Which file contains information about password policies such as expiry date, modification date, etc?
Which tool will change password policies?
The content of which directory is copied across to the home directory of a newly created user?
In which file are default values such as the
MAX_UIDorPASS_MAX_AGEset?Which tool will create a
shadowfile if it doesn't exist yet?
| File | Description |
|---|---|
/etc/group | contains the names of all the groups on the system |
/etc/gshadow | contains (optionally) passwords associated to a group |
/etc/login.defs | contains predefined values needed when adding a new user such as the minimum and maximum UID and GID, the minimum password length, etc |
/etc/passwd | passwd(5). a text file that contains a list of the systems accounts, giving for each account some useful information like user ID, group ID, home directory, shell, etc. Often, it also contains the encrypted passwords for each account. It should have general read permission (many utilities, like ls(1) use it to map user IDs to user names), but write access only for the superuser |
/etc/shadow | shadow(5) contains the encrypted password information for user's accounts and optional the password aging information |
/etc/skel/ | directory containing files and directories to be copied into the home directory of every newly created user |
| Commands | Description |
|---|---|
| chage | changes a user's password expiry information |
| gpasswd | administer the /etc/group file |
| groupadd | add a new group to the system |
| groupmod | modify an exiting group |
| groups | print out all the groups a user belongs to |
| id | print out the UID as well as the GIDs of all the groups a user belongs to |
| passwd | change the password for an account |
| useradd | add a new user to the system |
| usermod | modify an existing user account |
Creating users
Create a group called
develwith GID550groupadd -g 550 devel
Use adduser to create a user called
tuxwith user ID600and additional group ID550useradd -u 600 -G 550 -m tux
![[Note]](images/note.png)
Note the
-Gflag addstuxto the group with GID550as an additional group (other thanusersortux)Use usermod to change this user's home directory.
usermod -d /home/newtux/ -m tux
Does the new directory need to be created? (Hint: check the effect of the
-mflag)Is the content of
/etc/skelcopied to the new directory?Use usermod to change
tuxto the groupwheel.usermod -G devel,wheel tux
Note If a comma separated list of groups is not given, the user will be assigned to a single extra group. The gpasswd tool will add users to additional groups (see Working with groups below)
Working with groups
Create a group called sales using groupadd.
groupadd sales
Add
tuxto this group using gpasswd.gpasswd -a tux sales
Login as
tux. Use groups to list the groups you belong to. Join the groupsalesusing newgrp and list the groups you belong to (once again).Conifiguration files
Add a user to the system by editing
/etc/passwd,/etc/groupand/etc/shadow. Create a group calledshareand add the usertuxto this group by manually editing/etc/groupModifying an Account
Change the expiry date for user
tux's account using usermod.Lock the user's account. (Use tools or edit
/etc/shadow)Prevent the user from logging in by changing the user's default shell to
/bin/falseChange the
PASS_MAX_DAYSfor user tux to1in/etc/shadowChanging default settings
Use useradd
-Dto change the system's default settings such that every new user will be assigned/bin/shinstead of/bin/bash. (Notice that this will change the file in/etc/defaults/)Edit
/etc/login.defsand change the defaultPASS_MAX_DAYSso that new users need to change their password every 5 days