MODULE 16- Creating Users and Groups Flashcards
1
Q
What do we call A group created automatically for each new user, where the group name matches the username and the only member is the user themselves?
A
a User Private Group (UPG).
2
Q
What file stores local group configuration information?
A
/etc/group
2
Q
How can you allow multiple users to share files and collaborate through common permissions?
A
By creating a group.
2
Q
Which command is used to search for a specific group entry in the /etc/group file?
A
grep — e.g., grep groupname /etc/group
2
Q
Which command can be used to view both local and network-based group records?
A
getent — e.g., getent group groupname
3
Q
What command syntax would you use to find all group entries containing the word “admin”?
A
grep admin /etc/group
3
Q
Which option allows you to manually assign a Group ID (GID) when creating a group?
A
-g (used as in groupadd -g 1005 groupname)
3
Q
How can you confirm that a group named development was created successfully?
A
Run grep development /etc/group
3
Q
Which command is used to create a new group in Linux?
A
groupadd
3
Q
In which type of Linux distribution is a UPG typically created when a new user is added?
A
Red Hat-based distributions (e.g., RHEL, CentOS)
3
Q
Which command will allow you to add the sysadmin user into the root group?
A
usermod -aG root sysadmin
3
Q
What is the relationship between a UID and a UPG’s GID in Red Hat-based systems?
A
The UID and the UPG’s GID match — they are the same number.
3
Q
What GID range is reserved for system use in Red Hat-based distributions? What GID range is reserved for system use in Debian-based distributions?
A
GIDs under 500 for Red Hat and GIDs under 1000 for Debian are reserved for system use.
3
Q
Which characters are allowed as the first character of a group name?
A
An underscore (_) or a lowercase alphabetic character (a–z).
3
Q
Which option should be used with groupadd to assign a system-level GID?
A
-r (e.g., groupadd -r groupname)
3
Q
What is the purpose of the -r option in the groupadd command?
A
It assigns a system-level GID (lower than the standard GID range).
3
Q
What characters are allowed in the rest of the group name (after the first character)?
A
Alphanumeric characters, hyphen (-), or underscore (_).
3
Q
What should group names not end with?
A
a hyphen (-)
3
Q
What would groupmod -n marketing sales do?
A
Rename the group sales to marketing.
3
Q
What is the maximum number of characters allowed in a group name on most Linux distributions?
A
32 characters, though some distributions may enforce a limit of 16.
3
Q
Which command is used to modify an existing group?
A
groupmod
3
Q
What does the -n option do in the groupmod command?
A
Changes the name of an existing group.
3
Q
What does the -g option do in the groupmod command?
A
Changes the GID (Group ID) of an existing group.
3
Q
What is an “orphaned” file in the context of group ownership?
A
A file that is owned by a GID that no longer maps to a named group in /etc/group
3
Which command can find orphaned files (files with no group name)?
find / -nogroup
3
Which command is used to delete a group in Linux?
groupdel
3
What happens to files owned by a group when that group is deleted?
The files become orphaned, showing only a numeric GID with no associated group name.
3
Can a group that is the primary group of any user be deleted?
No. Only supplemental groups can be deleted.
3
What must an administrator do before deleting a group that is a user’s primary group?
Change the user's primary group to a different one.
3
What command would you use to delete a group named clerks?
groupdel clerks
3
What is the difference between a primary group and a supplemental group?
A primary group is the default group for a user (set in /etc/passwd), while supplemental groups are additional groups the user belongs to (listed in /etc/group).
3
Which file stores basic user account information such as usernames and UIDs?
/etc/passwd
3
Which file stores password hashes and other authentication-related information for users?
/etc/shadow
3
What is the recommended way to create a new user in Linux?
Use the useradd command
3
Which option allows you to view or change default values used when creating users with useradd?
useradd -D option
3
Which file is automatically edited when changing useradd defaults and stores values like default group, shell, and home base path?
/etc/default/useradd configuration file
3
Which useradd option overrides the default primary group ID for a new user account?
-g option
3
Which option lets you specify a different base directory instead of the default /home when creating a user?
-b option
3
Which useradd option overrides the default inactive days (number of days after the password expires that the account is disabled) setting when adding users?
