linux security and file permissions Flashcards
what does /etc/passwd store ?
stores the user account records.
Each line of text contains one user account record.
Fields in each record are delimited by colons.
what are the fields in /etc/passwd user account records
user name
user password
user identifier (uid)
group identifier (gid)
gecos field
home directory
shell program
description of User name
This field contains the user name used to log into the system.
description of user password
This field contains the hash value of the user password. If the value is set to set to “x”, the actual password is stored in a separate shadow password file.
description of User identifier
(UID)
This field contains a number used internally by the system to identify the user.
description of group identifier
This field contains a number which identify the primary group of the user. All files
that are created by this user initially belong to this group.
description of gecos field
This field contains comments describing the account.
description of Home directory
This field contains the home directory of the user.
description of Shell program
This field contains the shell program to start when the user logs into the system.
what are the field names in etc/shadow.
user name
passwords
last change
minimum
maximum
warning
inactive
expire
what does cat /etc/shadow | tail -n 1
returns the last line of the contents of the shadow password file.
shadow file contains a hash for each user and therefore the last line is not very meaningful
what does cat /etc/shadow | head -n 1
returns the first line of the contents of the shadow password file.
what does cat /etc/shadow | tail -n 1 | tr “:” “\n”
cat /etc/shadow | tail -n 1 | tr “:” “\n” will display the last line of the contents of the shadow password file, with each field separated by a colon (“:”) replaced with a newline.
how to check if user login is disabled ?
use the grep “guest” /etc/shadow
if it return something like this
guest:!!::43nijnroi32
the !! means user login is disabled
how to lock the passwd for guest
passwd -l guest
to verify use the grep “guest” /etc/shadow
if it return something like this
guest:!!::43nijnroi32
the !! means user login is disabled
how to unlock the passwd for guest
passwd -u guest
how to add users
adduser [name]
how to add groups in linux
groupadd [options] groupname
what is visudo
cmd allows you to edit the sudoers file, which controls who is allowed to use the sudo command and what actions they are permitted to perform.
what happens if i add User_Alias IT2524_STUDENT = guest, karthik to user_aliases in sudoers file
Any time you want to give the users “guest” and “karthik” the same permissions, you can use the “IT2524_STUDENT” user alias in the sudoers file instead of listing the users individually.
what happens over here
Command Aliases
These are groups of related commands…
Cmnd_Alias IT2524_COMMAND = /usr/sbin/visudo
The command alias “IT2524_COMMAND” is defined to include the command “/usr/sbin/visudo”.
This means that any time you want to give permission to execute the command “/usr/sbin/visudo”, you can use the “IT2524_COMMAND” in the sudoers file instead of listing the command individually.
how to check id of user
id student
what does usermod -a -G student may
it will add the user “may” to the group “student”
The -a option is used to append the user to the specified group, which means that it will add the user to the group without removing them from any other groups they may already be a member of.
The -G option is used to specify the group that the user should be added to. In this case, the group is “student”.
what does chmod g+s project do ?
the user is student
if you have a group “student” and you want to allow the group to create files and directories in a shared directory, you can set the setgid bit on the directory with chmod g+s <directory_name>, this way any files and directories created by any member of the group "student" will be owned by the group "student" and the members of the group will have the permissions to access and modify those files.</directory_name>
