Presentation is loading. Please wait.

Presentation is loading. Please wait.

ITI-481: Unix Administration Meeting 3 Christopher Uriarte, Instructor Rutgers University Center for Applied Computing Technologies.

Published byCharlotte Lucas Modified over 8 years ago

Similar presentations

Presentation on theme: "ITI-481: Unix Administration Meeting 3 Christopher Uriarte, Instructor Rutgers University Center for Applied Computing Technologies."— Presentation transcript:

1 ITI-481: Unix Administration Meeting 3 Christopher Uriarte, Instructor Rutgers University Center for Applied Computing Technologies

2 Today’s Agenda Account Management File and directory permissions and management UNIX networking basics

3 Unix System Accounts Access to system resources is controlled through user and group assignments. Two types of user accounts: –“Root” user – the system administrator; the “superuser” who has permission to execute every command and read every file on the system. “Root” has total control of everything on the system. –Normal user – any user that is not the root user. As you’ve experienced thus far, almost all UNIX administration is done as the root user.

4 Becoming the Root User There are two ways that you can log in as the root user –Sitting at the system console, you can simply log in as root. –If your are logged in as another user, you can use the “ su ” command at the command prompt to change to the root user (you will be prompted for the root password). You then have full root rights until you exit your shell. –Root login is restricted via remote access (telnet or ssh) – you must first log in as a non-root user and then use “ su ”

5 UNIX System Components Related to Account Creation /etc/password – The system user file, contains information about users on the system. /etc/shadow – The file that actually contains the passwords /etc/group – The system group file, defines user groups on the system. User Home Directories ( /home/username ) Initialization shell scripts (.login,.bash_profile,.cshrc, etc. )

6 Passwords on UNIX Systems Should always be encrypted when stored – all modern UNIX systems use password encryption. –Crypt encryption – up to 8 characters –MD5 encryption – up to 256 characters Should be a combination of random letters, numbers, and special characters. Used to be stored in /etc/password, but now stored in /etc/shadow Passwords are set using the “ passwd ” command. Only the root user can change passwords for other users. –passwd – changes your own password –passwd username – changes another user’s password

7 The /etc/passwd File Stores a user’s username, unique user ID number, default group ID number, Full name, home directory and login shell. –Each user on the system has a unique UID, assigned by the system. –The root user has the UID of 0 (zero) – THIS is what characterizes the root user, not the username “root” /etc/passwd File format: (One Entry Per Line, fields separated by colons): username:x:user ID (UID):default group (GID):name (GECOS): home directory:login shell Sample entry (with shadow file): kkaplan:x:500:500:Kellee Kaplan:/home/kkaplan:/bin/bash Typical file permissions: -rw-r--r-- 1 root root 865 Mar 28 10:44 /etc/passwd

8 The /etc/shadow File Stores encrypted user passwords. /etc/shadow File Format: login name:encrypted password: other options for password expiration and changing (non-standard) Sample entry (One Entry Per Line, fields separated by colons): kkaplan:$1$iwdVDnei&aBcxvpyYi06:10987:0:99999: Typical permissions (IMPORTANT!): -r-------- 1 root root 752 Jan 31 11:45 /etc/shadow

9 The /etc/group File Contains information about system groups and the users that are members of each group. Contains the fields: Groups Name, unique group ID number and a list of the groups members. Entry format: group name:x:GID:comma-separated list of group members Sample entry: staff:x:103:kkaplan,jsmith,jdoe (a group called staff with the members kkaplan, jsmith and jdoe)

10 Account Management Tools With the exception of /etc/group, all account management files are managed through simple command-line tools. Command line –Users: useradd, userdel, usermod –Groups: groupadd, groupdel, groupmod –Specific fields: passwd, chsh Graphical –LinuxConf (Linux only) –Control-panel –Lots of other graphical UNIX utilities.

11 Managing Users The useradd utility is used to create system user accounts. You can simply add a user with: –useradd johndoe (Creates the user johndoe on the system) useradd has a number of simple options, that allow you to specify user attributes during account creation.

12 useradd Syntax and options Useradd options include: -u UID-g default group -d home directory -s default shell path -c “Comment or Full name” -m (make the user's home directory) useradd –m –d /opt/home/chrisjur –g staff –s /bin/bash chrisjur Creates a user named “chrisjur”, makes his home directory, sets his home directory to /opt/home/chrisjur, sets his group to “staff”, sets his shell to /bin/bash

13 Important useradd Tip! After you add a user, YOU MUST assign a password to the user using the “passwd” command. passwd username The user will not be able to login until you set a password!