-f option
3
Which useradd option is used to assign an expiration date for a user account when creating it?
-e option
3
Which useradd option lets you specify a different shell for a user instead of /bin/bash?
-s option
3
Which useradd option allows you to use a different skeleton directory than the default /etc/skel?
-k option
3
Which command sets the default inactive period for expired passwords to 30 days system-wide?
sudo useradd -D -f 30
3
Which follow-up command can be used to verify the changed defaults after updating them with useradd -D -f 30?
useradd -D again to confirm the values
3
Which default setting defines the primary group assigned to new users in systems that do not use User Private Groups (UPG)?
GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=
SHELL=/bin/bash
SKEL=/etc/skel
CREATE_MAIL_SPOOL=yes
GROUP=100 sets the default primary group, typically the shared “users” group with GID 100.
3
Which setting defines the base directory under which a new user's home directory is created?
GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=
SHELL=/bin/bash
SKEL=/etc/skel
CREATE_MAIL_SPOOL=yes
HOME=/home ensures that a user's home directory path will be created under /home/.
3
Which setting controls how many days after password expiration a user can still log in before the account is disabled?
GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=
SHELL=/bin/bash
SKEL=/etc/skel
CREATE_MAIL_SPOOL=yes
INACTIVE=-1 means no inactivity grace period is provided—disabled immediately after password expiration.
3
Which setting is used to define a date after which a user account is no longer allowed to log in?
GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=
SHELL=/bin/bash
SKEL=/etc/skel
CREATE_MAIL_SPOOL=yes
The EXPIRE setting sets the account expiration date; if left blank, the account does not expire.
3
Which setting defines the default login shell assigned to users upon creation?
GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=
SHELL=/bin/bash
SKEL=/etc/skel
CREATE_MAIL_SPOOL=yes
SHELL=/bin/bash assigns Bash as the default shell for new users.
3
Which directory’s contents are copied into a new user’s home directory during account creation?
GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=
SHELL=/bin/bash
SKEL=/etc/skel
CREATE_MAIL_SPOOL=yes
The SKEL=/etc/skel directory provides default configuration files for the new user.
3
Which setting determines whether a file is created to store a user's incoming local mail?
CREATE_MAIL_SPOOL=yes means a mail spool file is created for the user.
3
Which other file contains values applied by default to new users you create with useradd comamand?
/etc/login.defs
3
Which setting defines the directory in which the user’s mail spool file is created?
MAIL_DIR=/var/mail/spool
PASS_MAX_DAYS=99999
PASS_MIN_DAYS=0
PASS_MIN_LEN=5
PASS_WARN_AGE=7
UID_MIN=500
UID_MAX=60000
GID_MIN=500
GID_MAX=60000
CREATE_HOME=yes
UMASK=077
USERGROUPS_ENAB=yes
ENCRYPT_METHOD=SHA512
MD5_CRYPT_ENAB=no
MAIL_DIR=/var/mail/spool
3
Which value is used as the upper boundary for creating regular group IDs?
MAIL_DIR=/var/mail/spool
PASS_MAX_DAYS=99999
PASS_MIN_DAYS=0
PASS_MIN_LEN=5
PASS_WARN_AGE=7
UID_MIN=500
UID_MAX=60000
GID_MIN=500
GID_MAX=60000
CREATE_HOME=yes
UMASK=077
USERGROUPS_ENAB=yes
ENCRYPT_METHOD=SHA512
MD5_CRYPT_ENAB=no
GID_MAX=60000
3
Which setting ensures that a home directory is automatically created for a new user?
MAIL_DIR=/var/mail/spool
PASS_MAX_DAYS=99999
PASS_MIN_DAYS=0
PASS_MIN_LEN=5
PASS_WARN_AGE=7
UID_MIN=500
UID_MAX=60000
GID_MIN=500
GID_MAX=60000
CREATE_HOME=yes
UMASK=077
USERGROUPS_ENAB=yes
ENCRYPT_METHOD=SHA512
MD5_CRYPT_ENAB=no
CREATE_HOME=yes
3
Which value defines the default permissions applied to a user's home directory at creation time?
