|
|
||||||||||||||
|
12-05-2020 |
||||||||||||||
|
User
Administration |
||||||||||||||
|
Root – Administrator – super user -
Root user has highest
level of access -
Root user
cannot be renamed -
Never share
root password -
Don’t put
password in chats or text messages -
Root user
access to Company Data |
||||||||||||||
|
Creat a user |
||||||||||||||
|
[root@zmpt01 ~]# useradd terminator The file /etc/passwd gets updated terminator:x:1000:1000::/home/terminator:/bin/bash
|
||||||||||||||
|
[root@zmpt01 ~]# id terminator uid=1000(terminator) gid=1000(terminator)
groups=1000(terminator)
|
||||||||||||||
|
[root@zmpt01 ~]# id 1000 uid=1000(terminator) gid=1000(terminator)
groups=1000(terminator) |
||||||||||||||
|
Switching to regular user from root [root@zmpt01 ~]# su terminator [terminator@zmpt01 root]$ whoami Terminator |
||||||||||||||
|
Set the user password |
||||||||||||||
|
[root@zmpt01 ~]# passwd terminator Changing password for user terminator. New password: BAD PASSWORD: The password fails the
dictionary check - it is based on a dictionary word Retype new password: passwd: all authentication tokens
updated successfully. Note: root user don’t have follow password
restrictions, any password will be allowed |
||||||||||||||
|
Set password as user terminatior |
||||||||||||||
|
[terminator@zmpt01 ~]$ passwd Changing password for user terminator. Changing password for terminator. (current) UNIX password: New password: BAD PASSWORD: The password is too similar to the old one New password: BAD PASSWORD: The password fails the dictionary check - it is
based on a dictionary word New password: Retype new password: passwd: all authentication tokens
updated successfully. |
||||||||||||||
|
Password file - Shadow file |
||||||||||||||
|
[root@zmpt01 ~]# vi /etc/shadow terminator:$6$pF2bCs4Z$Yifb7T/yi5uUkGm9lSpGRWxWPrXR.hwYEqbQkxOQ7npyTJpoTtjV cWfxutdD0W4233i791Ud3Zt7Ec5t1/69C.:18601:0:99999:7:::
|
||||||||||||||
|
Group file |
||||||||||||||
|
[root@zmpt01 ~]# vi /etc/group terminator:x:1000:
|
||||||||||||||
|
Where is all the setting defined for users,
groups and passwords? |
||||||||||||||
|
[root@zmpt01 ~]# vi /etc/login.defs PASS_MAX_DAYS 60 PASS_MIN_DAYS 0 PASS_MIN_LEN 5 PASS_WARN_AGE 7 UID_MIN 3000 UID_MAX 60000 GID_MIN 4000 GID_MAX 60000 |
||||||||||||||
|
[root@zmpt01 ~]# useradd xmen [root@zmpt01 ~]# id xmen uid=3000(xmen) gid=4000(xmen)
groups=4000(xmen) |
||||||||||||||
|
Assigning same password as a another
user |
||||||||||||||
|
[root@zmpt01 ~]# vi /etc/shadow
login as: xmen xmen@192.168.56.250's password: Last login: Sat Dec 5 14:57:51 2020 from 192.168.56.1 |
||||||||||||||
|
Create user manually |
||||||||||||||
|
Copy the existing line and paste in new
line [root@zmpt01 ~]# vi /etc/passwd spiderman:x:5005:6005::/home/spiderman:/bin/bash |
||||||||||||||
|
Create group manually |
||||||||||||||
|
spiderman:x:6005: |
||||||||||||||
|
Create password maually |
||||||||||||||
|
[root@zmpt01 ~]# vi /etc/passwd
|
||||||||||||||
|
Create user home directory manually |
||||||||||||||
|
[root@zmpt01 home]# mkdir spiderman |
||||||||||||||
|
Change the permissions for spiderman
home directory |
||||||||||||||
|
[root@zmpt01 home]# chown
spiderman:spiderman spiderman [root@zmpt01 home]# chown 5005:6005
spiderman Change the permissions either user the
name or the id’s [root@zmpt01 home]# ls -ls total 0 0 drwxr-xr-x. 2 spiderman spiderman
6 Dec 5 15:16 spiderman |
||||||||||||||
|
Login to user spiderman |
||||||||||||||
|
spiderman@192.168.56.250's password: Last login: Sat Dec 5 15:15:37 2020 from 192.168.56.1 -bash-4.2$ pwd /home/spiderman |
||||||||||||||
|
.bashrc - .bash_profile - .bash_history
are missing |
||||||||||||||
|
-bash-4.2$ cp /etc/skel/.bash* . -bash-4.2$ ls -la total 12 drwxr-xr-x. 2 spiderman spiderman 62 Dec
5 15:26 . drwxr-xr-x. 5 root root 53 Dec
5 15:16 .. -rw-r--r--. 1 spiderman spiderman 18 Dec
5 15:26 .bash_log out -rw-r--r--. 1 spiderman spiderman 193
Dec 5 15:26 .bash_pro file -rw-r--r--. 1 spiderman spiderman 231
Dec 5 15:26 .bashrc |
||||||||||||||
|
Difference between root user and
regular user |
||||||||||||||
|
[root@zmpt01 ~]# < --- # root user [spiderman@zmpt01 ~]$ < --- $ regular user |
||||||||||||||
|
SuDO access |
||||||||||||||
|
SuDO = Super User DO Super user access – but not full root
access. -
It allows regular
user to perform taks wich requires admin access |
||||||||||||||
|
User without SuDO access |
||||||||||||||
|
[terminator@zmpt01 ~]$ yum install
firefox -y Loaded plugins: fastestmirror You
need to be root to perform this command. [terminator@zmpt01 ~]$ |
||||||||||||||
|
Informational |
||||||||||||||
|
[root@zmpt01 ~]# visudo ## Allows people in group wheel to run
all commands %wheel
ALL=(ALL) ALL
< --- making
sure wheel group is not commented out |
||||||||||||||
|
Grant Access to SuDO |
||||||||||||||
|
[root@zmpt01 ~]# usermod -aG wheel
terminator [root@zmpt01 ~]# id terminator uid=1000(terminator)
gid=1000(terminator) groups=1000(terminator),10(wheel) usermod -aG wheel terminator
|
||||||||||||||
|
Run sudo commands |
||||||||||||||
|
[terminator@zmpt01 ~]$ sudo yum install
firefox -y [sudo] password for terminator: Successfully completed Complete! |
||||||||||||||
|
Switch to root |
||||||||||||||
|
[terminator@zmpt01 ~]$ sudo su - Last login: Sat Nov 28 17:01:34 EST 2020
from 192.168.56.1 on pts/0 [root@zmpt01 ~]# |
