o User ID (UID) The numerical equivalent of the username which is referenced by the system and applications when determining access privileges.

Similar documents
These tasks can now be performed by a special program called FTP clients.

Users, groups, collections and submissions in DSpace. Contents

Campuses that access the SFS nvision Windows-based client need to allow outbound traffic to:

Please contact technical support if you have questions about the directory that your organization uses for user management.

Manual for installation and usage of the module Secure-Connect

SmartPass User Guide Page 1 of 50

McGill University School of Computer Science COMP-206. Software Systems. Due: September 29, 2008 on WEB CT at 23:55.

Proper Document Usage and Document Distribution. TIP! How to Use the Guide. Managing the News Page

Using the Swiftpage Connect List Manager

CaseWare Working Papers. Data Store user guide

Using the Swiftpage Connect List Manager

Creating a TES Encounter/Transaction Entry Batch

Creating an Online Account

RISKMAN REFERENCE GUIDE TO USER MANAGEMENT (Non-Network Logins)

Wave IP 4.5. CRMLink Desktop User Guide

SUB-USER ADMINISTRATION HELP GUIDE

Gmail and Google Drive for Rutherford County Master Gardeners

RxAXIS Security Module 09/25/2013

OATS Registration and User Entitlement Guide

APPLY PAGE: LOGON PAGE:

Launching Xacta 360 Marketplace AMI Guide June 2017

Test Pilot User Guide

Password Management Guidelines

Summary. Server environment: Subversion 1.4.6

PAGE NAMING STRATEGIES

Sircon User Guide A Guide to Using the Vertafore Sircon Self-Service Portal

Employee Self Service (ESS) Quick Reference Guide ESS User

Word 2007 The Ribbon, the Mini toolbar, and the Quick Access Toolbar

Stealing passwords via browser refresh

CIS 118 Intro to LINUX Class Exercise Week 3. UNIX/LINUX filesystem (see Filesystem Hierarchy Standard): /

ClassFlow Administrator User Guide

Project Extranet User Guide

Relius Documents ASP Checklist Entry

Information on using ChurchApp

How to use DCI Contract Alerts

Announcing Veco AuditMate from Eurolink Technology Ltd

Secure File Transfer Protocol (SFTP) Interface for Data Intake User Guide

Managing Your Access To The Open Banking Directory How To Guide

Procurement Contract Portal. User Guide

INSTALLING CCRQINVOICE

Samsung Galaxy -Exchange ActiveSync Setup

iallworx User s Guide

Xerox WorkCentre 7120/7125 Series User Instructions

I - EDocman Installation EDocman component EDocman Categories module EDocman Documents Module...2

ONLINE GRANT APPLICATION INSTRUCTIONS

Planning, installing, and configuring IBM CMIS for Content Manager OnDemand

Importing data. Import file format

E-Lock Policy Manager White Paper

BANNER BASICS. What is Banner? Banner Environment. My Banner. Pages. What is it? What form do you use? Steps to create a personal menu

Extended Vendors lets you: Maintain vendors across multiple Sage 300 companies using the Copy Vendors functionality. o

Remove AD DS using the Remove Roles Wizard in Server Manager

Access the site directly by navigating to in your web browser.

Update: Users are updated when their information changes (examples: Job Title or Department). o

Employee Self Service (ESS) FAQs

Quick Start Guide for EAB Campus Advisors

TUTORIAL --- Learning About Your efolio Space

Xerox Phaser 3635 MFP User Instructions

Administration. User Guide

PowerTeacher Classroom Management Tool Quick Reference Card

Troubleshooting of network problems is find and solve with the help of hardware and software is called troubleshooting tools.

Student Guide. Where can I print? Charges for Printing & Copying. Top up your Print Credits Online, whenever you like

softpanel generic installation and operation instructions for nanobox products

Enabling Your Personal Web Page on the SacLink

OO Shell for Authoring (OOSHA) User Guide

REFWORKS: STEP-BY-STEP HURST LIBRARY NORTHWEST UNIVERSITY

Backup your Data files before you begin your cleanup! Delete General Ledger Account History. Page 1

Renewal Reminder. User Guide. Copyright 2009 Data Springs Inc. All rights reserved.

