Presentation is loading. Please wait.

Presentation is loading. Please wait.

Linux Users and Groups Management

Published byΦαίδρα Ακρίδας Modified over 5 years ago

Similar presentations

Presentation on theme: "Linux Users and Groups Management"— Presentation transcript:

1 Linux Users and Groups Management

2 Introduction Ubuntu Linux uses groups to help you manage users, set permissions on those users, and even monitor how much time they are spending in front of the PC. Normally Linux computers have two user accounts—your own user account, and the root account, which is the super user that can access everything on the PC, make system changes, and administer other users. Ubuntu works a little differently, though—you can’t login directly as root by default, and you use the sudo command to switch to root-level access when you need to make a change.

3 How Linux User Accounts Work
Linux stores a list of all users in the ‘/etc/groups’ file. You can run this command in the Terminal to to view and edit the groups and users in your system: sudo nano /etc/groups

4 How Linux User Accounts Work
Username Password By default, all user home directories are created and maintained in the /home directory. However, the root user’s home directory is /root

5 User Accounts storage Local This option stores user accounts in the /etc/passwd file. This has been the default configuration used by Linux systems for many years. /etc/passwd This file contains the user account information for your system. /etc/shadow This file contains passwords for your user accounts. /etc/group This file contains your system’s groups

6 The Superuser By default, one account has elevated privileges to issue any command, access any file, and perform every function Superuser, a.k.a. root User and group number 0

7 The Superuser Must limit use of root Limit what root can do remotely
Inexperienced users can cause serious harm Use of root for non-privileged tasks unnecessary and can be open to attack Security and privacy violations – root can look at anyone’s files Limit what root can do remotely Ensure a strong password

8 Superuser Privileges What usually works best is short periods of superuser privilege, only when necessary Obtain privileges, complete task, relinquish privileges Most common ways are su and sudo Can also use the setuid/setgid method, but not recommended

9 su Short for substitute or switch user Syntax: su [options] [username]
If username is omitted, root is assumed After issuing command, prompted for that user’s password A new shell opened with the privileges of that user Once done issuing commands, must type exit

10 sudo Allows you to issue a single command as another user
Syntax: sudo [options] [-u user] command Again, if no user specified, root assumed New shell opened with user’s privileges Specified command executed Shell exited

11 sudoers Must configure a user to run commands as another user when using sudo Permissions stored in /etc/sudoers Use utility visudo to edit this file (run as root) Permissions granted to users or groups, to certain commands or all, and with or without password being required

12 Other permissions models
Some Linux distributions such as Ubuntu obscure away the root account altogether By default the end user doesn’t know the root password Can’t login as root Can’t su Must rely on sudo (and the graphical gksudo) to obtain privilege, along with ‘Unlock’ functions in GUI

13 Creating and Managing User Accounts
Using useradd Using passwd Using usermod Using userdel

14 Using useradd Syntax: useradd options username example: useradd ken
ken account is created using the default parameters contained in the following configuration files: /etc/default/useradd /etc/login.defs This file contains values that can be used for the GID and UID parameters when creating an account with useradd. It also contains defaults for creating passwords in /etc/shadow.

15 Using userdel Syntax: userdel username example: userdel ken
It’s important to note that, by default, userdel will not remove the user’s home directory from the file system. If you do want to remove the home directory when you delete the user, you need to use the –r option in the command line. For example, entering userdel –r ken will remove the account and delete her home directory.

16 Group:Password:GID:Users
Managing groups Using groupadd Using groupmod Using groupdel groups are defined in the /etc/group file. Each record is composed of the following four fields: Group:Password:GID:Users Group Specifies the name of the group. In the example above, the name of the group is video. Password Specifies the group password.

17 Managing groups GID Specifies the group ID (GID) number of the group.
Users Lists the members of the group. As with /etc/shadow, each line in /etc/gshadow represents a record for a single group. Each record is composed of the following fields: Group_Name:Password:Group_Admins:Group_Members

18 groupadd options groupname
Using groupadd Syntax: groupadd options groupname Options: –g Specifies a GID for the new group. –p Specifies a password for the group. –r Specifies that the group being created is a system group

19 Using groupdel Syntax: groupdel group_name example: groupdel student

20 Managing ownership Anytime a user creates a new file or directory, his or her user account is assigned as that file or directory’s “owner.” For example, suppose the ken user logs in to her Linux system and creates a file named linux_introduction.odt using OpenOffice.org in home directory. Because she created this file, ken is automatically assigned ownership of linux_introduction.odt.

