LPI 010-150 – Linux Users and Groups Management

1. Linux Users Management Introduction

Linux Users Management in Linux every user is assigned a unique user ID number UID the operating system will manage this user through its ID number and UID zero identifies root user which is the administrator or the super user of the operating system. User information like the username and the user ID are stored in tickets, file called etc password. When we create a new user the system will assign a home directory and a program that is run when the user login. This program is usually the best shell program. By default users cannot read, write or execute each other’s files without permission. Now if we use less command to open ATC password which is the text file which contains the local user information, we will see that the first column defines the username and the second column x, defines the shared password. The third column defines the UID of mesic and user and the fourth column defines the primary group ID for mesic newser and this column defines a command for that user.

It may be the first name and the last name of that user. And this column defines the path of the home directory for that user. And the last column defines the best shell which is the program which will be run when the user login. Here we can notice that the separator between each column is colon. So we have seven columns separated by colon letter. To exit from the list we will press Q. Now if we type the command who am I? It will tell us your username which is emmete and if we use who command it will give you information about who is logged on the operating system. Now we have only one user who is logged in the operating system which is Mustafa has seen.

If we execute who space m space i, it will display only the line pointing to your current session. If we execute w command it will show you who is logged on and what they are doing. For example mia scene this is the user who logged in and he’s opening pty zero and pts one terminals and he is using this command and this command which is w command. If we execute ID command it will display the user ID, the primary group ID and the primary group name mia scene and if mia scene is member in another group it will be displayed here. And this is the context which defines SCE linux canticles Information.

2. Linux Users Management Tools

If we again use less command to open etc password which is the database of the local users. We will notice here that every user is mapped to UID. The user ben it’s ID one, the user root, its ID zero and the user LP its ID is four. By default Linux is coming with system users which are used to run a specific service or specific program. So for example the LEP user is used to run the LEP program and mail user is used to run mail program. So server programs such as web or print servers mail FTP typically run as unprivileged users, not as root. Running programs in this way limits the amount of damage any single program can do to the system. In central seven or red hat seven any user has UID less than 1000, it’s considered as system user.

So the normal user such as Miasin will take UID greater than or equal 1000. Now to create new users you should be logging as root. So to switch to user root we will do suspace, then enter, after that we will type the root password. Now we log in as root user. Let’s clear the screen and to add new user we will use user add command followed by the username for example user one. Then to create password for user one we will use the password command. Then we will type the password for that user and type it again. Notice here there is warning that the password is shorter than eight characters. I put it simple password in our lab but in the production environment it should be complex. Once we have created the user by default the operating system will do some configuration for that user.

Such as the operating system will create a home directory for that user in-home directory and the name of the home directory is similar to the user name user one. And notice here the owner of this directory is user one and the group is user zero one and by default the system will create entry for that user in etc password. Here user one and here x which defines the shadow password and here the user ID which is greater than 1000 because already 1000 is used. And this is the GID of the primary group for that user. And this is the home directory of that user. And here the bash tile which is the first program will be run when the user login and the system will store the hash password for this user natcshadoo file we will see that the user zero one and this is the encrypted password for that user. And also the operating system will create a group with the same name of the username and it’s configured ntcgroup file.

Here we can see the group name user one and the group ID for that group and the user one is only the member of this group. Let’s clear the screen using clear command and you can modify the properties or the attributes of the user with user mod command. So if we add for example a command for user one we will use c option and between two double quotes we will put command for this user, for example test user then we will put the username user one. If we see again etc password we will see that the comment test user has been added for user one.

So user mode can be used to modify the attributes of any user. Let’s secure the screen using clear command and when we create a new user the system will copy the content of this directory which is ATC scale. This content will be copied to the home directory of the new user. So if we check the content of the home directory of user one we will see that these files are there. At scale directory contains profile settings and default values for any new users and these files are copied to the home directory of these users. And notice here these files are hidden files because it started with character to delete specific user we can use userdell command followed by our option to remove the home directory of that user then type the username user one.

Now if we check user one using ID command the output will be no such user because it’s deleted. If we check lshome, we will see the home directory for that user has been deleted. And if we check attc password, we will see the entry for user one has been removed. And the same for shadow file we. Will see the entry for user one has been removed and if we check attcgroup we will see also user one group has been removed.

3. Linux Groups Management Tools

Linux groups management users can be listed in groups. Groups allow you to set permissions on the group level. Instead of having to set permissions for every individual user to create a new group, you should login as root user and run group command followed by the group name. For example admins once we create the group, the system will create entry in etc group file let’s see it using tail one we will see that admins this is the group name and 1002 this is the group ID. If any user executes groups command it will display the groups that this user is member of so as long as we log in as root so the root user is member of root group. So for now there is no members in admins group. To add members in admins group we will use user mode command a for add G for group followed by the group name admins and the user which will be a member in this group for example Mia scene.

So if we check again etc group file we will see that admins group has one member which is Mascon and in Linux the user can be member in one primary group and member in many secondary groups so if we run ID mia scene we will see that the primary group ID for Mmcin is 1000 and its name Mmcin and the secondary group ID is 1002 and its name is Admins and here in the groups and in the groups here we can see the groups of this user, we can change the name of the group using group mood command with dash in option and we will put the new name for example HR and the older name of the group which is Admins. Now if we run ID mia scene we will see that the group has been changed for mia scene and if we run cat group we will see that the group name has been changed to HR. To delete specific group we can use group dell commands followed by the group name HR.

Now if we check Miacn using ID common, we will see that the group has been removed and if we check Etc group file using the cat command we will see that HR group has been removed. You can delegate control of group membership to another user with the G password command. So for example, let’s create the group again using group add command we will create it as HR group and we will delegate Emma scene to control this group using G password command a capital then Emma scene, then the group name which is HR. So the username Emma scene will be the admin of the HR group so he can add or remove members in this group so if we check ID Mustafa which is local user we will see that Mustafa is member in Mustafa group only. So let’s see how to mia scene.

We’ll add Mustafa to the HR group. So first we will switch user to mia scene. Now who am I? Mia scene now to add user mustafa to the HR group using miacn we will use g password command a small mustafa, the username then the group which is the HR. Here we will see adding user mustafa to group HR. So if we run ID mustafa we will see that mustafa has been added to HR group. So let’s exit from me and seen user and come back to the root user who am I root? And to remove all group administrators from a group use g password, a capital to double quotes and the group name. Now the delegation has been removed from MSCN user.