Users and Groups:
[1] USING USER MANAGER TOOL:
ADDING TO A NEW USER:
To add a new user, click the Add User button and fill entries, like;
The Add New User dialog box allows you to provide information about the newly created user. In order to create a user, enter the username and full name in the appropriate fields and then type the user's password in the Password and Confirm Password fields. The password must be at least six characters long.
ADDING TO A NEW GROUP:
To add a new user group, select Add Group from the toolbar. A window “New Group” appears. Type the name of the new group. To specify a group ID for the new group, select Specify group ID manually and select the GID. Note that Red Hat Enterprise Linux also reserves group IDs lower than 500 for system groups.
Explaining the process:
1. As root, create the /opt/m yproject/ directory by typing the following at a shell prompt:
# mkdir /opt/myproject
2. Add the m yproject group to the system:
# groupadd myproject
3. Associate the contents of the /opt/m yproject/ directory with the m yproject group:
# chown root:myproject /opt/myproject
4. Allow users to create files within the directory, and set the setgid bit:
# chmod 2775 /opt/myproject
[4] Shadow Passwords:
The following is a list of the advantages shadow passwords have over the traditional way of storing passwords on UNIX-based systems:
[1] USING USER MANAGER TOOL:
- System → Administration → Users (Apply filter)
- system -config-users (Apply filter)
Red Hat Enterprise Linux reserves user and group IDs below 500 for system users and groups. By default, the User Manager does not display the system users. T o view all users and groups, select Edit → Preferences to open the Preferences dialog box, and clear the Hide system users and groups checkbox.
- Adding a New User
- Adding a New Group
- Modifying User Properties
- Modifying Group Properties
To add a new user, click the Add User button and fill entries, like;
The Add New User dialog box allows you to provide information about the newly created user. In order to create a user, enter the username and full name in the appropriate fields and then type the user's password in the Password and Confirm Password fields. The password must be at least six characters long.
ADDING TO A NEW GROUP:
To add a new user group, select Add Group from the toolbar. A window “New Group” appears. Type the name of the new group. To specify a group ID for the new group, select Specify group ID manually and select the GID. Note that Red Hat Enterprise Linux also reserves group IDs lower than 500 for system groups.
MODIFY USER PROPERTIES:
To view the properties of an existing user, click on the Users tab, select the user from the user list, and click Properties from the menu (or choose File → Properties from the pulldown menu). A window “User Properties” appears.
MODIFY GROUP PROPERTIES:
To view the properties of an existing group, select the group from the group list and click Properties from the menu (or choose File → Properties from the pulldown menu). A window “Group Properties” appears.
The Group Users tab displays which users are members of the group. Use this tab to add or remove users from the group. Click OK to save your changes.
=> Command Line:To view the properties of an existing user, click on the Users tab, select the user from the user list, and click Properties from the menu (or choose File → Properties from the pulldown menu). A window “User Properties” appears.
MODIFY GROUP PROPERTIES:
To view the properties of an existing group, select the group from the group list and click Properties from the menu (or choose File → Properties from the pulldown menu). A window “Group Properties” appears.
The Group Users tab displays which users are members of the group. Use this tab to add or remove users from the group. Click OK to save your changes.
Explaining the process:
- A new line for user divakar is created in /etc/passwd
- A new line for divakar is created in /etc/shadow
- A new line for a group named divakar is created in /etc/group
- A new line for a group named divakar is created in /etc/gshadow
- A directory for user divakar is created in the /home directory
[2] GAINING PRIVILEGES:
To add users to the special administrative group called wheel. To do this, type the following command as root:
~] # usermod -G wheel <username>
In the previous command, replace <username> with the username you want to add to the wheel group.
[3] CREATING GROUP DIRECTORIES:
To add users to the special administrative group called wheel. To do this, type the following command as root:
~] # usermod -G wheel <username>
In the previous command, replace <username> with the username you want to add to the wheel group.
[3] CREATING GROUP DIRECTORIES:
1. As root, create the /opt/m yproject/ directory by typing the following at a shell prompt:
# mkdir /opt/myproject
2. Add the m yproject group to the system:
# groupadd myproject
3. Associate the contents of the /opt/m yproject/ directory with the m yproject group:
# chown root:myproject /opt/myproject
4. Allow users to create files within the directory, and set the setgid bit:
# chmod 2775 /opt/myproject
[4] Shadow Passwords:
The following is a list of the advantages shadow passwords have over the traditional way of storing passwords on UNIX-based systems:
- Shadow passwords improve system security by moving encrypted password hashes from the world-readable /etc/passwd file to /etc/shadow, which is readable only by the root user.
- Shadow passwords store information about password aging.
- Shadow passwords allow the /etc/login.defs file to enforce security policies.
Most utilities provided by the shadow-utils package work properly whether or not shadow passwords are enabled. However, since password aging information is stored exclusively in the /etc/shadow file, any commands which create or modify password aging information do not work. The following is a list of utilities and commands that do not work without first enabling shadow passwords:
- The chage utility.
- The gpasswd utility.
- The usermod command with the -e or -f option.
- The useradd command with the -e or -f option.
NOTE-1: For information about various utilities for managing users and groups, refer to the following manual pages:
- chage(1) — A command to modify password aging policies and account expiration.
- gpasswd(1) — A command to administer the /etc/group file.
- groupadd(8) — A command to add groups.
- grpck(8) — A command to verify the /etc/group file.
- groupdel(8) — A command to remove groups.
- groupmod(8) — A command to modify group membership.
- pwck(8) — A command to verify the /etc/passwd and /etc/shadow files.
- pwconv(8) — A tool to convert standard passwords to shadow passwords.
- pwunconv(8) — A tool to convert shadow passwords to standard passwords.
- useradd(8) — A command to add users.
- userdel(8) — A command to remove users.
- usermod(8) — A command to modify users.
NOTE-2: For information about related configuration files, see:
- group(5) — The file containing group information for the system.
- passwd(5) — The file containing user information for the system.
- shadow(5) — The file containing passwords and account expiration information for the system.
Thanks for reading this article...
No comments:
Post a Comment