Diary of System Admin: 2013

Monday, August 12, 2013

CIFS UNMOUNT - This utility only unmounts cifs filesystems

Today, I faced the issue while unmounting the windows share from linux box and,
I got below Errrooooorr...

This utility only unmounts cifs filesystems

Here is the list of steps that is followed....

1. Remove the entry from /etc/mtab file. (This file is referred by the df command.)
2. And correct the entry in /etc/fstab.
3. Then use
# mount –a
4. Verify the mount.
# mount
# df –h
# cat /proc/mounts <-- Verify that the old entry is not listed in this file.

Wednesday, July 10, 2013

Linux File system

What is a UNIX/Linux File system?
A UNIX file system is a collection of files and directories stored. Each file system is stored in a separate whole disk partition. The following are a few of the file system:

/ - Special file system that incorporates the files under several directories including /dev, /sbin, /tmp etc
/usr - Stores application programs
/var - Stores log files, mails and other data
/tmp - Stores temporary files

Exploring Linux File System Hierarchy

A typical Linux system has the following directories:

/ : This is the root directory.
/bin : This directory contains executable programs which are needed in single user mode and to bring the system up or repair it.
/boot : Contains static files for the boot loader. This directory only holds the files which are needed during the boot process.
/dev : Special or device files, which refer to physical devices such as hard disk, keyboard, monitor, mouse and modem etc
/etc : Contains configuration files which are local to the machine. Some larger software packages, like Apache, can have their own subdirectories below /etc i.e. /etc/httpd. Some important subdirectories in /etc:
/home : Your sweet home to store data and other files. However in large installation yhe structure of /home directory depends on local administration decisions.
/lib : This directory should hold those shared libraries that are necessary to boot the system and to run the commands in the root filesystem.
/lib64 : 64 bit shared libraries that are necessary to boot the system and to run the commands in the root filesystem.
/mnt : This directory contains mount points for temporarily mounted filesystems
/opt : This directory should contain add-on packages such as install download firefox or static files
/proc : This is a mount point for the proc filesystem, which provides information about running processes and the kernel.
/root : This directory is usually the home directory for the root user.
/sbin : Like /bin, this directory holds commands needed to boot the system, but which are usually not executed by normal users, root/admin user specific commands goes here.
/tmp : This directory contains temporary files which may be deleted with no notice, such as by a regular job or at system boot up.
/usr : This directory is usually mounted from a separate partition. It should hold only sharable, read-only data, so that it can be mounted by various machines run ning Linux (useful for diskless client or multiuser Linux network such as university network). Programs, libraries, documentation etc. for all user-related programs.
/var : This directory contains files which may change in size, such as spool and log files.
/lost+found : Every partition has a lost+found in its upper directory. Files that were saved during failures are here, for e.g ext2/ext3 fsck recovery.
/etc/skel : When a new user account is created, files from this directory are usually copied into the user’s home directory.
/etc/X11 : Configuration files for the X11 window system.
/etc/sysconfig : Important configuration file used by SysV script stored in /etc/init.d and /etc.rcX directories
/etc/cron.* : cron daemon configuration files which is used to execute scheduled commands

Common Linux log files name and usage
* /var/log/message: General message and system related stuff
* /var/log/auth.log: Authenication logs
* /var/log/kern.log: Kernel logs
* /var/log/cron.log: Crond logs (cron job)
* /var/log/maillog: Mail server logs
* /var/log/qmail/ : Qmail log directory (more files inside this directory)
* /var/log/httpd/: Apache access and error logs directory
* /var/log/lighttpd: Lighttpd access and error logs directory
* /var/log/boot.log : System boot log
* /var/log/mysqld.log: MySQL database server log file
* /var/log/secure: Authentication log
* /var/log/utmp or /var/log/wtmp : Login records file
* /var/log/yum.log: Yum log files

Go to /var/logs directory:#
$cd /var/logsView common log file /var/log/messages using any one of the following command:
$ tail -f /var/log/messages
$ less /var/log/messages
$ more -f /var/log/messages
$ vi /var/log/messagesOutput:

File Type field: The first character in the ls -l command field indicates a file type of one of the following:
* d = directory.
* l = symbolic link.
* s = socket – sockets are special files offering a type of network interface.
* p = named pipe – handling other programme other than kernel driver.
* - = regular file.
* c= character (unbuffered) device file special.
* b=block (buffered) device file special.
* D=door A door is a special file for inter-process communication between a client and server.