14 useradd Syntax and options If no options are specified, system defaults are used when creating a user (default shell, default home directory path, etc.) Similarly, the usermod command can be used to modify an existing user’s attributes using the same syntax as useradd. usermod –s /bin/sh chrisjur –Changes chrisjur’s shell to /bin/sh

15 Deleting System User Accounts System users can be deleted using the userdel command with the syntax: userdel username e.g: userdel chrisjur –Deletes the user chrisjur from the system. userdel DOES NOT delete a user’s home directory or its contents. You must either delete it manually or use the “-r” switch with userdel ( userdel –r username )

16 Exercise: Account Creation with Command Line Tools Use useradd to create an account for the login student100. Use the appropriate flags to set a default group of “users”, a home directory of /home/student3, and a password of your choosing. Login to the student100 account. Use userdel to remove the student100 account.* *a common error is sometimes made

17 UNIX Groups UNIX provides a grouping functionality that allows you to group system users together, allowing them to access common system resources, such as files and directories. UNIX groups provide a typical way for non-root users to collaborate on projects by sharing permissions (write/read/execute permissions) on system resources.

18 Grouping Example Problem: You have a series of web pages files that reside under /var/opt/www/htdocs. You need give your 3-person web- development team the ability to edit these files. Solution: Create a group called “webdev”, place the 3 users in the devel team in the group and make /var/opt/www/htdocs and all its files group-readable, writeable and executable.

19 Creating UNIX Groups You can create UNIX groups using the groupadd utility: groupadd staff Creates a group called “staff” After creating a group, you must then manually add members to the group by adding their usernames to that groups line in the /etc/group file. Group members are added to /etc/group as a comma-separated list after the group name and parameters.

20 Adding Users to Groups After creating a group called “staff” (using groupadd staff ), an entry is placed in /etc/group that looks like this: staff:x:506: You can add the users chris,john and joe to the group by editing /etc/group and adding them after the last colon: staff:x:506:chris,john,joe

21 Deleting Groups You can delete groups using the groupdel command: groupdel groupname

22 Changing File Ownership If you want to change the ownership of a file or directory to another user, you can use the chown command: chown chown chris /home/chris/hisfile.txt chown chris /home/chris Useful chown option: “-R” – recursively change ownership: chown –R chris /home/chris #Changes /home/chris and all files/directories under it to chris’s ownership

23 Changing Group Associations If you would like to associated a file or directory with a particular group, you can use the chgrp command: chgrp chgrp staff /home/staff/groupfile.txt chgrp staff /home/staff/projects Useful chgrp option: “-R” – recursively change group associations: chown –R staff /home/staff #Associates /home/staff and all files/directories under it with the staff group

24 Using chmod with Groups You can use chmod to change a files group permissions. -rwxr--r-- chris staff 100 Apr 4 2000 file.txt #file readable, writeable and executable by its owner, and readable by members of its group and other users. Use chmod to allow members of the staff group to read, write and execute the file. [user@host]# chmod g+rwx file.txt -rwxrwxr-- chris staff 100 Apr 4 2000 file.txt #file is now readable, writeable and executeable by its owner AND members of the staff group – but only readable by all other system users.

25 Exercise: User and Group Creation Create two users: user1 and user2 Create a group called “class” Create a file called /etc/classtest.txt with the words “Hello world” in it. Associate the file /etc/classtest.txt with the “class” group Set the permissions so members of its group can write to the file. Add user1 and user2 to the group. Logout and log back in as user1 – attempt to write to the file. Logout. Login as user2 - attempt to write to the file.

26 Important Network Information When connecting your UNIX machine to a LAN or the Internet, you need some basic network information to configure it. –Are you using DHCP (automatic network configuration)? –If not, you need to know your: IP Address and Subnet Mask Default gateway DNS Servers

27 Configuring Network Settings Network settings can be configured three ways: –During your UNIX install/setup –By modifying network-specific configuration files –By using graphical setup utilities

28 Using Graphical Network Setup Utilities There are many different graphical utilities include with UNIX distributions that allow you to change your network setting: –Linuxconf (Linux only) –Control-panel –KDE Network control panel There are no “standard” graphical utilities (so they may change!), but they are all easy to use.

