/default/useradd default minimum, maximum warning days in /etc/login.defs

Question 83

what must you do if you do not rm a user with the userdel -r command

Answer 83

manually delete a users home directory, cron jobs, at jobs and mail

Question 84

groups provide what for multiple users

Answer 84

common access to a system resource

Question 85

command to add groups

Answer 85

groupadd

Question 86

format for the group add command

Answer 86

groupadd

Question 87

group add option specifies a GID for the new group.

Answer 87

groupadd -g

Question 88

groupadd option that specifies that the group being created is a system group

Answer 88

groupadd -r

Question 89

used to manage the files /etc/group and /etc/gshadow

Answer 89

gpasswd

Question 90

command to assign a group administrator

Answer 90

gpasswd -a command

Question 91

gpasswd option that adds a user to the group

Answer 91

-a

Question 92

gpasswd option that deletes a user from the group

Answer 92

gpasswd -d

Question 93

gpasswd option that removes the group password

Answer 93

gpasswd -r

Question 94

command used to modify group information

Answer 94

groupmod

Question 95

groupmod option that changes the groups GID number

Answer 95

groupmod -g

Question 96

groupmod option that changes the group name

Answer 96

groupmod -n

Question 97

command to delete an existing group from the system

Answer 97

groupdel