Linux File Permissions

File permissions are assigned to:
1. the owner of a file
2. the members of the group the file is assigned to
3. all other users
4. Permissions under Linux are configured for each file and directory.

There are three levels of permissions:
1. The permissions that apply to the owner of the file. The owner of a file is by default the user that created the file1.
2. The permissions that apply to all members of the group that is
associated with the file.
3. The permissions that apply to all other users on the system.
4. Permissions can only be changed by the owner, and root of course.

For a file, these permissions mean the following:

read allow the user to read the contents of the file, for instance with cat or less.
write allow the user to modify the contents of the file,for instance with vi.
execute allow the user to execute the file as a program, provided that the file is indeed an executable program (such as a shell script).

For a directory, these permissions have a slightly different meaning:

read allow the user to view the contents of the directory, for instance with ls.
write allow the user to modify the contents of the directory. In other words: allow the user to create and delete files, and to modify the names of the files. Note: Having write permissions on a directory thus allows you to delete files, even if you have no write permissions on that file!
execute allow the user to use this directory as its current working directory. In other words: allow the user to cd into it.

r - read
w - write
x – execute
• u for the owner (user) of the file
• g for the group assigned to the file
• o for all other users
• a for all (owner+group+others)

<operator> can be:
• + to add permissions
• - to delete permissions
• = to clear all permissions and set to the permissions specified

Symbolic way
$ useradd sachin
$ passwd sachin
$ useradd dhoni
$ passwd dhoni
$ groupadd market;usermod –G market dhoni
$ useradd shewag
$ passwd shewag
$ groupadd market;usermod –G market shewag
$ mkdir /opt/perm/;touch /opt/perm/file{1..6}
$ mkdir /opt/perm/{data1,data2}
$ cd /opt/perm
$ ll –d data1
drwxr-xr-x 2 root root 4096 Jul 29 20:15 data1
$ chown sachin data1
$ ll –d data1
$ chgrp market data1
$ ll –d data1
$ chmod u-w data1
$ ll –d data1
$ chmod g+w data1
$ ll –d data1
$ chmod o+w,o-rx data1
$ ll –d data1
$ ll –d data2
drwxr-xr-x 2 root root 4096 Jul 29 20:15 data2
$ chown –Rv sachin.market data2
$ ll –d data2
$ chmod u-rwx data2
$ ll –d data2
$ chmod g+w,g-x data2
$ ll –d data2
$ chmod –Rv o+w,o-r data2
$ ll –d data2
Octal way
$ ll file1
-rw-r--r—- 1 root root 0 Jul 29 20:15 file1
$ chmod 777 file1
$ ll file1
$ chmod 666 file2
$ ll file1
$ chmod 467 file3
$ ll file1
$ chmod 541 file4
$ ll file1
$ chmod 724 file5
$ ll file1
$ chmod 000 file6
$ chmod 0 file6

This table shows what numeric values mean:
Octal
Digit Text Binary Meaning
-----------------------------------------------------

0 --- 000 All types of access are denied
1 --x 001 Execute access is allowed only
2 -w- 010 Write access is allowed only
3 -wx 011 Write and execute access are allowed
4 r-- 100 Read access is allowed only
5 r-x 101 Read and execute access are allowed
6 rw- 110 Read and write access are allowed
7 rwx 111 Everything is allowed

-------------------------X0X--------------------------
Read more- UMASK

Tuesday, July 9, 2013

free - Memory Monitoring

$ free –m
$ free –c 5 –s 3
$ free -m

total used free shared buffers cached
Mem : 1003 981 22 0 91 688
-/+ buffers/cache: 201 802
Swap: 1058 0 1058

As you can see, my system has 1 GB of ram and 981 MB are in use leaving 22MB free. If you look at the cached column, it shows 688 MB free. This is a good thing as cached memory is basically free memory. This is where programs a user may have used earlier and then quit are stored, just on the off chance that the user might start up the program again. On the other hand, if the user starts up a new program, this cache can be replaced for the new program that is running. It should be mentioned that the caching works not just for recently loaded programs but also for data, i.e. recently used files and directories. Program loading is just a special case of loading a file.

