Users & amp; Groups in Linux

صفحه 1:
ON eee (ola eal dl Aire OS Lab Presentation Hossein Joukar 9031006 - Ehsan Edalat 9031066 

صفحه 2:
ا ا یت ون کر 

صفحه 3:
ا ادك > It is necessary for regular users to run a command as if they were root. ‎deh Uhl‏ وروت رها ‎>» This command changes the UID and GID of the existing 6۲ ‎>» The syntax for the su command is this: su option username arguments su -c 'Is /home/bob' - bob ‎ea or re ate ced need oo ence oe ene een ey Pr een ante ‎> To return to the regular users’ identity Lams 

صفحه 4:
‎a OLAS‏ ادك ‎> It gives to the certain users only a few superuser permissions. ‎> The list of authorized users is kept in /etc/sudoers ‎> Sudo will prompt for a password and then check the /etc/sudoers. ‎> Sample: < 500 ‏66و10‎ 1 

صفحه 5:
GO OG GOOO > SU is a command that root user with his own password can perform all commands but SUDO is a command that regular user with his own password can perform especial commands that mention in /usr/sbin/visudo. > Users can add or remove from /usr/sbin/visudo in format that mention below: Ok emo (ne mee a) 

صفحه 6:
(Groups > /etc/group > The custom is to use GIDs of 500 or more for regular users and less for administrations or special program. > Groupname:password:gid:users root:x:0:root bin:x:1:root,bin,daemon > Special group تا تا ها ‎te iene‏ ۱ 

صفحه 7:
Phe Password Pile > /etc/passwd > It is the database file for all users on the system. ۱ a a > * in password means disable. 

صفحه 8:
حل« سوحه ”) سدلككحا) 2 0 at 1 oy-To1 <=) (=) > /etc/shadow > It is considered to use the encrypted passwords found in /etc/passwd. > Only x or * appears in the passwprd field of /etc/passwd.. 

صفحه 9:
حل« سوحه ”) سدلككحا) > Advantages of shadow over the traditional mode » Shadow passwords improve system security by moving encrypted password hashes from the world-readable /etc/passwd file to /etc/shadow, which is readable only by ۱ » Shadow passwords store information about password aging. 

صفحه 10:
CNN Des aNd 5 > The user’s login name > The encrypted password > The number of days since jan 1970 > The number of days before the the password can be changed > The number of days before the password is to expire that the user is warned it will expire. > The number of days after the password expires the account is disabled. > The number of days since jan 1 1970 that account has been disabled. 

صفحه 11:
4 Viexercd Directory 5 > When each user is created, a home directory is created for him (/nome/<username>). > The set of files that initially are used to populated this home directory are kept in /etc/skel. 

صفحه 12:
۱۱ ‏مر‎ Meal 1 > The User Accounts configuration tool allows you to view, modify, add, and sae local users. To run the the User Accounts ‏مع‎ > By default, the tool only allows you to change certain settings regarding yo count. This is because only the root user is allowed to configure users and groups. To unlock the configuration ‏یا و۱‎ 05 1۱ ‏رز‎ are corner of the window, and provide the correct password when prompted. 

صفحه 13:
Osicry 00 eae cae Be AL Settings Jaromir Hradilek Standard English Login Options 

صفحه 14:
فم Create new account Account Ty Standard Fullname | Eva Kopalova Username | ekopatova Cancel 

صفحه 15:
فم De you want to keep Eva Kepalova's files? Itis possible to keep the home directory, mail spool and temporary files around when deleting @ user account. | Keep Files Cancel, 

صفحه 16:
۱۱ Nevnnene cee Brae} you to view, ind groups in the application, either Groups from -config-users at a lave superuser عونا ع1 <- 

صفحه 17:
Osicry the Oser (ON ene ci ae > Fedora reserves user and group IDs below 1000 for system users and groups. By default, the User Manager does not display the system users. To view all users and groups, select Edit > Preferences to open the Preferences dialog box, and clear the Hide system users and groups check box. 

صفحه 18:
Apply fitter Home Directory ‏مهدجه‎ قناماة م اء لع وم Refresh Full Name Login Shell Jaromir Hradilek /bin/bash Ibirvbash Fle Edit Help B® © Add User AddGroup Propert Users | Graups User Name User ID ¥ | Primary Group 1000 1001 jnradiek ‏عافد‎ ekopalove ekopalova 

صفحه 19:
فم Conti Password: [>= ۱ Logi Sha ‏دا سم‎ 1 Create home drectory Home Directory: |snome/ekopatova © Create a private group for the Specify user 1D manually 1 Specity group 1D manually ۳ 