MAIL_DIR=/var/mail/spool
PASS_MAX_DAYS=99999
PASS_MIN_DAYS=0
PASS_MIN_LEN=5
PASS_WARN_AGE=7
UID_MIN=500
UID_MAX=60000
GID_MIN=500
GID_MAX=60000
CREATE_HOME=yes
UMASK=077
USERGROUPS_ENAB=yes
ENCRYPT_METHOD=SHA512
MD5_CRYPT_ENAB=no
UMASK=077
3
Which setting enables the User Private Group (UPG) system for new accounts?
MAIL_DIR=/var/mail/spool
PASS_MAX_DAYS=99999
PASS_MIN_DAYS=0
PASS_MIN_LEN=5
PASS_WARN_AGE=7
UID_MIN=500
UID_MAX=60000
GID_MIN=500
GID_MAX=60000
CREATE_HOME=yes
UMASK=077
USERGROUPS_ENAB=yes
ENCRYPT_METHOD=SHA512
MD5_CRYPT_ENAB=no
USERGROUPS_ENAB=yes
3
Which setting defines the password encryption method and overrides older encryption configs?
MAIL_DIR=/var/mail/spool
PASS_MAX_DAYS=99999
PASS_MIN_DAYS=0
PASS_MIN_LEN=5
PASS_WARN_AGE=7
UID_MIN=500
UID_MAX=60000
GID_MIN=500
GID_MAX=60000
CREATE_HOME=yes
UMASK=077
USERGROUPS_ENAB=yes
ENCRYPT_METHOD=SHA512
MD5_CRYPT_ENAB=no
ENCRYPT_METHOD=SHA512
3
Which value is the lowest GID that can be assigned to a non-system group?
MAIL_DIR=/var/mail/spool
PASS_MAX_DAYS=99999
PASS_MIN_DAYS=0
PASS_MIN_LEN=5
PASS_WARN_AGE=7
UID_MIN=500
UID_MAX=60000
GID_MIN=500
GID_MAX=60000
CREATE_HOME=yes
UMASK=077
USERGROUPS_ENAB=yes
ENCRYPT_METHOD=SHA512
MD5_CRYPT_ENAB=no
GID_MIN=500
3
Which setting effectively disables mandatory password changes by setting a very high day limit?
MAIL_DIR=/var/mail/spool
PASS_MAX_DAYS=99999
PASS_MIN_DAYS=0
PASS_MIN_LEN=5
PASS_WARN_AGE=7
UID_MIN=500
UID_MAX=60000
GID_MIN=500
GID_MAX=60000
CREATE_HOME=yes
UMASK=077
USERGROUPS_ENAB=yes
ENCRYPT_METHOD=SHA512
MD5_CRYPT_ENAB=no
PASS_MAX_DAYS=99999
3
Which setting allows a user to immediately change their password again after setting it?
MAIL_DIR=/var/mail/spool
PASS_MAX_DAYS=99999
PASS_MIN_DAYS=0
PASS_MIN_LEN=5
PASS_WARN_AGE=7
UID_MIN=500
UID_MAX=60000
GID_MIN=500
GID_MAX=60000
CREATE_HOME=yes
UMASK=077
USERGROUPS_ENAB=yes
ENCRYPT_METHOD=SHA512
MD5_CRYPT_ENAB=no
PASS_MIN_DAYS=0
3
Which setting requires that a password must contain at least 5 characters?
MAIL_DIR=/var/mail/spool
PASS_MAX_DAYS=99999
PASS_MIN_DAYS=0
PASS_MIN_LEN=5
PASS_WARN_AGE=7
UID_MIN=500
UID_MAX=60000
GID_MIN=500
GID_MAX=60000
CREATE_HOME=yes
UMASK=077
USERGROUPS_ENAB=yes
ENCRYPT_METHOD=SHA512
MD5_CRYPT_ENAB=no
PASS_MIN_LEN=5
3
Which setting starts warning users to change their password 7 days before it expires?
MAIL_DIR=/var/mail/spool
PASS_MAX_DAYS=99999
PASS_MIN_DAYS=0
PASS_MIN_LEN=5
PASS_WARN_AGE=7
UID_MIN=500
UID_MAX=60000
GID_MIN=500
GID_MAX=60000
CREATE_HOME=yes
UMASK=077
USERGROUPS_ENAB=yes
ENCRYPT_METHOD=SHA512
MD5_CRYPT_ENAB=no
PASS_WARN_AGE=7
3
Which value defines the first UID that can be assigned to a regular (non-system) user account?
MAIL_DIR=/var/mail/spool
PASS_MAX_DAYS=99999
PASS_MIN_DAYS=0
PASS_MIN_LEN=5
PASS_WARN_AGE=7
UID_MIN=500
UID_MAX=60000
GID_MIN=500
GID_MAX=60000
CREATE_HOME=yes
UMASK=077
USERGROUPS_ENAB=yes
ENCRYPT_METHOD=SHA512
MD5_CRYPT_ENAB=no
UID_MIN=500
3
Which value sets the highest UID that can be assigned to a user, promoting compatibility across systems?
MAIL_DIR=/var/mail/spool
PASS_MAX_DAYS=99999
PASS_MIN_DAYS=0
PASS_MIN_LEN=5
PASS_WARN_AGE=7
UID_MIN=500
UID_MAX=60000
GID_MIN=500
GID_MAX=60000
CREATE_HOME=yes
UMASK=077
USERGROUPS_ENAB=yes
ENCRYPT_METHOD=SHA512
MD5_CRYPT_ENAB=no
UID_MAX=60000
3
Which value is the lowest GID that can be assigned to a non-system group?
MAIL_DIR=/var/mail/spool
PASS_MAX_DAYS=99999
PASS_MIN_DAYS=0
PASS_MIN_LEN=5
PASS_WARN_AGE=7
UID_MIN=500
UID_MAX=60000
GID_MIN=500
GID_MAX=60000
CREATE_HOME=yes
UMASK=077
USERGROUPS_ENAB=yes
ENCRYPT_METHOD=SHA512
MD5_CRYPT_ENAB=no
GID_MIN=500
3
To only view lines that are not comments or blank lines (the real configuration settings) of the /etc/login.defs file use
grep -Ev '^#|^$' /etc/login.defs
3
Which useradd option is used to assign a specific UID number to a newly created account?
The -u option, which allows you to specify the UID instead of using the next available one.
3
Which UID is assigned to the root user, granting it unrestricted administrative access?
UID 0 is assigned to root, giving it special privileges.
3
Which system account is a known exception to the reserved UID range, and what UID does it have?
➤ The nfsnobody account, which uses UID 65534.
3
What Linux command is used to add a new user with the username “jane”?
useradd jane — this creates a user with default settings unless otherwise specified.
3
Which command sets “users” as the primary group for the new user “jane”?
useradd -g users jane — this assigns “users” as the primary group
3
Which useradd option allows assigning supplementary groups like “sales” and “research” to a user?
The -G option, with a comma-separated list: useradd -G sales,research jane.
3
Which useradd option is used to specify the user’s shell, such as /bin/bash?
The -s option, e.g., useradd -s /bin/bash jane.
3
Which useradd option specifies a different base directory for the user’s home directory?
The -b option, e.g., useradd -mb /test jane.
3
Which useradd option allows you to define a full path for a user’s home directory?
The -d option, as in useradd -md /test/jane jane.
3
Which useradd option prevents the creation of a home directory even when CREATE_HOME is set to yes?
The -M option disables automatic home directory creation.
3
Which useradd option is used to ensure a home directory is created, regardless of system defaults?
The -m option forces creation of the home directory.
3
Which two options must be used together if specifying a different skeleton directory for a new user?
-k and -m, e.g., useradd -mk /home/sysadmin jane.
3
Which useradd option is used to assign a comment or full name to the userD?
The -c option, e.g., useradd -c 'Jane Doe' jane.
3
What is the original name of the field that stores user comments or full names?
The GECOS field, short for General Electric Comprehensive Operating System.
3
Which Linux command output confirms the creation of a user home directory like /home/jane?
ls -ld /home/jane — shows directory listing and ownership.
3
What default primary group is used on systems without UPG when creating a new user?
The “users” group, typically with GID 100.
