Unix Accounts
17/09/20152 Unix Accounts To access a Unix system you need to have an account. Unix account includes: username and password userid and groupid home directory shell
17/09/20153 username A username is (typically) a sequence of alphanumeric characters of length no more than 8. username the primary identifying attribute of your account. username is (usually) used as an address the name of your home directory is usually related to your username.
17/09/20154 password a password is a secret string that only the user knows (not even the system knows!) When you enter your password the system encrypts it and compares to a stored string. passwords are (usually) no more than 8 characters long. It's a good idea to include numbers and/or special characters (don't use an english word!)
17/09/20155 userid a userid is a number (an integer) that identifies a Unix account. Each userid is unique. It's easier (and more efficient) for the system to use a number than a string like the username. You don't need to know your userid!
17/09/20156 Unix Groups and groupid Unix includes the notion of a "group" of users. A Unix group can share files and active processes. Each account is assigned a "primary" group. The groupid is a number that corresponds to this primary group. A single account can belong to many groups (but has only one primary group).
17/09/20157 Home Directory A home directory is a place in the file system where the account files are stored. A directory is like a Windows folder. Many unix commands and applications make use of the account home directory (as a place to look for customization files).
17/09/20158 Shell A Shell is a unix program that provides an interactive session - a text-based user interface. When you log in to a Unix system the program you initially interact with is your shell. There are a number of popular shells that are available.
17/09/20159 Logging In To log in to a Unix machine you can either: sit at the console (the computer itself) access via the net (using putty, telnet, rsh, ssh, kermit, or some other remote access client). The system prompts you for your username and password. Usernames and passwords are case sensitive!
17/09/ Session Startup Once you log in, your shell will be started and it will display a prompt. When the shell is started it looks in your home directory for some customization files. You can change the shell prompt and a bunch of other things by creating customization files (more on this later…)
17/09/ Your Home Directory Every Unix process* has a notion of the “current working directory”. You shell (which is a process) starts with the current working directory set to your home directory. *A process is an instance of a program that is currently running.
17/09/ Interacting with the Shell The shell prints a prompt and waits for you to type in a command. The shell can deal with a couple of types of commands: shell internals - commands that the shell handles directly. External programs - the shell runs a program for you.
UNIX commands and the filesystem
17/09/ Some Simple Commands Here are some simple commands to get you started: ls lists file names (like DOS dir command). who lists users currently logged in. date shows the current time and date. pwd print working directory To shutdown a server (sys admin only) Init 0
17/09/ Files and File Names A file is a basic unit of storage (usually storage on a disk). Every file has a name. Unix file names can contain any characters (although some make it difficult to access the file). Unix file names can be long! how long depends on your specific flavor of Unix
17/09/ File Contents Each file can hold some raw data. Unix does not impose any structure on files files can hold any sequence of bytes. Many programs interpret the contents of a file as having some special structure text file, sequence of integers, database records, etc.
17/09/ Directories A directory is a special kind of file - Unix uses a directory to hold information about other files. We often think of a directory as a container that holds other files (or directories). On Windows, a directory is the same idea as a folder.
17/09/ The Filesystem / binetchometmpusr bobfredbinetc netprogunixX who ls
17/09/ The Filesystem / binetchometmpusr bobfredbinetc netprogunixX who ls Syllabus /users/bob/unix/Syllabus
17/09/ Absolute Pathnames The pathnames described in the previous slides start at the root. These pathnames are called "absolute pathnames". We can also talk about the pathname of a file relative to a directory.
17/09/ Relative Pathnames If we are in the directory /users/bob, the relative pathname of the file Syllabus is: unix/Syllabus Most unix commands deal with pathnames! We will usually use relative pathnames when specifying files.
17/09/ Example: The ls command Exercise: login to a unix account and type the command "ls". The names of the files are shown (displayed) as relative pathnames. Try this: ls /usr ls should display the name of each file in the directory /usr.
17/09/ Disk vs. Filesystem The entire hierarchy can actually include many disk drives. some directories can be on other computers / binetcuserstmpusr bobfred
17/09/ The current directory and parent directory There is a special relative pathname for the current directory:. There is a special relative pathname for the parent directory:..
17/09/ The ls command The ls command displays the names of some files. If you give it the name of a directory as a command line parameter it will list all the files in the named directory.
17/09/ Some things to try ls list files in current directory ls / list files in the root directory ls. list files in the current directory ls.. list files in the parent directory ls /usr list files in the directory /usr
17/09/ Command Line Options We can modify the output format of the ls program with a command line option. The ls command support a bunch of options: l long format (include file times, owner and permissions) a all (shows hidden* files as well as regular files) F include special char to indicate file types. *hidden files have names that start with "."
