Only root (i.e. system administrator)can use adduser command
to create new users. It is not allow to other users.
Adduser is symlink of Useradd which is binary in /usr/sbin. We(root)can customise adduser by using another word & make it symlink of useradd.
Let's see
[root@localhost root]$ cd /usr/sbin
[root@localhost sbin]$ ln -s useradd uad
Now uad is symlink of useradd.
There are 3 types of users
|
__________________|____________________
| | |
Super user System user Normal user
<1> Superuser : At the time of linux installation it is create.
He has right to make other users & his`userid'& `groupid' is zero in`/etc/Passwd' file.
<2> Systemuser: These users create by System. They can't login
becoz their shell `sbin/noloin' is default in seventh field in
`/etc/passwd' file.
<3> Normaluser: These users create by superuser.
Let's see how superuser make normaluser :
[root@localhost root]$ adduser john
[root@localhost root]$ passwd john
Changing password for user john.
New password:(user password)
BAD PASSWORD: it is too short (if password is less than six
character but it doesn't affect so no need to worry)
Retype new password:(user password)
Passwd: all authentication tokens updated succesfully.
[root@localhost root]$ userdel john ---> `userdel' command delete
only name of the user from /home directory but it's data remain there. It's /usr/sbin/userdel
[root@localhost root]$ userdel -r john
---->userdel -r delete name of user as well as data.
[root@localhost root]$ usermod -G groupname username
[root@localhost root]$ usermod -G john eric
---->`usermod -G' command makes the user eric member of the group john.
/usr/sbin/usermod.
su ----> with the help of this command root can work as
substitute user.
su -r ---->with the help of this command root come out from
subtitute user.
The information of adduser refers 2 files & updates 4 files.
Config.files
Refers
|----/etc/login.defs
|
|----/etc/default/useradd
Updates
|----/etc/passwd
|
|----/etc/group
|
|----/etc/shadow
|
|----/etc/gshadow
<1> /etc/login.defs : It keep the information of directory where mailboxes reside or name of file relative to the home directory
Password duration & how many users can login.
"Passwd file" & "Group file" get the information of userid & groupid from this file.
"shadow file" & "Gshadow file" get the information of user login & password duration of user from this file.
Min/max values for automatic uid selection in useradd.
UID-MIN 500
UID-MAX 60000
The id of user start from 500 & max it is 60000 which is default according to REDHAT but we can customise it.
If there are two department ACCOUNTANT & MARKETING in one office then I can start userid to ACCOUNTANT from 1000 & to MARKETING from 2000 which is reliable.
Similar way to Groupid
GID-MIN 500
GID-MAX 60000
PASSWORD AGING CONTROLS:
The above PASSWORD AGING information is default according to REDHAT which we can customise it.
<2> /etc/default/useradd : It has information of no. of groups, directory of users & user using which shell in following way.
<3> /etc/passwd : * It keeps the record of new user when create by superuser. Each line is entry of new user. It is text file & has details of all system users. * It has 7 fields for each user in each line so it is called `system passwd database' & each field is separted : (colon) also called "Internal field
separator".
alex:x:500:500::/home/champu:/bin/bash
\____/\_/\__/\_/||\___________/\______/
| | | | | | | |
1 2 3 4 5 6 7
1. field (username) : It is username
2. field (userpwd) : It contain user password which is somewhere else if exist. If we put * inplace of x then user can't login.
If we keep second field blank then user can login without password.
i.e. (x) --- password somewhere else.
(*) --- user can't login.
( ) --- user can login without passwd.
3. field (userid) : It contain userid which is unique. Further userid's are just one greater than last user.
4. field (groupid) : It contain groupid which is always same as userid. It's group of users.
5. field (description) : It is comment field or GECOS(General electric compressive operating system) user can keep his information by using command `chfn'in this field such as
$ chfn
Name []:
office []:
office phone []:
Home phone []:
6. field (home directory) : It's home of champu. /home is directory where all users store.
7. field (shell) : It contain the full path of shell used by user. Through shell we can convert shell script into binary format & whatever get from kernal convert into text format.
/etc/group
<4> /etc/group : This file keep the information of group. It has
four field of each group of each line so it is called `system group database'.
Member of group has right to enter other member's of system who is member of same group.
line in this field like follow
Accounts:x:500:
| | | |
1 2 3 4
1. field (group name) : It contain name of group which is always same as the first member username.