صفحه 20:
CON NNO Ua Dic > To specify a user ID for the user, select Specify user ID manually. If the option is not selected, the next available user ID above 1000 is assigned to the new user. Because Fedora reserves user IDs below 1000 for system users, it is not advisable to manually assign ۱۱۳ ‏روت‎ 

صفحه 21:
CONN NNR OD UPA (eae od Group Name: | publishers “) Specify group ID manually: Cancel 

صفحه 22:
Properties عه Full Name ‏دجم‎ Password: 0 "۱ Confirm Password, |***** ۱ 6 9 ست: Login Shell: {fbinibash -[ Cancet_|| 

صفحه 23:
Group Data ۱ Group Users Select the users to join this group: cancel || 0K 

صفحه 24:
Oser ۱۹۱2۹ ac ri ea OA ARN ed > useradd [option] user name ‏تس هه‎ < ‏اعلرعدن‎ ‏م‎ ‏ع5 ها‎ iCele ‏كا‎ 2 > groupadd [option] group_name ‏تال سس هه‎ > groupdel < ‏منامعو ة عنعاءم‎ ۲ ۵ ‏انا‎ 0 8 ‏کیره‎ Pern ‏ل ل‎ uy 

صفحه 25:
4 > useradd [option] user name >» Options: ‏"أمعمصممم' ع- ء‎ ۱ ‏ا ا‎ Pees hele nal Cee > -d home_directory .ع دم همع دنع مممط/ غانهقعل أه ی ‎bene Ree‏ تلك تح يما يي رت 20 ولاول - < 000 ‏ا ل ل‎ te Rega Cece a disabled. If 0 is specified, the account is disabled immediately after the password expires. If -1 is specified, the account is not ‏معاطهدال ع5‎ ucm re eee Ken ice 

صفحه 26:
4 > Options: > -g group_name > Group name or group number for the user's default group. > -G group _list amet uM murine eet Mar iueetme eT Benes rete Scena eR Mura Cg) felis ‏مدع‎ ‎6 1 ‏رد‎ oa eo 2 ‏وت 0 كا‎ ۶ ‎el emg ae‏ رن ها 

صفحه 27:
4 >» Options: > -p password PU ea Rules sesh ‏غمص‎ ‏ص‎ ل ۱ ۱ في .اك ةط/ماط/ م ی ی ی اهروت اه أن ها ار ۱ 

صفحه 28:
۱۹ 7 > groupadd [option] group_name > Options: ۲ ‏او و‎ > Group ID for the group, which must be unique and greater than ‏ووو‎ > -p, --password password ۱ h ceo homeo > -o, --non-unique ۱ ‏ل‎ oeicon ‏”ند صمي‎ ‎note ct met‏ رها ل 0 

صفحه 29:
> To configure password expiration for a user from a shell prompt, run the following command as root: > chage [options] username > Options: > -d days ‎i ess Cs ee CLS‏ ا 0۰ ۱۷۵5 2255۷0۳۵ ‎۶ - 25 ‏ا ا ا ‎due gic ace ae Cre US‏ ۱3 ‎account is not locked after the password expires.‏ 

صفحه 30:
الهس < > Sends a message to the terminals of all user connected to the system. > talk > Allows two-way communication between any two eles > write > Send a message to a user 

صفحه 31:
لك 2 «- ‏لمصطء‎ ‎> Change file access permission > chown » Change file owner or group > chroot >» Run command with special root directory 