17/09/ ls command line options To use a command line option precede the option letter with a minus: ls -a or ls -l You can use 2 or more options at the same time like this: ls -al
17/09/ General ls command line The general form for the ls command is: ls [options] [names] The options must come first! You can mix any options with any names. An example: ls -al /usr/bin
17/09/ ls [options] [names] The brackets around options and names in the general form of the ls command means that something is optional. We will see the general form of many commands described in this manner. Some commands have required parameters.
17/09/ Many names You can give the ls command many names: ls /usr /etc ls -l /usr/bin /tmp /etc
17/09/ Moving Around in the Filesystem There cd command can change the current working directory: cd change directory The general form is: cd [directoryname]
17/09/ cd With no parameter, the cd command changes the current directory to your home directory. You can also give cd a relative or absolute pathname: cd /usr cd..
17/09/ Some more commands and command line options ls -R will list everything in a directory and in all the subdirectories recursively (the entire hierarchy). you might want to know that Ctrl-C will cancel a command (stop the command)! pwd : print working directory df : shows what disk holds a directory.
17/09/ Copying Files The cp command copies files: cp [options] source dest The source is the name of the file you want to copy. dest is the name of the new file. source and dest can be relative or absolute.
17/09/ Another form of cp If you specify a dest that is a directory, cp will put a copy of the source in the directory. The filename will be the same as the filename of the source file. cp [options] source destdir
17/09/ Yet another form of cp If you specify more than two names, cp assumes you are using this form:. cp [options] source... destdir In this case cp will copy multiple files to destdir. source... means at least one name (could be more than one)
17/09/ Deleting (removing) Files The rm command deletes files: rm [options] names... rm stands for "remove". You can remove many files at once: rm foo /tmp/blah /users/john/course
17/09/ rm Exercises Try to delete /etc/passwd Try to delete a directory Look at the man page for rm : man rm
17/09/ File attributes Every file has some attributes: Access Times: when the file was created when the file was last changed when the file was last read Size Owners (user and group) Permissions
17/09/ File Time Attributes Time Attributes: when the file was last changed ls -l when the file was created* ls -lc when the file was last read(accessed) ls - ul * actually it’s the time the file status last changed.
17/09/ File Owners Each file is owned by a user. You can find out the username of the file's owner with the "-l" option to ls, Each file is also owned by a Unix group. ls -l also shows the group that owns the file.
17/09/ File Permissions Each file has a set of permissions that control who can mess with the file. There are three kinds of permissions: readabbreviated r writeabbreviated w execute abbreviated x There are separate permissions for the file owner, group owner and everyone else.
17/09/ ls -l > ls -l foo -rw-rw bob grads 13 Jan 10 23:05 foo permissions owner group size time name
17/09/ ls -l and permissions -rwxrwxrwx Owner Group Others Type of file: - means plain file d means directory
17/09/ rwx Files: r - allowed to read. w - allowed to write. x - allowed to execute Directories: r - allowed to see the names of the file. w - allowed to add and remove files. x - allowed to enter the directory
17/09/ Changing Permissions The chmod command changes the permissions associated with a file or directory. There are a number of forms of chmod, this is the simplest: chmod mode file
17/09/ chmod mode file Mode has the following form*: [ugoa][+-=][rwx] u=user g=group o=other a=all + add permission - remove permission = set permission *The form is really more complicated, but this simple version will do enough for now.
17/09/ chmod examples > ls -al foo rwxrwx--x 1 hollingd grads … > chmod g-wx foo > ls -al foo -rwxrw hollingd grads >chmod u-r. >ls -al foo ls:.: Permission denied
17/09/ Other filesystem and file commands mkdir make directory rmdir remove directory touch change file timestamp (can also create a blank file) cat concatenate files and print out to terminal.
17/09/ Some commands worth knowing finger [user name] who and whoami users Lists who is logged in whereis [command name] Checks your path find Find [path] –name [file name] Find / -name whereis Find / -name wh*
17/09/ Some commands worth knowing history ![number in history] head – display top few lines of a file more – operates like man (and supports searching)
17/09/ Job control [command] & Run the command in the background For a running program, ctrl-z stops it (but doesn’t kill it) fg brings a background job into the foreground Jobs list the processes running (stopped or not) from the current shell. bg put a stopped job to run in the background %[job number] bring a stopped job back to the foreground Kill %[job number] kills that job
Managing users on Linux Linux and Windows
User management Adding/Removing Users UNIX: Traditionally, user account details are stored in the /etc/passwd file (/etc/group, /etc/shadow) This file has the format: username:password:uid:gid:comment:home dir:shell one way to get a list of usernames on a system: cut –d: -f1 /etc/passwd Do not edit this file directly, use useradd / userdel / groupadd / groupdel commands
17/09/ useradd (linux) Create a new user or update default new user information useradd [-c comment] [-d home_dir] [-e expire_date] [-f inactive_time] [-g initial_group] [-G group[,...]] [-m [-k skeleton_dir] | -M] [-n] [-o] [-p passwd] [-r] [-s shell] [-u uid] login useradd -D [-g default_group] [-b default_home] [-e default_expire_date] [-f default_inactive] [-s default_shell] The –D option causes system defaults specified in /etc/login.defs to be used for this account creation
17/09/ userdel Delete a user account and related files userdel [-r] login The userdel command modifies the system account files, deleting all entries that refer to login. The named user must exist. The options which apply to the userdel command are: -r Files in the user’s home directory will be removed along with the home directory itself and the user’s mail spool. Files located in other file systems will have to be searched for and deleted manually.