UiPath Automation. Walkthrough. Walkthrough Calculate Client Security Hash

Department of Computer Information Systems KEMU

Delete General Ledger Account History

Your New Service Request Process: Technical Support Reference Guide for Cisco Customer Journey Platform

Technical Paper. Installing and Configuring SAS Environment Manager in a SAS Grid Environment with a Shared Configuration Directory

CCNA Security v2.0 Chapter 2 Exam Answers

User Guide. Table Of Contents. Logging In. Job Search. Job Information. Site Search & Logging A Job. Customer Search. Job Dashboard.

Qualtrics Instructions

Once the Address Verification process is activated, the process can be accessed by employees in one of two ways:

Adverse Action Letters

VMware AirWatch Certificate Authentication for Cisco IPSec VPN

Getting Started with the Web Designer Suite

Constituent Page Upgrade Utility for Blackbaud CRM

Introduction to Mindjet on-premise

Mission Antyodaya Android Mobile & Web Application. Frequently Asked Questions

Customer Upgrade Checklist

Knowledgeware Rule-based Clash

CREATING A DONOR ACCOUNT

Type: System Enhancements ID Number: SE 93. Subject: Changes to Employee Address Screens. Date: June 29, 2012

Exporting and Importing the Blackboard Vista Grade Book

Custodial Integrator. Release Notes. Version 3.11 (TLM)

Systems & Operating Systems

Using MeetingSquared as an Administrator

TRAINING GUIDE. Overview of Lucity Spatial

Valorise user guide version All rights reserved 1

Populate and Extract Data from Your Database

TIBCO Statistica Options Configuration

Lab 4. Name: Checked: Objectives:

Interfacing to MATLAB. You can download the interface developed in this tutorial. It exists as a collection of 3 MATLAB files.

Employee Self Service (ESS) Quick Reference Guide ESS User

161 Forbes Road Braintree MA Phone: (781) Fax: (781) What's in it? Key Survey & Extreme Form

Admin Report Kit for Exchange Server

Create Your Own Report Connector

Transcription:

TROUBLESHOOTING On Red Hat Enterprise Linux, infrmatin abut user accunts and grups are stred in several text files within the /etc/ directry. When a system administratr creates new user accunts, these files must either be edited manually r applicatins must be used t make the necessary changes. The fllwing sectin dcuments the files in the /etc/ directry that stre user and grup infrmatin under Red Hat Enterprise Linux. /etc/passwd The /etc/passwd file is wrld-readable and cntains a list f users, each n a separate line. On each line is a cln delimited list cntaining the fllwing infrmatin: Username The name the user types when lgging int the system. Passwrd Cntains the encrypted passwrd (r an x if shadw passwrds are being used mre n this later). User ID (UID) The numerical equivalent f the username which is referenced by the system and applicatins when determining access privileges. Grup ID (GID) The numerical equivalent f the primary grup name which is referenced by the system and applicatins when determining access privileges. GECOS GECOS stands fr General Electric Cmprehensive Operating Supervisr. Named fr histrical reasns, the GECOS [25] field is ptinal and is used t stre extra infrmatin (such as the user's full name). Multiple entries can be stred here in a cmma delimited list. Utilities such as finger access this field t prvide additinal user infrmatin. Hme directry The abslute path t the user's hme directry, such as /hme/juan/. Shell The prgram autmatically launched whenever a user lgs in. This is usually a cmmand interpreter (ften called a shell). Under Red Hat Enterprise Linux, the default value is /bin/bash. If this field is left blank, /bin/sh is used. If it is set t a nn-existent file, then the user will be unable t lg int the system. /etc/shadw /etc/shadw file is readable nly by the rt user and cntains passwrd (and ptinal passwrd aging infrmatin) fr each user. As in the /etc/passwd file, each user's infrmatin is n a separate line. Each f these lines is a cln delimited list including the fllwing infrmatin: Username The name the user types when lgging int the system. This allws the lgin applicatin t retrieve the user's passwrd (and related infrmatin). Encrypted passwrd The 13 t 24 character passwrd. The passwrd is encrypted using either the crypt(3) library functin r the md5 hash algrithm. In this field, values ther than a validly-frmatted encrypted r hashed passwrd are used t cntrl user lgins and t shw the passwrd status. Fr example, if the value is! r *, the accunt is lcked and

