unit 6 adding new users and storage

Adding New Users and

Storage

Prepared By

Prof. Bhushan Pawar

www.bhushanpawar.comProf.Bhushan Pawar

www.bhushanpawar.com1

The /etc/passwd file

• /etc/passwd file is a list of users recognized by the system.

• The system consults /etc/passwd at login time to determine a user’s UID and home directory, among other things.

Prof.Bhushan Pawar www.bhushanpawar.com

2

Continue…

• It contains seven fields separated by colons:

• Login name

• Encrypted password

• UID (user ID) number

• Default GID (group ID) number

• “GECOS” information: full name, office, extension, home phone

• Home directory

• Login shell


3

Continue…

• E.g

root:x:0:0:The System,,x6096,:/:/bin/sh

- The passwd file contains an x in the encrypted

password field on Linux, Solaris.

• The actual encrypted passwords are stored in /etc/shadow on Linux, Solaris.


4

Login name

• Must be unique and, depending on theoperating system, may have length andcharacter set restrictions.

• Login names can never contain colons ornewlines because these characters are used asfield separators and entry separators.


5

Continue…


6

Encrypted password

• The encrypted password in the /etc/passwdfile


7

UID (user ID) number

• UIDs are usually unsigned 32-bit integers.

• Root has UID 0.


8

Default GID number

• A group ID number is a 32-bit integer.

• GID 0 is reserved for the group called root orsystem.

• The /etc/group file defines the groups, withthe GID field in /etc/passwd providing adefault (or “effective”) GID at login time


9

GECOS field

• The GECOS field is sometimes used to record personal information about each user.

• The chfn command lets users change their own GECOS information.

• On most systems chfn understands only the

/etc/passwd file


10

Home directory

• If the home directory is missing at login time,the system prints a message such as “nohome directory” and puts the user in /.

• On Linux, if /etc/login.defs setsDEFAULT_HOME to no, the login is notallowed to continue.


11

Login shell

• The login shell is normally a commandinterpreter such as the Bourne shell or the Cshell (/bin/sh or /bin/csh), but it can be anyprogram.

• sh is the traditional default for UNIX, and bash(the GNU “Bourne again” shell) is the defaultfor Linux and Solaris.

• tcsh is an enhanced C shell with commandediting.


12

THE /ETC/SHADOW AND /ETC/SECURITY/PASSWD FILES

• A shadow password file is readable only bythe superuser and serves to keep encryptedpasswords.

• IBM calls the file that stores the encrypted passwords /etc/security/passwd, while the rest of the world calls it /etc/shadow.


13

/etc/shadow• The shadow file is not a superset of the

passwd file, and the passwd file is notgenerated from it. We must maintain bothfiles or use tools such as useradd thatmaintain both files on your behalf. Like/etc/passwd, /etc/shadow contains one linefor each user. Each line contains nine fields,separated by colons


14

Continue…• Login name

• Encrypted password

• Date of last password change

• Minimum number of days between password changes

• Maximum number of days between password changes

• Number of days in advance to warn users about password expiration

• Linux: Days after password expiration that account is disabled

Solaris/HP-UX: Days before account automatically expires

• Account expiration date

• A reserved field that is currently always empty, except on Solaris


15

THE /ETC/GROUP FILE

• The /etc/group file contains the names of UNIX groups and a list of each group’s members.

• Each line represents one group and contains four fields:

• Group name

• Encrypted password or a placeholder

• GID number

• List of members, separated by commas (be careful not to add spaces)


16

example

1. system:!:0:root,pconsole,esaadmin

2. staff:!:1:ipsec,esaadmin,trent,ben,garth,evi

3. bin:!:2:root,bin

4. sys:!:3:root,bin,sys

5. adm:!:4:bin,adm

6. nobody:!:4294967294:nobody,lpd


17

ADDING USERS: THE BASIC STEPS• The process of adding a new user consists of

several steps required by the system:– Have the new user sign your policy agreement.

– Edit the passwd and shadow files to define theuser’s account.

– Add the user to the /etc/group file (not reallynecessary, but nice).

– Set an initial password.

– Create, chown, and chmod the user’s homedirectory.

– Configure roles and permissions


18

Continue…

• For the user:

– Copy default startup files to the user’s home directory.

– Set the user’s mail home and establish mail aliases.

• For you:

– Verify that the account is set up correctly.

– Add the user’s contact information and account status to your database


19

Continue…

• You must be root to add a user, you must have Admin privileges.

• This is a perfect place to use sudo.

• For this we can use “useradd” or “adduser”command.


20

Editing the passwd and group files

• If you have to add a user by hand, use vipw toedit the passwd and shadow files.

• NOTE:-

– On Solaris, and Red Hat systems, vipwautomatically asks if you would like to edit theshadow file after you have edited the passwd file.SUSE and Ubuntu systems use vipw -s for thisfunction.


21

Setting a password

• Set a password for the new user with

$ sudo passwd newusername


22

Creating the home directory and installing startup files

• You can create the new user’s home directorywith a simple mkdir.

• Startup files traditionally begin with a dot andend with the letters rc, short for “run command,”

• The initial dot causes ls to hide these“uninteresting” files from directory listings unlessthe -a option is used.

• Sample startup files are traditionally kept in/etc/skel (Linux, Solaris, HP-UX) or /etc


23


24

Setting permissions and ownerships

• The command

– $ sudo chown -R newuser:newgroup ~newuser

Prof.Bhushan Pawarwww.bhushanpawar.com

25

Any Question???• If you having any doubt then you can ask me

question on

[email protected]

Or

contact me on (+91)-7588318728


26

mailto:[email protected]

unit 6 adding new users and storage

Engineering