صفحه 32:
Thanks for your attention 

Users & Groups in Linux OS Lab Presentation Hossein Joukar 9031006 – Ehsan Edalat 9031066 Managing Users  2 Each system has two kinds of users:  Superuser (root)  Regular user  Each user has his own username, password, and permissions that can only be assigned by the user.  Group is set of users that has permission to access special files(read, write, execute) and that owner and the root can manage level of accesses to them.  All users have a user ID (UID) and a group ID (GID). The su Command 3  It is necessary for regular users to run a command as if they were root.  The su means substitute user.  This command changes the UID and GID of the existing user.  The syntax for the su command is this: su option username arguments su -c 'ls /home/bob' – bob the following command switches to user bob's account and produces a list of the contents of bob's home directory  To return to the regular users’ identity  exit The sudo Command  It gives to the certain users only a few superuser permissions.  The list of authorized users is kept in /etc/sudoers  Sudo will prompt for a password and then check the /etc/sudoers.  Sample:  Sudo fdisk /dev/hda1 4 SU VS SUDO 5  SU is a command that root user with his own password can perform all commands but SUDO is a command that regular user with his own password can perform especial commands that mention in /usr/sbin/visudo.  Users can add or remove from /usr/sbin/visudo in format that mention below: User_name Machine_name=(Effective_user) command Groups     6 /etc/group The custom is to use GIDs of 500 or more for regular users and less for administrations or special program. Groupname:password:gid:users root:x:0:root bin:x:1:root,bin,daemon test:x:500: Special group  Allow these services to manage their own files with permissions that restrict other users from them. The Password File  /etc/passwd  It is the database file for all users on the system.  Username:password:uid:gid:comment:homedir:shell  * in password means disable. 7 Shadow Passwords  8 shadow-utils package  /etc/shadow  It is considered to use the encrypted passwords found in /etc/passwd.  Only x or * appears in the passwprd field of /etc/passwd.. Shadow Passwords  9 Advantages of shadow over the traditional mode  Shadow passwords improve system security by moving encrypted password hashes from the world-readable /etc/passwd file to /etc/shadow, which is readable only by the root user.  Shadow passwords store information about password aging. Shadow Password Fields        1 0 The user’s login name The encrypted password The number of days since jan 1970 The number of days before the the password can be changed The number of days before the password is to expire that the user is warned it will expire. The number of days after the password expires the account is disabled. The number of days since jan 1 1970 that account has been disabled. User’s Home Directory 1 1  When each user is created, a home directory is created for him (/home/<username>).  The set of files that initially are used to populated this home directory are kept in /etc/skel. Using the User Accounts Tool 1 2  The User Accounts configuration tool allows you to view, modify, add, and delete local users. To run the tool, selectApplications → System Tools → System Settings from the Activities menu and click the User Accounts icon.  By default, the tool only allows you to change certain settings regarding your account. This is because only the root user is allowed to configure users and groups. To unlock the configuration tool for all kinds of changes, click the Unlock button in the top-right corner of the window, and provide the correct password when prompted. Using the User Accounts Tool 1 3 Adding a New User 1 4 Removing a User 1 5 Using the User Manager Tool  1 6 The User Manager application allows you to view, modify, add, and delete local users and groups in the graphical user interface. To start the application, either select Applications → Other → Users and Groups from the Activities menu, or type system-config-users at a shell prompt. Note that unless you have superuser privileges, the application will prompt you to authenticate as root. Using the User Manager Tool  1 7 Fedora reserves user and group IDs below 1000 for system users and groups. By default, the User Manager does not display the system users. To view all users and groups, select Edit → Preferences to open the Preferences dialog box, and clear the Hide system users and groups check box. Viewing Users and Groups 1 8 Adding a New User 1 9 Adding a New User  2 0 To specify a user ID for the user, select Specify user ID manually. If the option is not selected, the next available user ID above 1000 is assigned to the new user. Because Fedora reserves user IDs below 1000 for system users, it is not advisable to manually assign user IDs 1–999. Adding a New Group 2 1 Modifying User Properties Properties 2 2 Modifying Group Properties 2 3 User Management Commands  useradd [option] user name   userdel   Delete a group groupmod   Create a new group groupdel   Modify a user account groupadd [option] group_name   Delete a user usermod   Create a new user Modify a group grpck  Verify the integrity of the system authentication information. 2 4 Adding a New User  useradd [option] user name  Options:  -c ‘comment’   Home directory to be used instead of default /home/username/. -e date   comment can be replaced with any string. This option is generally used to specify the full name of a user. -d home_directory   2 5 Date for the account to be disabled in the format YYYY-MM-DD. -f days  Number of days after the password expires until the account is disabled. If 0 is specified, the account is disabled immediately after the password expires. If -1 is specified, the account is not be disabled after the password expires. Adding a New User  2 6 Options:  -g group_name   -G group_list   Create the home directory if it does not exist. -M   List of additional (other than default) group names or group numbers, separated by commas, of which the user is a member. -m   Group name or group number for the user's default group. Do not create the home directory. -N  Do not create a user private group for the user. Adding a New User  2 7 Options:  -p password   -r   Create a system account with a UID less than 1000 and without a home directory. -s   The password encrypted with crypt. User's login shell, which defaults to /bin/bash. -u uid  User ID for the user, which must be unique and greater than 999. Adding a New Group  groupadd [option] group_name  Options:  -g gid   Use this encrypted password for the new group. -o, --non-unique   Group ID for the group, which must be unique and greater than 999. -p, --password password   2 8 Allow to create groups with duplicate. -f, --force  When used with -g gid and gid already exists, groupadd will choose another unique gid for the group. configure password 2 9  To configure password expiration for a user from a shell prompt, run the following command as root:  chage [options] username  Options:  -d days   Specifies the number of days since January 1, 1970 the password was changed. -I days  Specifies the number of inactive days after the password expiration before locking the account. If the value is 0, the account is not locked after the password expires. Communicating With Users  wall   talk   Sends a message to the terminals of all user connected to the system. Allows two-way communication between any two users. write  Send a message to a user 3 0 Some Useful Command  chmod   chown   Change file access permission Change file owner or group chroot  Run command with special root directory 3 1 3 2 Thanks for your attention