The -/+ buffers/cache section is will show you what is really going on. In my example, it shows that only 201 MB are in use and that 802 MB are free. The rest is just cached.

What a user really needs to worry about is that last line. If you start seeing the swap file go into use that means that you are out of free ram and you are now using space on your hard disk to help out. If this starts happening, the best thing to do is run the top command and see what is taking up all the memory. Then, if it is an unneeded program, shut it down.

PATH - An Environmental Variable

PATH is an environmental variable in Linux and other Unix-like operating systems that tells the shell which directories to search for executable files (i.e., ready-to-run programs) in response to commands issued by a user. It increases both the convenience and the safety of such operating systems and is widely considered to be the single most important environmental variable.
Environmental variables are a class of variables (i.e., items whose values can be changed) that tell the shell how to behave as the user works at the command line (i.e., in a text-only mode) or with shell scripts (i.e., short programs written in a shell programming language). A shell is a program that provides the traditional, text-only user interface for Unix-like operating systems; its primary function is to read commands that are typed
in at the command line and then execute (i.e., run) them.

Practical - Setting Path

Login as root

$id
$echo $PATH
$useradd john
$passwd john
$su - john
$id

Verify john's PATH

$echo $PATH

you cant find :/sbin:/usr/sbin so u cant run cmnd's fdisk, shred under the same.

$fdisk -l

will get command not found.

So u can set path, but it's temporary for the shell.

$PATH=$PATH=:/sbin:/usr/sbin

To set under environment run

$export PATH

For permanent you can locate the above two cmnds under /etc/profile file, which run's always after login.
Now chk you will get the above added dir under john’s path.

$echo $PATH

Now try

$ fdisk -l

Note-: The cmd is executed but fdisk binary will work only by uid 0(root), bcoz it's programmed like that.
So search for the cmd in /sbin & /usr/sbin , which can run by other uid's.
Now create a testscript under /opt and execute the script

$vi /opt/testscript
#Append the following
echo “ THIS IS MY SCRIPT”
#Save
$cd /opt

set execute permisson

$chmod +x /opt/testscript
$./testscript # (./ means current path execution)

But what if u want to run the script from any other directories under your filesystem hiriearchy.
Then set the /opt dir to the users path as mentioned above or copy the script under the following PATH . (which is already set)
set.
For eg-:

$PATH=$PATH:/opt
$cd /
$testscript

or

$cp /opt/testscript /bin or /usr/local/bin etc...

Now try running the script

$cd /
$testscript

Symlinks & Hardlinks

Files are arranged in directories (or folders if you prefer that term), and each file can be reached through a series of directories and subdirectories from the root - correct? Yes ... BUT ... there are some times that the same file can be reached through several names, and on Unix and Linux systems this is known as a "link". There are two ways a link can be set up.

Hard Link

A Hard Link is where a file has two names which are both on an equal weighting, and both of the file names in the "inode table" point directly to the blocks on the disc that contain the data. See diagram to the left.
You set up a hard link with an ln command without options - if the file ab.txt already exists and you want to give an additional name (hard link) to it, you'll write

#ln ab.txt cd.txt

and then both names will have equal ranking. The only way you'll know that there's a link there is by doing a long listing and you'll see a link count of 2 rather than 1, and if you need to find out what's linked to what, use the -i option to ls.

Symbolic Link

A Symbolic Link is where a file has one main name, but there's an extra entry in the file name table that refers any accesses back to the main name. This is slighly slower at runtime that a hard link, but it's more flexible and much more often used in day to day admin work. Symbolic links are set up using the ln command with the -s option - so for example

#ln -s ab.txt cd.txt

will set up a new name cd.txt that points to the (existing) file ab.txt. If you do a log listing (ls -l) of a directory that contains a symbolic link, you'll be told that it's a symbolic link with an "l" in the first column, and you'll be told where the file links to in the file name column. Very easy to spot!
Soft Links(Symbolic Links) :
1. Links have different inode numbers.
2. ls -l command shows all links with second column value 1 and the link points to original file.
3. Link has the path for original file and not the contents.
4. Removing soft link doesn't affect anything but removing original file the link becomes dangling link which points to nonexistant file.

