IT2204: Systems

Administration I

1

6b).6b).

Introduction to Linux

2

Supplementary notes on accounts and Logging

More on Accounts and Logging

• Account manipulation is a common task for System Administrators:

• Files and commands

• Account information is stored in two main files:

– /etc/passwd – /etc/group

To view contents of the passwd or group files:– $ cd /– $ cd ect– $ cat passwd

3

/etc/passwd file

• Stores most of the details of user accounts. Each line of this file represents one account and has seven fields, separated by colons (':'). For example for user 'John M‘

• username:password:uid:gid:gecos:homedir:shell

• johnm:aljgLashGEDygC:5432:100:John M:/home/johnm:/bin/csh

• A description of each of the seven fields appears in the figure below. The file is globally accessible, which is necessary for commands like ‘ls’ which use the /etc/passwd file to display a username instead of a numerical user id when listing the contents of a directory.

4

/etc/passwd fields

5

/etc/group file

• Is similar to the '/etc/passwd' file. It stores information about groups. Every file on the system is associated with a particular group. In addition, every user on the system is associated with at least one group (their primary group). All files created by a user are associated with one of the user’s groups.

• Each line in /etc/group represents one group and has four fields, separated by colons (':'). For example, for the staff group:

• staff:*:50:janedoe,bill

• group ‘staff’ has a group identifier of 50. The fields of the /etc/group file are explained in the figure below.

6

/etc/group fields

7

/etc/shadow file

• The shadow password file stores encrypted passwords Some systems also support an ‘/etc/gshadow’ file to shadow the passwords in /etc/group.

• If shadow passwords are enabled, then the ‘passwd’ command is automatically aware of this fact, and stores passwords in /etc/shadow automatically (as will gpasswd on those systems which support it.)

8

Account creation/manipulation-1

Creating an account:

• Select a unique username and user id for the new account, eg ‘dcs2’. Any unused user id could be used, such as 10, 000.

• Decide which groups the account will be a member of, and which of these will be the primary group. e.g. ‘dcs2’ a member of the group ‘users’ (which we will assume has group id 100) and ‘student ’ (group id 50) with 'users' being the primary group.

• Decide where the account’s home directory will be, and what the login shell will be. A common is the ‘/home’ directory. '/home/dcs2' will suffice and we shall assign them the standard shell ‘/bin/sh’.

9

Account creation/manipulation-2

• Edit the /etc/passwd and /etc/group files appropriately.

• The passwd field for the account should have a ‘*’ in it. It will be changed later using the passwd command. We add the following line to the /etc/passwd file:

dcs2:*:10000:100:dcs2:/home/dcs2:/bin/sh

• and we would need to add the name `dcs2’ to the list of members for the group ‘student ’ in the ‘/etc/group’ file. For example

student:*:50:bscs2,dcs2 10

Account creation/manipulation-3

• Use the passwd command to give the account a password. In this case the command we want is

passwd dcs2

• Create a home directory for the account using the ‘mkdir’ command. In this case the command we want is

mkdir /home/dcs2

11

Account creation/manipulation-4

• Place any default configuration files that are necessary in the home directory. Typically a new account will contain configuration files for the login shell, ‘.profile’ for example.

• Change the owner and group of the home directory and any files within it, using the ‘chown’ and ‘chgrp’ commands. Also set the permissions for the home directory (and any files in it) using the ‘chmod’ command. In this case

chown -R dcs2 /home/dcs212

Account creation/manipulation-5

Remove/ delete an account:

• Change the passwd of the account, so the user can no longer log in, and ensure that the user is not logged in. The command is

passwd dcs2

• Remove the account’s home directory, and the files within it. The following command is used:

rm -r /home/dcs2

13

Account creation/manipulation-6

Remove/ delete an account:

Remove any files associated with the account, such as the mail file. Unfortunately it is sometimes possible for files belonging to the account to remain in well hidden locations. Use

find / -user dcs2

14

Account creation/manipulation-7

• Remove the entry for the account from the

‘/etc/passwd’ file.

Disable an account:

• Care must be taken or access to some services will still be possible from a disabled account.

• A common method for disabling an account is to change the login shell to a so-called ‘tail script’ which explains to the user why their account is disabled. Here is an example of such a script:

#!/usr/bin/tail +3

Your account has been disabled because ...

Logging

• Log files are used to store information about what happens on the system.

• For example, the log file might store the date and time when each user logs in or out of the system. This can be useful in tracking security violations, because an administrator can tell who was logged in when the violation occurred. Unfortunately, even modern hard disks only have a finite amount of space, so log files must be correctly managed or they will gradually consume all available space on the disk.16

17

Qn:

How can log files be viewed in:

1.Windows 2.Ubuntu?

Q & AQ & A