21 How ownership works Using chown Using chgrp
You can specify a different user and/or group as the owner of a given file or directory. To change the user who owns a file, you must be logged in as root. To change the group that owns a file, you must be logged in as root or as the user who currently owns the file. Using chown Using chgrp You can also view file ownership from the command line using the ls –l command

22 chown ken1 /tmp/myfile.txt
Using chown The chown utility can be used to change the user or group that owns a file or directory. Syntax chown user.group file or directory. Example: If I wanted to change the file’s owner to the ken1 user, I would enter chown ken1 /tmp/myfile.txt If I wanted to change this to the users group, of which users is a member, I would enter chown .users /tmp/myfile.txt Notice that I used a period (.) before the group name to tell chown that the entity specified is a group, not a user account. Ex: chown student.users /tmp/myfile.txt Note: You can use the –R option with chown to change ownership on many files at once recursively.

23 Using chgrp In addition to chown, you can also use chgrp to change the group that owns a file or directory. Syntax: chgrp group file (or directory)‏ Example: chgrp student /tmp/newfile.txt.

24

25 You are free: to Share — to copy, distribute and transmit the work to Remix — to adapt the work to make commercial use of the work Under the following conditions: Attribution — You must attribute the work in the manner specified by the author or licensor (but not in any way that suggests that they endorse you or your use of the work). Share Alike — If you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one. This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. 18/09/2018

Download ppt "Linux Users and Groups Management"

Similar presentations

Unit 5 – User Administration Randy Marchany VA Tech Computing Center.

Unit 5 – User Administration Randy Marchany VA Tech Computing Center.
Linux Users and Groups Management

Linux Users and Groups Management
Linux File & Folder permissions. File Permissions In Ubuntu, files and folders can be set up so that only specific users can view, modify, or run them.

Linux File & Folder permissions. File Permissions In Ubuntu, files and folders can be set up so that only specific users can view, modify, or run them.
1 CSE 390a Lecture 4 Persistent shell settings; users/groups; permissions slides created by Marty Stepp, modified by Jessica Miller

1 CSE 390a Lecture 4 Persistent shell settings; users/groups; permissions slides created by Marty Stepp, modified by Jessica Miller
User Account Management WeeSan Lee. Roadmap Add An Account Delete An Account /etc/{passwd,shadow} /etc/group How To Disable An Account? Root Account Q&A.

User Account Management WeeSan Lee. Roadmap Add An Account Delete An Account /etc/{passwd,shadow} /etc/group How To Disable An Account? Root Account Q&A.
User Accounts and Permissions Chapter IV / Part II.

User Accounts and Permissions Chapter IV / Part II.
CS 497C – Introduction to UNIX Lecture 15: - File Attributes Chin-Chih Chang

CS 497C – Introduction to UNIX Lecture 15: - File Attributes Chin-Chih Chang
SUSE Linux Enterprise Server Administration (Course 3037) Chapter 2 Manage User Access and Security.

SUSE Linux Enterprise Server Administration (Course 3037) Chapter 2 Manage User Access and Security.
Lecture 02CS311 – Operating Systems 1 1 CS311 – Lecture 02 Outline UNIX/Linux features – Redirection – pipes – Terminating a command – Running program.

Lecture 02CS311 – Operating Systems 1 1 CS311 – Lecture 02 Outline UNIX/Linux features – Redirection – pipes – Terminating a command – Running program.
Linux+ Guide to Linux Certification, Second Edition

Linux+ Guide to Linux Certification, Second Edition
Linux File Security. What is Permission ? Specifies what right are granting to users to access the resources available in the computer. So that important.

Linux File Security. What is Permission ? Specifies what right are granting to users to access the resources available in the computer. So that important.
1. This presentation covers :  User Interface Administration  Files System and Services Management 2.

1. This presentation covers :  User Interface Administration  Files System and Services Management 2.
Introduction to Linux Installing Linux User accounts and management Linux’s file system.

Introduction to Linux Installing Linux User accounts and management Linux’s file system.
Guide to Linux Installation and Administration, 2e1 Chapter 8 Basic Administration Tasks.

Guide to Linux Installation and Administration, 2e1 Chapter 8 Basic Administration Tasks.
Unix System Administration Rootly Powers Chapter 3.

Unix System Administration Rootly Powers Chapter 3.
Managing User Accounts. Module 2 – Creating and Managing Users ♦ Overview ► One should log into a Linux system with a valid user name and password granted.

Managing User Accounts. Module 2 – Creating and Managing Users ♦ Overview ► One should log into a Linux system with a valid user name and password granted.
Internet of Things with Intel Edison Compiling and running Pierre Collet Intel Software.

Internet of Things with Intel Edison Compiling and running Pierre Collet Intel Software.
File Permissions. What are the three categories of users that apply to file permissions? Owner (or user) Group All others (public, world, others)

File Permissions. What are the three categories of users that apply to file permissions? Owner (or user) Group All others (public, world, others)
Adding New Users User as an entity - username(UID), GID. UID - typically a number for system to identify the user. GID – a number that recognizes a set.

Adding New Users User as an entity - username(UID), GID. UID - typically a number for system to identify the user. GID – a number that recognizes a set.
IT2204: Systems Administration I 1 6b). Introduction to Linux.

IT2204: Systems Administration I 1 6b). Introduction to Linux.

Similar presentations

Ads by Google