In Softlink Inode is diff and the linked file will b a shortcut of first file

Hard Links :

1. All Links have same inode number.
2. ls -l command shows all the links with the link column(Second) shows No. of links.
3. Links have actual file contents
4. Removing any link just reduces the link count but doesn't affect other links.

In Hardlink Inode is same and both are independent Soft link can create directories but hard link can't. Hard links created within that particular file system but soft link cross that file system
Hard links canot cross partition.
A single inode number use to represent file in each file system. All hard links based upon inode number.
So linking across file system will lead into confusing references for UNIX or Linux. For example, consider following scenario

* File system: /home
* Directory: /home/alex
* Hard link: /home/alex/file2
* Original file: /home/alex/file1
Now you create a hard link as follows:
$ touch file1
$ ln file1 file2
$ ls -l
Output:
-rw-r--r-- 2 alex alex 0 2006-01-30 13:28 file1
-rw-r--r-- 2 alex alex 0 2006-01-30 13:28 file2

Now just see inode of both file1 and file2:

$ ls -i file1
782263
$ ls -i file2
782263

As you can see inode number is same for hard link file called file2 in inode

table under /home file system. Now if you try to create a hard link for /tmp file system it will lead to confusing references for UNIX or Linux file system.
Is that a link no. 782263 in the /home or /tmp file system? To avoid this problem UNIX or Linux does not allow creating hard links across file system boundaries.

Monday, July 8, 2013

Umask - User Mask

New files should not be created with 666! To avoid this problem a
permission mask exists. It is obviously important to know with what permissions new files and directories are created. Under Linux, it’s not really easy to tell, since the default permissions can be modified by setting a umask (with the umask command).
If no umask were set (which never happens, by the way), a file would always be created with permissions 666 (rw-rw-rw-) and a directory would get 777(rwxrwxrwx). In actual practice however, a umask is set, and this number is subtracted from these permissions.
So, with a umask of 022, the default permissions for a file will become 644 (rw-r--r--, 666-022) and the default permissions for a directory will become 755(rwx-r-xr-x, 777-022).
The default umask depends on your distribution, and whether your
distribution uses something called “User Private Groups”.

• Red Hat assigns a umask of 002 to regular users, and 022 to root.
• SUSE assigns a umask of 022 to all users, including root.
- What is your current default permission (umask)
- How do you set your default permission?
- Umask defines what permissions, in octal, cannot be set
- Umask stands for user file creation mode mask
- In essence, system sets the default permission on the file and directory
- If i would have no "umask:, the default permission on the file would be "777"
- Usually set in a login script
- it is the inverse of the normal octal permissions
- "umask -S" shows your umask in symbolic form
- linux removes the "x" permissions (or the 1) so 777 is the same as 666
- here are the common umask values:
--> 000 = full access (r+w) to everyone, or 666
--> 006 = no access to other, or 660
--> 022 = full access (r+w) to user and r to g and 0, or 644
--> 066 = full access (r+w) to user and no access to g + o, or 600 - Normally, you can subtract from 666 but be very careful as it may be 777.
In Fedora Linux, it is 666 but lets test it out...

--> View the current umask setting

$umask

--> shows your umask in symbolic form

$ umask -S

- Umask on directory should be subtract from 777

777
- 022
------
755

System-wide umask for all users in /etc/profile
Individual umask in $HOME/.bash_profile or $HOME/.profile
Default value of umask is:
For root 022
For user 002 (if user private groups are used) or 022 (otherwise)
The umask specifies what permission bits will be set on a new file when it is created. The umask is an octal number that specifies the which of the permission bits will not be set.