2. field (group pwd) : It contain group password which is somewhere else if exist & it's password is same of first member of group.
3. field (group id) : It contain group id which is same of first member's id of group.
4. field (members) : It contains list of members of group. By default Redhat it is blank but user can fill it by put the name of members of group.
One user can makes members of his group by using command `usermod -G' which is run by only root.
$usermod -G groupname username
when system admin first time creates users he can send message like `Thank you for using redhat linux' through this & user get this mail whenever he login.
Command line options
-c comment Comment for the user
-d homedir Home directory to be used instead of default /home/username/
-e date Date for the account to be disabled in the format YYYY-MM-DD
-f days Number of days after the password expires until the account is disabled. (If 0 is specified, the account is disabled immediately after the password expires. If -1 is specified, the account is not be disabled after the password expires.)
-g groupname Group name or group number for the user's default group (The group must exist prior to being specified here.)
-G grouplist List of additional (other than default) group names or group numbers, separated by commas, of which the user is a member. (The groups must exist prior to being specified here.)
-m Create the home directory if it does not exist
-M Do not create the home directory
-n Do not create a user private group for the user
-r Create a system account with a UID less than 500 and without a home directory
-p password The password encrypted with crypt
-s User's login shell, which defaults to /bin/bash
-u uid User ID for the user, which must be unique and greater than 499 groupadd <group-name>
Command line options
-g gid Group ID for the group, which must be unique and greater than 499
-r Create a system group with a GID less than 500
-f Exit with an error if the group already exists (The group is not altered.) If -g and -f are specified, but the group already exists, the -g option is ignored
Password aging
$chage –l root
$chage -d 0 username
Change shell
$chsh <username>
Finger Information
$chfn <username>
$finger
to create new users. It is not allow to other users.
Adduser is symlink of Useradd which is binary in /usr/sbin. We(root)can customise adduser by using another word & make it symlink of useradd.
Let's see
[root@localhost root]$ cd /usr/sbin
[root@localhost sbin]$ ln -s useradd uad
Now uad is symlink of useradd.
There are 3 types of users
|
__________________|____________________
| | |
Super user System user Normal user
<1> Superuser : At the time of linux installation it is create.
He has right to make other users & his`userid'& `groupid' is zero in`/etc/Passwd' file.
<2> Systemuser: These users create by System. They can't login
becoz their shell `sbin/noloin' is default in seventh field in
`/etc/passwd' file.
<3> Normaluser: These users create by superuser.
Let's see how superuser make normaluser :
[root@localhost root]$ adduser john
[root@localhost root]$ passwd john
Changing password for user john.
New password:(user password)
BAD PASSWORD: it is too short (if password is less than six
character but it doesn't affect so no need to worry)
Retype new password:(user password)
Passwd: all authentication tokens updated succesfully.
[root@localhost root]$ userdel john ---> `userdel' command delete
only name of the user from /home directory but it's data remain there. It's /usr/sbin/userdel
[root@localhost root]$ userdel -r john
---->userdel -r delete name of user as well as data.
[root@localhost root]$ usermod -G groupname username
[root@localhost root]$ usermod -G john eric
---->`usermod -G' command makes the user eric member of the group john.
/usr/sbin/usermod.
su ----> with the help of this command root can work as
substitute user.
su -r ---->with the help of this command root come out from
subtitute user.
The information of adduser refers 2 files & updates 4 files.
Config.files
Refers
|----/etc/login.defs
|
|----/etc/default/useradd
Updates
|----/etc/passwd
|
|----/etc/group
|
|----/etc/shadow
|
|----/etc/gshadow
<1> /etc/login.defs : It keep the information of directory where mailboxes reside or name of file relative to the home directory
Password duration & how many users can login.
"Passwd file" & "Group file" get the information of userid & groupid from this file.
"shadow file" & "Gshadow file" get the information of user login & password duration of user from this file.
Min/max values for automatic uid selection in useradd.
UID-MIN 500
UID-MAX 60000
The id of user start from 500 & max it is 60000 which is default according to REDHAT but we can customise it.
If there are two department ACCOUNTANT & MARKETING in one office then I can start userid to ACCOUNTANT from 1000 & to MARKETING from 2000 which is reliable.
Similar way to Groupid
GID-MIN 500
GID-MAX 60000
PASSWORD AGING CONTROLS:
- PASS-MAX-DAYS 99999 : The maximum number of days a password can be used. i.e max 99999 days.
- PASS-MIN-DAYS 0 : The minimum number of days allowed between password can change.
- PASS-MIN-LEN 5 : The minimum length of the password. i.e. 5 character.
- PASS-WARN-AGE 7 : Specifies the number of days warning given to user before the password expire. ie 7 days.
The above PASSWORD AGING information is default according to REDHAT which we can customise it.
<2> /etc/default/useradd : It has information of no. of groups, directory of users & user using which shell in following way.
- Group=100 ----> It's default no. of groups according to Redhat which can customise.
- Home=/home ----> It's default dir of user as Redhat say to which we can give any name i.e. we can make `ghar'instead of `home' by making directory under /
- Inactive ----> It's number of days after password expire of user.
- Expire ----> It's number of days for the account of user will expire.
- shell=/bin/bash --> It's path of user shell
- Skel=/etc/skel ---> When user create there is zero dir or file but when give command `l.' it shows some hidden files which comes from /etc/skel.
<3> /etc/passwd : * It keeps the record of new user when create by superuser. Each line is entry of new user. It is text file & has details of all system users. * It has 7 fields for each user in each line so it is called `system passwd database' & each field is separted : (colon) also called "Internal field
separator".
alex:x:500:500::/home/champu:/bin/bash
\____/\_/\__/\_/||\___________/\______/
| | | | | | | |
1 2 3 4 5 6 7
1. field (username) : It is username
2. field (userpwd) : It contain user password which is somewhere else if exist. If we put * inplace of x then user can't login.
If we keep second field blank then user can login without password.
i.e. (x) --- password somewhere else.
(*) --- user can't login.
( ) --- user can login without passwd.
3. field (userid) : It contain userid which is unique. Further userid's are just one greater than last user.
4. field (groupid) : It contain groupid which is always same as userid. It's group of users.
5. field (description) : It is comment field or GECOS(General electric compressive operating system) user can keep his information by using command `chfn'in this field such as
$ chfn
Name []:
office []:
office phone []:
Home phone []:
6. field (home directory) : It's home of champu. /home is directory where all users store.
7. field (shell) : It contain the full path of shell used by user. Through shell we can convert shell script into binary format & whatever get from kernal convert into text format.
/etc/group
<4> /etc/group : This file keep the information of group. It has
four field of each group of each line so it is called `system group database'.
Member of group has right to enter other member's of system who is member of same group.
line in this field like follow
Accounts:x:500:
| | | |
1 2 3 4
1. field (group name) : It contain name of group which is always same as the first member username.
2. field (group pwd) : It contain group password which is somewhere else if exist & it's password is same of first member of group.
3. field (group id) : It contain group id which is same of first member's id of group.
4. field (members) : It contains list of members of group. By default Redhat it is blank but user can fill it by put the name of members of group.
One user can makes members of his group by using command `usermod -G' which is run by only root.
$usermod -G groupname username
when system admin first time creates users he can send message like `Thank you for using redhat linux' through this & user get this mail whenever he login.
Command line options
-c comment Comment for the user
-d homedir Home directory to be used instead of default /home/username/
-e date Date for the account to be disabled in the format YYYY-MM-DD
-f days Number of days after the password expires until the account is disabled. (If 0 is specified, the account is disabled immediately after the password expires. If -1 is specified, the account is not be disabled after the password expires.)
-g groupname Group name or group number for the user's default group (The group must exist prior to being specified here.)
-G grouplist List of additional (other than default) group names or group numbers, separated by commas, of which the user is a member. (The groups must exist prior to being specified here.)
-m Create the home directory if it does not exist
-M Do not create the home directory
-n Do not create a user private group for the user
-r Create a system account with a UID less than 500 and without a home directory
-p password The password encrypted with crypt
-s User's login shell, which defaults to /bin/bash
-u uid User ID for the user, which must be unique and greater than 499 groupadd <group-name>
Command line options
-g gid Group ID for the group, which must be unique and greater than 499
-r Create a system group with a GID less than 500
-f Exit with an error if the group already exists (The group is not altered.) If -g and -f are specified, but the group already exists, the -g option is ignored
Password aging
$chage –l root
$chage -d 0 username
Change shell
$chsh <username>
Finger Information
$chfn <username>
$finger
No comments:
Post a Comment