the user is nt allwed t lg in. If the value is!! a passwrd has never been set befre (and the user, nt having set a passwrd, will nt be able t lg in). Date passwrd last changed The number f days since January 1, 1970 (als called the epch) that the passwrd was last changed. This infrmatin is used in cnjunctin with the passwrd aging fields that fllw. Number f days befre passwrd can be changed The minimum number f days that must pass befre the passwrd can be changed. Number f days befre a passwrd change is required The number f days that must pass befre the passwrd must be changed. Number f days warning befre passwrd change The number f days befre passwrd expiratin during which the user is warned f the impending expiratin. Number f days befre the accunt is disabled The number f days after a passwrd expires befre the accunt will be disabled. Date since the accunt has been disabled The date (stred as the number f days since the epch) since the user accunt has been disabled. A reserved field A field that is ignred in Red Hat Enterprise Linux. /etc/grup The /etc/grup file is wrld-readable and cntains a list f grups, each n a separate line. Each line is a fur field, cln delimited list including the fllwing infrmatin: Grup name The name f the grup. Used by varius utility prgrams as a humanreadable identifier fr the grup. Grup passwrd If set, this allws users that are nt part f the grup t jin the grup by using the newgrp cmmand and typing the passwrd stred here. If a lwer case x is in this field, then shadw grup passwrds are being used. Grup ID (GID) The numerical equivalent f the grup name. It is used by the perating system and applicatins when determining access privileges. Member list A cmma delimited list f the users belnging t the grup. /etc/gshadw The /etc/gshadw file is readable nly by the rt user and cntains an encrypted passwrd fr each grup, as well as grup membership and administratr infrmatin. Just as in the /etc/grup file, each grup's infrmatin is n a separate line. Each f these lines is a cln delimited list including the fllwing infrmatin: Grup name The name f the grup. Used by varius utility prgrams as a humanreadable identifier fr the grup. Encrypted passwrd The encrypted passwrd fr the grup. If set, nn-members f the grup can jin the grup by typing the passwrd fr that grup using the newgrp cmmand. If the value f this field is!, then n user is allwed t access the grup using the newgrp cmmand. A value f!! is treated the same as a value f!

hwever, it als indicates that a passwrd has never been set befre. If the value is null, nly grup members can lg int the grup. Grup administratrs Grup members listed here (in a cmma delimited list) can add r remve grup members using the gpasswd cmmand. Grup members Grup members listed here (in a cmma delimited list) are regular, nn-administrative members f the grup. /etc/default/useradd Bth Red Hat Enterprise Linux and Debian/Ubuntu have a file called /etc/default/useradd that cntains sme default user ptins. Besides using cat t display this file, yu can als use useradd -D. [rt@rhel4 ~]# useradd -D GROUP=100 HOME=/hme INACTIVE=-1 EXPIRE= SHELL=/bin/bash SKEL=/etc/skel /etc/skel/ When using useradd the -m ptin, the /etc/skel/ directry is cpied t the newly created hme directry. The /etc/skel/ directry cntain sme (usually hidden) files that cntain prfile settings and default values fr applicatins. In this way /etc/skel/ serves as a default hme directry and as a default user prfile. [rt@rhel5 ~]# ls -la /etc/skel/ ttal 48 drwxr-xr-x 2 rt rt 4096 Apr 1 00:11. drwxr-xr-x 97 rt rt 12288 Jun 24 15:36.. -rw-r--r-- 1 rt rt 24 Jul 12 2006.bash_lgut -rw-r--r-- 1 rt rt 176 Jul 12 2006.bash_prfile -rw-r--r-- 1 rt rt 124 Jul 12 2006.bashrc

/etc/lgin.defs The /etc/lgin.defs file cntains sme default settings fr user passwrds like passwrd aging and length settings. (Yu will als find the numerical limits f user ids and grup ids and whether r nt a hme directry shuld be created by default). rt@rhel65:~# grep ^PASS /etc/lgin.defs PASS_MAX_DAYS 99999 PASS_MIN_DAYS 0 PASS_MIN_LEN 5 PASS_WARN_AGE 7 User Management Cmmand Line Tls Applicatin /usr/sbin/useradd /usr/sbin/userdel /usr/sbin/usermd passwd /usr/sbin/chpasswd chage chfn chsh Functin Adds user accunts. This tl is als used t specify primary and secndary grup membership. Deletes user accunts. Edits accunt attributes including sme functins related t passwrd aging. Fr mre fine-grained cntrl, use the passwd cmmand. usermd is als used t specify primary and secndary grup membership. Sets passwrds. Althugh primarily used t change a user's passwrd, it als cntrls all aspects f passwrd aging. Reads in a file cnsisting f username and passwrd pairs, and updates each users' passwrd accrdingly. Changes the user's passwrd aging plicies. The passwd cmmand can als be used fr this purpse. Changes the user's GECOS infrmatin. Changes the user's default shell.

