Day 2
I had to skip the second day due to unavoidable reason. Got to know from batch mates that below topics were covered on day 2 -
init levels
editors (gedit, vi, vim)
vim commands
basic file management (ls, cp, cd)
absolute path and relative path
--End of Day 2--
Day 3
Users & Group Management
Every user has an id called user id (same goes for 'group id' for each group)
uid of root user -> 0
uid of system (default) users -> 1 to 499
uid of normal users -> 500 and above
Files and directories that gets created/changed upon every user creation:
/etc/passwd (contains profile info of the users)
/etc/shadow (contains password info of the users)
/home/${USER} (home directory of the user)
/var/spool/mail/${USER} (email inbox of the user)
Few config files that controls the user creation:
/etc/default/useradd (base config file)
/etc/skel (base structure for every user's home directory)
/etc/login.defs (advance config file that contains password expiry period, home directory creation etc)
Understanding /etc/passwd file content
Normally the contents of /etc/passwd file will look like below -
root:x:0:0:root:/root:/bin/bash
1 |2|3|4| 5 | 6 | 7
1 -> username
2 -> password protection symbol
3 -> userid
4 -> groupid
5 -> description about the user
6 -> home directory of the user
7 -> shell used by the user
To create a user
useradd [username]
To add a description (comment) for already created user
usermod -c "[description]" [username]
To set password for a user
passwd [username]
To create a user with a different shell (other than the default /bin/bash)
useradd -s /sbin/nologin [username]
To assign a new home directory for an existing user and to move his current home content to new location
usermod -md [newhome] [username]
To lock the password of a user
passwd -l [username]
To delete a user along with all his data (home & mail directories)
userdel -r [username]
Groups
There are two type of groups - Primary and Secondary (or Supplementary)
Similar to the user id (uid), there is also an id for each group (gid) and the id range is same as that of uid's.
Files that get changed or created when a group is created
/etc/group (contain group info)
/etc/gshadow (contain group password)
Understanding the contents of /etc/group file
Normally the contents of /etc/group file will look like below -
root:x:0:root,user1
1 |2|3| 4
1 -> group name
2 -> password protection symbol
3 -> group id
4 -> group members (users) list
To add a group
groupadd [groupname]
To assign a password for group
gpasswd [groupname]
To list the groups in which the currently logged in user is part of
groups
To assign a new group for currently logged in user temporarily
newgrp [groupname]
To assign user to a secondary group permanently
usermod -G [groupname] [username]
To assign a user to another secondary group permanently without removing his previous subscriptions
usermod -aG [groupname] [username]
To change the primary group of a user permanently
usermod -g [groupname] [username]
To change the group id of an existing group
groupmod -g [new id] [groupname]
To delete a group
groupdel [groupname]
Permissions
A normal ls -l command will output like below -
drwxr-xr-x. 2 root root 4096 Jul 1 21:59 Documents
In the above output, the first 11 characters define the permissions for the corresponding file.
d r w x r - x r - x .
1 2 3 4 5 6 7 8 9 10 11
1 -> File type
- -> ASCII file
d -> directory
c -> character device
b -> block device
l -> symbolic link
s -> socket
2,3,4 -> Owner's permission
5,6,7 -> Group owner's permission
8,9,10 -> Other's permission
11 -> selinux context
To change the owner of a directory (or file)
chown [username] [directory/file]
To change the group owner of a directory (or file)
chgrp [groupname] [directory/file]
There are two ways in which the permissions can be set for directories/files - one is Symbolic method and the other one is Numeric method.
Symbolic method glossary
Who
u -> owner
g -> group owner
o -> others
a -> all
What
r -> read
w -> write
x -> execute/accessible
- -> null
Action
+ -> append/add
- -> revoke/remove
= -> assign
Example:
chmod o+w [directory/file]
Numeric method glossary
4 -> read
2 -> write
1 -> execute
0 -> null
Example:
chmod 755 [directory/file]
UMASK
UMASK defines the default permissions that has to be set for each file/directory as soon as it is created by a user.
The default permission for directories -> 777
The default permission for files -> 666
Predefined UMASK value for root user -> 022
Predefined UMASK value for normal user -> 002
Which means, if a root user creates a directory, that directory's permission is set to 777-022 = 755. And if the root user creates a file, that file's permission is set to 666-022 = 644.
Similarly, if a normal user creates a directory, that directory's permission is set to 777-002 = 775. And if the normal user created a file, that file's permission is set to 666-002 = 664.
UMASK value for all users is defined in /etc/profile
To change the UMASK value for currently logged in user temporarily
umask [new_value]
Tidbits of the day
Every user has an id called user id (same goes for 'group id' for each group)
uid of root user -> 0
uid of system (default) users -> 1 to 499
uid of normal users -> 500 and above
Files and directories that gets created/changed upon every user creation:
/etc/passwd (contains profile info of the users)
/etc/shadow (contains password info of the users)
/home/${USER} (home directory of the user)
/var/spool/mail/${USER} (email inbox of the user)
Few config files that controls the user creation:
/etc/default/useradd (base config file)
/etc/skel (base structure for every user's home directory)
/etc/login.defs (advance config file that contains password expiry period, home directory creation etc)
Understanding /etc/passwd file content
Normally the contents of /etc/passwd file will look like below -
root:x:0:0:root:/root:/bin/bash
1 |2|3|4| 5 | 6 | 7
1 -> username
2 -> password protection symbol
3 -> userid
4 -> groupid
5 -> description about the user
6 -> home directory of the user
7 -> shell used by the user
To create a user
useradd [username]
To add a description (comment) for already created user
usermod -c "[description]" [username]
To set password for a user
passwd [username]
To create a user with a different shell (other than the default /bin/bash)
useradd -s /sbin/nologin [username]
[! the user can not login if his shell is /sbin/nologin]
To assign a new home directory for an existing user and to move his current home content to new location
usermod -md [newhome] [username]
To lock the password of a user
passwd -l [username]
To delete a user along with all his data (home & mail directories)
userdel -r [username]
Groups
There are two type of groups - Primary and Secondary (or Supplementary)
Similar to the user id (uid), there is also an id for each group (gid) and the id range is same as that of uid's.
Files that get changed or created when a group is created
/etc/group (contain group info)
/etc/gshadow (contain group password)
Understanding the contents of /etc/group file
Normally the contents of /etc/group file will look like below -
root:x:0:root,user1
1 |2|3| 4
1 -> group name
2 -> password protection symbol
3 -> group id
4 -> group members (users) list
To add a group
groupadd [groupname]
To assign a password for group
gpasswd [groupname]
To list the groups in which the currently logged in user is part of
groups
To assign a new group for currently logged in user temporarily
newgrp [groupname]
To assign user to a secondary group permanently
usermod -G [groupname] [username]
[! this will remove the user from his previous group(s) and assign him to the new group]
To assign a user to another secondary group permanently without removing his previous subscriptions
usermod -aG [groupname] [username]
To change the primary group of a user permanently
usermod -g [groupname] [username]
To change the group id of an existing group
groupmod -g [new id] [groupname]
To delete a group
groupdel [groupname]
Permissions
A normal ls -l command will output like below -
drwxr-xr-x. 2 root root 4096 Jul 1 21:59 Documents
In the above output, the first 11 characters define the permissions for the corresponding file.
d r w x r - x r - x .
1 2 3 4 5 6 7 8 9 10 11
1 -> File type
- -> ASCII file
d -> directory
c -> character device
b -> block device
l -> symbolic link
s -> socket
2,3,4 -> Owner's permission
5,6,7 -> Group owner's permission
8,9,10 -> Other's permission
11 -> selinux context
To change the owner of a directory (or file)
chown [username] [directory/file]
To change the group owner of a directory (or file)
chgrp [groupname] [directory/file]
There are two ways in which the permissions can be set for directories/files - one is Symbolic method and the other one is Numeric method.
Symbolic method glossary
Who
u -> owner
g -> group owner
o -> others
a -> all
What
r -> read
w -> write
x -> execute/accessible
- -> null
Action
+ -> append/add
- -> revoke/remove
= -> assign
Example:
chmod o+w [directory/file]
the above command will append write permission to others for the [directory/file]
Numeric method glossary
4 -> read
2 -> write
1 -> execute
0 -> null
Example:
chmod 755 [directory/file]
the above command will set the permissions for [directory/file] as rwxrw-rw-
UMASK
UMASK defines the default permissions that has to be set for each file/directory as soon as it is created by a user.
The default permission for directories -> 777
The default permission for files -> 666
Predefined UMASK value for root user -> 022
Predefined UMASK value for normal user -> 002
Which means, if a root user creates a directory, that directory's permission is set to 777-022 = 755. And if the root user creates a file, that file's permission is set to 666-022 = 644.
Similarly, if a normal user creates a directory, that directory's permission is set to 777-002 = 775. And if the normal user created a file, that file's permission is set to 666-002 = 664.
UMASK value for all users is defined in /etc/profile
To change the UMASK value for currently logged in user temporarily
umask [new_value]
Tidbits of the day
- id
command is used to get the id of - id command is used to get the id of currently logged in user
- RedHat uses sha512 algorithm to encrypt the user password. The algorithm is configured in /etc/login.defs
--End of Day 3--
No comments:
Post a Comment