Organizing, configuring default values for user profiles, adding and modifying user accounts and group accounts on a Linux multi-user system. It is thus preventing unauthorized users from using the system as well as control access to data.
- Root is a superuser and has all rights to all files, system services, and software. It's used to perform administrative level tasks using su or sudo command. A root user has a home directory as /root.
- A general-purpose account having limited access to Linux.
/etc/passwd contains user list with entries in seven fields: username, password, UID, GID, comments, home directory, and default shell.
If the password field is empty, the user can log on to a system without a password.
Comment field usually contains the user's full name. It can also hold additional text-based information such as phone numbers, building name or other unique identifiers for the user by including comma separated fields.
Creating a User Account
useradd [username] creates the user account, group and home directory for the new user
would prompt for new password for the user ananova
passwd -l [username] locks the user account
passwd -u [username] unlocks the user account
change -M [#days] [username] Require password change at the regular specified interval
/etc/passwd is world-readable i.e., everyone can read it, hence the command replaces the passwords in a file with an ‘x' and moves the encrypted passwords to the /etc/shadow file which is readable only by members of the shadow group and root.
Default Values for useradd
/etc/default/useradd contains default values like minimum and maximum password age, the location of user mailboxes, starting and ending UIDs and GIDs and whether or not to create a home directory for new users.
User Profile Behavior
/etc/skel contains three hidden files ‘.bash_logout', ‘.bash_profile' and ‘.bashrc' which controls user profile behavior.
ls -la /etc/skel
useradd -c “Ana Nova” -g hosting -G domain, reseller, dedicated, support
useradd hosting1 -g hosting -e 2020-01-01 creates a user in group hosting and sets account to expired on specified date
useradd hosting2 -g hosting -p host@host123 creates user in a group with specified password
userdel -r hosting1
-r: to delete the user's home directory and its content
usermod -G [groupname] [username] adds a user to supplementary groups
usermod -g [groupname[username] changes the user's initial group
Group accounts are stored in /etc/group file
groups [username] to view the user's group membership