Grup Management Cmmand Line Tls Applicatin Functin /usr/sbin/grupadd Adds grups, but des nt assign users t thse grups. The useradd and usermd prgrams shuld then be used t assign users t a given grup. /usr/sbin/grupdel /usr/sbin/grupmd gpasswd /usr/sbin/grpck Deletes grups. Mdifies grup names r GIDs, but des nt change grup membership. The useradd and usermd prgrams shuld be used t assign users t a given grup. Changes grup membership and sets passwrds t allw nn-grup members wh knw the grup passwrd t jin the grup. It is als used t specify grup administratrs. Checks the integrity f the /etc/grup and /etc/gshadw files. Permissin Management Cmmand Line Tls Applicatin chgrp chmd chwn Functin Changes which grup wns a given file. Changes access permissins fr a given file. It is als capable f assigning special permissins. Changes a file's wnership (and can als change grup). Linux Shadw file in detail surendra:$6$1aeszv.gsdper:15107:22:99999:207:205:105345 : 1 2 3 4 5 6 7 8 9 1) User lgin name: This field gives details fr user-lgin 2) Encrypted passwrd: The passwrd is in encryptin frm8) N f days frm Jan 1, 1970 the accunt was disabled: and its MD5 encrypted frm. This field may cntain fllwing things

!! r! indicates accunt is present but there is n passwrd set fr it. S user can nt lgin if secnd field set t this values :*: indicates the accunt was disable. :: indicates that user can lgin with ut passwrd. in ther wrds we can say passwrd remved $6$b93VXzq0$kI55QxFMpXv This example encrypted frm indicates passwrd is present and encrypted. 3) Last passwrd change: Indicates when was the last time the passwrd changed?. This is the number f days frm 1st Jan 1970. T get this number t cnvert t human readable frmat please have a lk in t ur ther pst hw t cnvert this number. 4) Minimum days need fr a passwrd change: This is t make user t change the passwrd nly after sme days. Suppse if this value is 0, he can change the passwrd at any time. If this value is 15, then the user can change the passwrd nly after 15 days. What will happen if he tried t change the passwrd tday it self th this value set t 15? We will get fllwing errr

Questins 1) Run a cmmand that displays nly yur currently lgged n user name. 2) Display a list f all lgged n users. 3) Display a list f all lgged n users including the cmmand they are running at this very mment. 4) Display yur user name and yur unique user identificatin (userid). 5) Use su t switch t anther user accunt (unless yu are rt, yu will need the passwrd f the ther accunt). And get back t the previus accunt. 6) Nw use su - t switch t anther user and ntice the difference. 7) Create a user named user2, including hme directry, bash shell, a descriptin that reads user2 ECE Grup all in ne single cmmand. 8) Create a file named welcme.txt and make sure every new user will see this file in their hme directry. 9) Change the default lgin shell fr the user1 user t /bin/bash. 10) Set the passwrd fr user1 t test123 11) Set a passwrd fr user1 and then lck the user1 user accunt with usermd. 12) Use passwd -d t disable the user1 passwrd. Verify the user1 line in /etc/shadw befre and after disabling. 13) What is the difference between lcking a user accunt and disabling a user accunt's passwrd i.e., usermd -L and passwd -d? 14) Make sure user1 has t change her passwrd in 10 days. 15) Make sure every new user needs t change their passwrd every 10 days. 16) Use chsh t list all shells (nly wrks n RHEL/CentOS/Fedra), and cmpare t cat /etc/shells. 17) Create the grups grupa, grupb and grupc. 18) In ne cmmand, make user2 a member f grupa and grupc. 19) Rename the grupb grup t grupf. 20) Hw many users we can create in Linux? Hw t delete user accunt in Linux? 21) What is the UID and GID limit in Linux? 22) Why UID and GID is just limited t that number? 23) Can tw users in Linux have same UID? 24) Hw t see what are the shells available in a Linux Bx? 25) What are the majr files mdified when yu create a user? 26) Hw t delete hme directries when user is deleted using single cmmand? 27) Hw t recver deleted /etc/passwd File In RHEL? 28) Hw t Change/Reset Rt Passwrd In Linux? 29) Hw t Verify Integrity Of Passwrd Files? 30) Hw can user get encrypted passwrd in /etc/passwd back frm /etc/shadw file?

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback