Слайд 3
/etc/passwd file
username:password:UID:GID:GECOS:/home/dir:shell
root:x:0:0:root:/root:/bin/bash
Слайд 4
/etc/shadow file
root:$6$EA9l7lWI$1KXpR1dYwKe0icL0ohivqdyPdwzcxn0FuH.:16856:0:99999:7:::
Username, up to 8 characters. Case-sensitive, usually
all lowercase. A direct match to the username in
the /etc/passwd file.
Password, encrypted.
The number of days since January 1, 1970 since the password was last changed.
The number of days before password may be changed (0 indicates it may be changed at any time)
The number of days after which password must be changed (99999 indicates user can keep his or her password unchanged for many, many years)
The number of days to warn user of an expiring password (7 for a full week)
The number of days after password expires, but can be used. Account will be disabled if pwd is not changed.
The number of days since January 1, 1970 when an account will be disabled
A reserved field for possible future use
Слайд 5
Groups
/etc/group file
groupname:password:GID:list of users
root:x:0:
Слайд 6
Root user
root is the user name or account that
by default has access to all commands and files on a
Linux or other Unix-like operating system. It is also referred to as the root account, root user and the superuser.
Gain root access: su –
Слайд 7
Sudo
Example: sudo some command
Note: all commands executed using
sudo are logged by default to /var/log/secure
/etc/sudoers file
Слайд 8
Managing users
useradd username - creates user
usermod – modifies
user (see help)
userdel username – deletes user (with ‘-r’
deletes it’s home directory)
passwd username – sets password
Слайд 9
UID ranges
UID 0 is always assigned to the
superuser account, root.
UID 1 – 200 is a range
of ‘system users’ assigned statically to system.
UID 200 - 999 is a range of ‘system users’ used by system processes that do not own files on the file system. They are typically assigned dynamically from the available pool when the software that needs them is installed. Programs run as these ‘unprivileged’ system users in order to limit their access to just the resources they need to function.
UID 1000+ is the range available for assignment
Слайд 10
Managing groups
groupadd groupname - creates group (-g GID)
groupmod
– modifies group (see help)
groupdel groupname - deletes group