On Task

I
change Symbolic way
1.Give 704 to abc file
2.Give 417 to abc file
3.Give 006 to abc file
4.give 707 to abc file

II
change Octal way
1.change to octal mode r-xrw-r-x to abc chmod 565
2.change to octal mode --xr-xr-- to abc chmod 154
3.change to octal mode rw----rwx to abc chmod 607
4.change to octal mode ---r-x--- to abc chmod 050

III
symbolic way
1.change r-xrw-r-x to rw--wxrwx to abc chmod u+w,u-x,g-r,g+x,o+w
2.change --xr-xr-- to rwxrwxrw- to abc chmod u+rw,g+w,o+w
3.change rw----rwx to --x----wx to abc chmod u-rw,u+x,o-r
4.change ---r-x--- to rwx-w-rwx to abc chmo u+rwx,g-rx,g+w,o+rwx

FSTAB - One of the most important file

FSTAB is 9th out of the 10 most critical and important configuration files which is stored in /etc directory, where all the configuration files are stored.

FSTAB stands for "File System TABle" and this file contains
information of hard disk partitions and removeable devices in the system.
It contains infor-mation of where the partitions and removeable devices are mounted and which device drivers are used for mounting them, which filesystem they are using and what permissions are assigned to them.
The file FSTAB contains descriptive information about the various file systems. fstab is only read by programs, and not written; it is the duty of the system administrator to properly create and maintain this file. Each filesystem is described on a separate line; fields on each line are separated by tabs or spaces. Lines starting with '#' are comments. The order of records in fstab is important because fsck, mount, and umount sequentially iterate through fstab doing their thing.

Example of a FSTAB file content :
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
LABEL=/ / ext3 defaults 1 1
LABEL=/boot /boot ext3 defaults 1 2
none /dev/pts devpts gid=5,mode=620 0 0
LABEL=/home /home ext3 defaults 1 2
none /proc proc defaults 0 0
none /dev/shm tmpfs defaults 0 0
LABEL=/tmp /tmp ext3 defaults 1 2
LABEL=/u01 /u01 ext3 defaults 1 2
LABEL=/usr /usr ext3 defaults 1 2
LABEL=/var /var ext3 defaults 1 2
/dev/hda6 swap swap defaults 0 0
/dev/cdrom /mnt/cdrom udf,iso9660 noauto,ro 0 0
/dev/fd0 /mnt/floppy auto noauto,owner,kudzu 0 0
/dev/sda1 /mnt/usb_hdd vfat noauto 0 0
\________/ \___________/ \_________/ \____________/ \_/ \_/
| | | | | |
1st 2nd 3rd 4th 5th 6th

There are total six columns in the fstab file separated by spaces or tabs. Each column holds different information about the device. For adding any new device add a fresh row. Each row stands for a partition or removeable device in the system.

1st Column :
~~~~~~~~~~
The first column contains the partitions's label, eg. "LABEL=/boot" or driver's path, eg. "/dev/cdrom". Device driver's path tells the system to mount the device with the mentioned device driver.

2nd Column :
~~~~~~~~~~
The second field (fs_file) describes the mount point for the
filesystem.For swap partitions, this field should be specified as `none'.
If the name of the mount point contains spaces these can be escaped as `\040'.
The second column shows the mount point specified for a device in the fstab file. The mount points actually is the directory where that particular device (mentioned in the first column) will be mounted and through which we can view and modify the content of that partition. You can change the default mount point listed in the column, if you are not satisfied with the one your system has given you.

3rd Column :
~~~~~~~~~~
The third column in the file specifies the file system type of the device or partition. Many diffrent file systems are supported by Linux and most common ones are,

1) autofs
2) devpts
3) ext2
4) ext3
5) iso9660
6) nfs
7) ntfs
8) proc
9) swap
10) tmpfs
11) udf
12) ufs
13) vfat
14) xfs

If you are not sure of the file system type of the device then set the value to "auto" and the system will itself determine the file system type and will mount the device with that file system.

4th Column :
~~~~~~~~~~
The fourth column is for permissions to be given to the partition at the time of booting. There are many options which constitutes the forth column.

