section 11 - user accounts, groups, security Flashcards
most account features are defined using comma-delineated lines where?
/etc/passwd
what is special about the password field in the passwd file?
it contains an X, which means that the real password is stored as a salted hash in another file called the /etc/shadow file which is owned by the root user unlike the /etc/passwd file:
What is a UID?
User identification number, used by the system to track user activity.
Similar to the domain name - IP address dynamic, the usernames are for human readability and UID for computer readability.
UIDs typically start where?
1000 or above, lower numbers reserved for system accounts.
What is a GID?
Group Identification Number; it is a collection of accounts with similar capabilities, policy, and shared access
What 7 fields are found in the /etc/passwd file?
Username (lowercase, no space)
Password (X)
UID (typically 1000 or higher)
GID
comment field (typically contains the user’s full name)
Home directory
Default shell (/bin/bash by default)
What file denotes that an account has been locked, password expired, deactivated, and other similar info?
An * or ! in the password field /etc/shadow file means the account is locked. Typically means the password was entered incorrectly too many times or expired.
Special flag is reserved for future use.
whoami
displays current username
id
displays username, UID, GID, groups
who
displays all active tty sessions, login times, and source
w
verbosely displays all active tty sessions including JCPU, PCPU, WHAT
what is JCPU
the total CPU time associated and a tty session as revealed by the w command
what is PCPU
the CPU consumption of currently running processes in a tty session as revealed by w command
what is WHAT
what the tty session is currently doing as revealed by the w command
How do you add a user account then verify it was properly added?
sudo adduser peanut (sudo useradd -m peanut)
grep ‘^peanut’ -nu /etc/passwd