29 Changing Network Settings through System Configuration files On Linux, there are three config files that contain the basic network settings –/etc/sysconfig/network – contains your system name, default gateway and default ethernet NIC card (eth0) –/etc/sysconfig/network-scripts/ifcfg-eth0 – contains your IP address and subnet mask for your default NIC. Also sets a flag for your boot protocol (Setting BOOTPROTO=DHCP configures your system to use DHCP – it’s that simple!) –/etc/resolv.conf – contains a list of DNS nameservers that your system will use

30 Changing Network Settings, con’t. System nameservers are specified in /etc/resolv.conf in this fashion: Nameserver 123.4.5.6 Nameserver 123.4.5.7 etc. After making changes to network configuration files, you must execute: /etc/rc.d/init.d/network restart

31 Homework TBA

Download ppt "ITI-481: Unix Administration Meeting 3 Christopher Uriarte, Instructor Rutgers University Center for Applied Computing Technologies."

Similar presentations

Unit 5 – User Administration Randy Marchany VA Tech Computing Center.

Unit 5 – User Administration Randy Marchany VA Tech Computing Center.
Linux Users and Groups Management

Linux Users and Groups Management
Chapter One The Essence of UNIX.

Chapter One The Essence of UNIX.
Linux File & Folder permissions. File Permissions In Ubuntu, files and folders can be set up so that only specific users can view, modify, or run them.

Linux File & Folder permissions. File Permissions In Ubuntu, files and folders can be set up so that only specific users can view, modify, or run them.
User Account Management WeeSan Lee. Roadmap Add An Account Delete An Account /etc/{passwd,shadow} /etc/group How To Disable An Account? Root Account Q&A.

User Account Management WeeSan Lee. Roadmap Add An Account Delete An Account /etc/{passwd,shadow} /etc/group How To Disable An Account? Root Account Q&A.
Lesson 22 – Introduction to Linux Systems Administration.

Lesson 22 – Introduction to Linux Systems Administration.
User Accounts and Permissions Chapter IV / Part II.

User Accounts and Permissions Chapter IV / Part II.
SUSE Linux Enterprise Server Administration (Course 3037) Chapter 2 Manage User Access and Security.

SUSE Linux Enterprise Server Administration (Course 3037) Chapter 2 Manage User Access and Security.
Linux+ Guide to Linux Certification, Second Edition

Linux+ Guide to Linux Certification, Second Edition
Linux System Administration LINUX SYSTEM ADMINISTRATION.

Linux System Administration LINUX SYSTEM ADMINISTRATION.
Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.

Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.
The University of Akron Summit College Business Technology Dept.

The University of Akron Summit College Business Technology Dept.
Guide to Linux Installation and Administration, 2e1 Chapter 8 Basic Administration Tasks.

Guide to Linux Installation and Administration, 2e1 Chapter 8 Basic Administration Tasks.
Managing User Accounts. Module 2 – Creating and Managing Users ♦ Overview ► One should log into a Linux system with a valid user name and password granted.

Managing User Accounts. Module 2 – Creating and Managing Users ♦ Overview ► One should log into a Linux system with a valid user name and password granted.
Samba Advanced System Administration Course James Lwali University computing Centre Ltd, University of Dar es salaam,

Samba Advanced System Administration Course James Lwali University computing Centre Ltd, University of Dar es salaam,
Adding New Users User as an entity - username(UID), GID. UID - typically a number for system to identify the user. GID – a number that recognizes a set.

Adding New Users User as an entity - username(UID), GID. UID - typically a number for system to identify the user. GID – a number that recognizes a set.
ITI-481: Unix Administration Meeting 3. Today’s Agenda Hands-on exercises with booting and software installation. Account Management Basic Network Configuration.

ITI-481: Unix Administration Meeting 3. Today’s Agenda Hands-on exercises with booting and software installation. Account Management Basic Network Configuration.
IT2204: Systems Administration I 1 6b). Introduction to Linux.

IT2204: Systems Administration I 1 6b). Introduction to Linux.
System Administration System Configuration and Logs.

System Administration System Configuration and Logs.
Linux+ Guide to Linux Certification, Second Edition Chapter 14 Network Configuration.

Linux+ Guide to Linux Certification, Second Edition Chapter 14 Network Configuration.

Similar presentations

Ads by Google