17/09/ groupadd (linux)… Create a new group groupadd [-g gid [-o]] [-r] [-f] group Creates a new group account using the values specified on the command line and the default values from the system. The new group will be entered into the system files as needed. Options: -g gid The numerical value of the group’s ID. This value must be unique, unless the -o option is used. The value must be non- negative. The default is to use the smallest ID value greater than 500 and greater than every other group. Values between 0 and 499 are typically reserved for system accounts.
17/09/ …groupadd (linux) -r instructs groupadd to add a system account. The first available gid lower than 499 will be automatically selected unless the -g option is also given on the command line. -f the force flag. This will cause groupadd to exit with an error when the group about to be added already exists on the system. If that is the case, the group won’t be altered (or added again). Also modifies the way -g option works. When you request a gid that it is not unique and you don’t specify the –o option too, the group creation will fall back to the standard behavior (adding a group as if neither -g or –o options were specified).
17/09/ groupdel (linux) Delete a group groupdel group The groupdel command modifies the system account files, deleting all entries that refer to group. The named group must exist. You must manually check all filesystems to insure that no files remain with the named group as the file group ID.
17/09/ groupdel (linux) Delete a group groupdel group The groupdel command modifies the system account files, deleting all entries that refer to group. The named group must exist. You must manually check all filesystems to insure that no files remain with the named group as the file group ID.
17/09/ Managing Users Whether in the UNIX or Windows (or other) environment, it is best practice to manage users, where possible, on a per-group basis Wherever possible, settings and configurations should be managed on a per- group basis For this reason, the management of group settings is as important in any multi-user environment as is the management of individual settings
17/09/ Managing Groups One approach to the management of groups is a hierarchical approach, whereby the user community is divided into a number of groups based on roles within the organisation In this way, an individual may belong to several groups, each of which may have a different combination of security settings etc. If we can be assured users have only setting which are assigned on a per-group basis, it becomes easier for us to ensure that all users with similar or identical roles are subject to the same rules
17/09/ vi Remember there are two modes insert and command ESC will always get you back to command
17/09/ Basic vi commands a - Append A – Append at the end of the current line i – Insert before the current character I – insert at the start of the current line r – Replace replace one character under the cursor. Specify count to replace a number of characters u - undo the last change to the file. Typing u again will re-do the change. x - delete character under the cursor. The characters will be deleted after the cursor. 5x will delete 5 characters
17/09/ Navigation h : move the cursor to the left one character position. j : move the cursor down one line. k : move the cursor up one line. l : move the cursor to the right one character position.
17/09/ More navigation ^ Move to the beginning of the line. $ Move to the end of the line. w Move to the end of the word. ( Move to the beginning of the sentence. ) Move to the end of the sentence } Move to end of paragraph (defined by a blank line) { Move to start of paragraph Every command can be repeated by putting a number before/after the command 5}, 4{, 5w, …
17/09/ Cutting, Pasting and searching Cut with either delete command or yank (y or Y) command Paste with P – paste before current position p – past after current position Search with /[search pattern] – search from this point on Repeat search with / of n Search pattern is a regular expression /Br*ley, /Br[0-9], /B[rR] …
17/09/ Variations on delete commands d^ deletes from current cursor position to the beginning of the line. d$ deletes from current cursor position to the end of the line. dw deletes from current cursor position to the end of the word. dd deletes a line from current cursor position downwards. d} deletes to end of paragraph. d{ deletes to start of paragraph. Every command can be repeated by putting a number before/after the command 3dd, 5dw, 4d}, d5w, … Works with yank (y/Y) as well
17/09/ Substituting :s/pattern/to_pattern/options :s/Ronan/Robert Find first occasion of Ronan and replace with Robert :s/Ronan/Robert/g Find every occasion of Ronan and replace with Robert
17/09/ Open, save, quit vi [filename1] [filename2] :n will move to the next file you want to edit :w – write the file :q - quit vi, assumes no changes since last save :q! – quit and lose changes :e - close the current file and open another :e! – as :e but lose changes
17/09/ Some options :set all Lists all the options :set tabstop=x Set the number of spaces for each tab :set number Show line numbers :set nonumber Hide line numbers