3
What does the -m option do when creating a user with useradd?
Creates the user’s home directory.
3
Which file allows an administrator to specify the minimum password length in Linux?
/etc/login.defs
3
What is a typical recommended password change interval for highly-sensitive accounts?
Every 30 days.
3
What is a more reasonable password change interval for accounts with minimal risk?
Every 90 days.
3
Which command allows both users and administrators to change a user's password?
passwd
3
How can an administrator set the initial password for a user account named jane?
By running passwd jane
3
What happens when a root user sets a password that violates rules (e.g., too short or simple)?
→ A warning is displayed, but the password is still accepted.
3
What is the only enforced password rule for the root user?
The password cannot be blank
3
How can a regular user change their own password using the terminal?
By running passwd with no arguments.
3
How many attempts does a regular user normally have to set a valid password before passwd exits with an error?
Three attempts.
3
Which command is used to manage password aging information found in /etc/shadow?
chage
3
Which chage option displays the password aging information for a user?
-l or --list
3
What does the -d LAST_DAY option of chage do?
Sets the date of the last password change to LAST_DAY.
3
Which chage option sets the date on which the account will expire?
-E EXPIRE_DATE or --expiredate EXPIRE_DATE
3
Which chage option shows help information for using the command?
-h or --help
3
Which chage option sets the number of days after a password expires that login is still allowed?
-I INACTIVE or --inactive INACTIVE
4
Which chage optionsets the minimum number of days before the user can change their password again?
-m MIN_DAYS or --mindays MIN_DAYS
4
What does the -M MAX_DAYS option in chage do?
Sets the maximum number of days before a password must be changed
4
Which option defines how many days before password expiration the user gets a warning?
-W WARN_DAYS or --warndays WARN_DAYS
4
How would an administrator set the password for jane to expire every 60 days?
chage -M 60 jane
5
Which command may fail to modify a user account if the user is currently logged in, especially when trying to change the login name?
usermod, as some changes (like login name) require the user to be logged out.
6
Which three commands can help check if a user is currently logged in, helping determine whether usermod changes will take immediate effect?
who, w, and last
6
Which of the three login-checking commands provides the most detail, showing system uptime, load, and user processes?
w
7
Which login-tracking command lets you view both current and historical login sessions, including time and terminal used?
last
7
Which command is used to modify an existing user account, offering options to change home directories, group memberships, and more?
usermod
8
Which usermod option changes the user's full name or GECOS/comment field?
-c or --comment
9
Which usermod option changes the user's login shell?
-s or --shell
9
Which usermod option changes the user's home directory path?
-d or --home
10
Which usermod option assigns a new login name to a user account without orphaning the user's files?
-l or --login
11
Which usermod option changes the user's UID, but may cause file ownership issues?
-u or --uid, which risks orphaning files the user owns.
12
Which usermod option sets the user's primary group?
-g or --gid
13
Which usermod option defines a list of supplementary groups, replacing any previously assigned ones unless appended?
-G or --groups
14
Which option must be paired with -G to avoid accidentally removing a user from existing supplemental groups?
-a or --append
15
Which usermod option locks a user account to prevent login access, while preserving ownership of the user’s files?
→ -L or --lock
16
Which usermod option unlocks a previously locked account, restoring login access?
-U or --unlock
17
Which usermod option sets the expiration date of the account itself, after which the user cannot log in?
→ -e or --expiredate
18
Which usermod option defines how many days after a password expires the user can still log in before the account becomes disabled?
-f or --inactive
18
Which command syntax adds user 'jane' to the 'development' group while keeping her existing memberships like 'sales' and 'research'?
usermod -aG development jane
18
Which command could orphan or delete a user's files depending on the options used, and is typically used for permanent account removal?
userdel
19
Which method is preferred over deletion when you want to prevent a user from logging in but keep their files intact?
Locking the account using usermod -L username
20
Which command would you run to get information from a research group from local and network directories?
getent group reasearch
21
Which command would you run to get information from a research group from local directories?
grep research /etc/group
22
What is a simpler way to change the useradd defaults?
nano /etc/defaults/useradd
23
Which command removes a user account, home directory and mail?
userdel -r