They are as follows : -

1) ro - Read Only
2) rw - Read Write
3) auto - Mount on startup
4) noauto- Do not mount on startup
5) user - Any user can mount, but only unmount device mounted by him
6) nouser- Only root can mount & unmount the device
7) users - Every user can mount and also unmount the device mounted by others
8) owner - Same as user (above no. 5)
9) dev - User can use device driver to mount the device
10) nodev - User cannot use device driver to mount the device
11) exec - Users can execute binaries on the partition
12) noexec- Users cannot execute binaries on the partition
13) async - Asynchronous, whenever a file is saved it will be first saved in the RAM and after 30 seconds all the queued files will be written on the hard disk
14) sync - Synchronous, whenever a file is saved it will be directly written to the hard disk
15) suid - Allow set-user-identifier for the device where users are allowed to run binaries even though they do not have execute
permissions. These binaries are temporarily made available to
them to perform certain tasks
16) nosuid- Do not allow set-user-identifier
17) defaults- auto, rw, dev, async, suid, exec & nouser

5th Column :
~~~~~~~~~~
The 5th column is for backup option. This column contains either 0 or 1. Where "0" stands for "NO" and "1" stands for "YES". The system checks it at the time of booting, if it's "0", dump will ignore that filesystem but if its "1" then it will enable backup option.
Backup is supported on only ext3 file system, hence only for ext3 file system it should be enabled and for rest of the file systems it should be disabled.

6th Column :
~~~~~~~~~~
The 6th column is for "fsck" option. fsck stands for file system
check. This column defines the order in which the system should scan the partitions on start up. The / partition is assigned top priority i.e. 1 and the rest of the partitions are assigned second priority i.e. 2. If value is set to 0 means no scanning will be done at the time of startup.
If same number is given to different partitions then the partitions are scanned together with equal priority. This minimizes error because if a
link is present on one partition with higher priority and the source file in another partition with a priority lower than the link, it will give an error.

User Administration

Only root (i.e. system administrator)can use adduser command
to create new users. It is not allow to other users.
Adduser is symlink of Useradd which is binary in /usr/sbin. We(root)can customise adduser by using another word & make it symlink of useradd.

Let's see

[root@localhost root]$ cd /usr/sbin
[root@localhost sbin]$ ln -s useradd uad

Now uad is symlink of useradd.

There are 3 types of users
|
__________________|____________________
| | |
Super user System user Normal user

<1> Superuser : At the time of linux installation it is create.
He has right to make other users & his`userid'& `groupid' is zero in`/etc/Passwd' file.

<2> Systemuser: These users create by System. They can't login
becoz their shell `sbin/noloin' is default in seventh field in
`/etc/passwd' file.

<3> Normaluser: These users create by superuser.

Let's see how superuser make normaluser :

[root@localhost root]$ adduser john
[root@localhost root]$ passwd john
Changing password for user john.
New password:(user password)
BAD PASSWORD: it is too short (if password is less than six
character but it doesn't affect so no need to worry)
Retype new password:(user password)
Passwd: all authentication tokens updated succesfully.

[root@localhost root]$ userdel john ---> `userdel' command delete
only name of the user from /home directory but it's data remain there. It's /usr/sbin/userdel

[root@localhost root]$ userdel -r john

---->userdel -r delete name of user as well as data.

[root@localhost root]$ usermod -G groupname username

[root@localhost root]$ usermod -G john eric
---->`usermod -G' command makes the user eric member of the group john.
/usr/sbin/usermod.

su ----> with the help of this command root can work as
substitute user.

su -r ---->with the help of this command root come out from
subtitute user.

The information of adduser refers 2 files & updates 4 files.
Config.files

Refers
|----/etc/login.defs
|
|----/etc/default/useradd
Updates
|----/etc/passwd
|
|----/etc/group
|
|----/etc/shadow
|
|----/etc/gshadow

<1> /etc/login.defs : It keep the information of directory where mailboxes reside or name of file relative to the home directory
Password duration & how many users can login.
"Passwd file" & "Group file" get the information of userid & groupid from this file.
"shadow file" & "Gshadow file" get the information of user login & password duration of user from this file.

Min/max values for automatic uid selection in useradd.
UID-MIN 500
UID-MAX 60000

The id of user start from 500 & max it is 60000 which is default according to REDHAT but we can customise it.
If there are two department ACCOUNTANT & MARKETING in one office then I can start userid to ACCOUNTANT from 1000 & to MARKETING from 2000 which is reliable.

Similar way to Groupid
GID-MIN 500
GID-MAX 60000

PASSWORD AGING CONTROLS:

PASS-MAX-DAYS 99999 : The maximum number of days a password can be used. i.e max 99999 days.
PASS-MIN-DAYS 0 : The minimum number of days allowed between password can change.
PASS-MIN-LEN 5 : The minimum length of the password. i.e. 5 character.
PASS-WARN-AGE 7 : Specifies the number of days warning given to user before the password expire. ie 7 days.

The above PASSWORD AGING information is default according to REDHAT which we can customise it.

<2> /etc/default/useradd : It has information of no. of groups, directory of users & user using which shell in following way.

Group=100 ----> It's default no. of groups according to Redhat which can customise.
Home=/home ----> It's default dir of user as Redhat say to which we can give any name i.e. we can make `ghar'instead of `home' by making directory under /
Inactive ----> It's number of days after password expire of user.
Expire ----> It's number of days for the account of user will expire.
shell=/bin/bash --> It's path of user shell
Skel=/etc/skel ---> When user create there is zero dir or file but when give command `l.' it shows some hidden files which comes from /etc/skel.

<3> /etc/passwd : * It keeps the record of new user when create by superuser. Each line is entry of new user. It is text file & has details of all system users. * It has 7 fields for each user in each line so it is called `system passwd database' & each field is separted : (colon) also called "Internal field
separator".

alex:x:500:500::/home/champu:/bin/bash
\____/\_/\__/\_/||\___________/\______/
| | | | | | | |
1 2 3 4 5 6 7

1. field (username) : It is username

2. field (userpwd) : It contain user password which is somewhere else if exist. If we put * inplace of x then user can't login.
If we keep second field blank then user can login without password.
i.e. (x) --- password somewhere else.
(*) --- user can't login.
( ) --- user can login without passwd.

3. field (userid) : It contain userid which is unique. Further userid's are just one greater than last user.

4. field (groupid) : It contain groupid which is always same as userid. It's group of users.

5. field (description) : It is comment field or GECOS(General electric compressive operating system) user can keep his information by using command `chfn'in this field such as
$ chfn
Name []:
office []:
office phone []:
Home phone []:

6. field (home directory) : It's home of champu. /home is directory where all users store.

7. field (shell) : It contain the full path of shell used by user. Through shell we can convert shell script into binary format & whatever get from kernal convert into text format.
/etc/group

<4> /etc/group : This file keep the information of group. It has
four field of each group of each line so it is called `system group database'.
Member of group has right to enter other member's of system who is member of same group.
line in this field like follow

Accounts:x:500:
| | | |
1 2 3 4

1. field (group name) : It contain name of group which is always same as the first member username.

2. field (group pwd) : It contain group password which is somewhere else if exist & it's password is same of first member of group.

3. field (group id) : It contain group id which is same of first member's id of group.

4. field (members) : It contains list of members of group. By default Redhat it is blank but user can fill it by put the name of members of group.

One user can makes members of his group by using command `usermod -G' which is run by only root.

$usermod -G groupname username

when system admin first time creates users he can send message like `Thank you for using redhat linux' through this & user get this mail whenever he login.

Command line options

-c comment Comment for the user
-d homedir Home directory to be used instead of default /home/username/
-e date Date for the account to be disabled in the format YYYY-MM-DD
-f days Number of days after the password expires until the account is disabled. (If 0 is specified, the account is disabled immediately after the password expires. If -1 is specified, the account is not be disabled after the password expires.)
-g groupname Group name or group number for the user's default group (The group must exist prior to being specified here.)
-G grouplist List of additional (other than default) group names or group numbers, separated by commas, of which the user is a member. (The groups must exist prior to being specified here.)
-m Create the home directory if it does not exist
-M Do not create the home directory
-n Do not create a user private group for the user
-r Create a system account with a UID less than 500 and without a home directory
-p password The password encrypted with crypt
-s User's login shell, which defaults to /bin/bash
-u uid User ID for the user, which must be unique and greater than 499 groupadd <group-name>

Command line options

-g gid Group ID for the group, which must be unique and greater than 499
-r Create a system group with a GID less than 500
-f Exit with an error if the group already exists (The group is not altered.) If -g and -f are specified, but the group already exists, the -g option is ignored

Password aging
$chage –l root
$chage -d 0 username

Change shell
$chsh <username>

Finger Information
$chfn <username>
$finger