Users and Groups

Posted by alex almazan Sun, 13 Apr 2008 07:53:00 GMT

/etc/passwd File contains the configuration info for loacl users in the following format(world readable): 
username : x: UID:GID:GECOS:homedir:shell

/etc/shadow File contains the username (which must match /etc/passwd) and the users MD5 encrypted password (only readable by root)

/etc/group file contains the configuration for local groups in the following format

groupname :x: GID : secondary users

/etc/gshadow file contains a list of groups on the server and their MD5 encrypted passwords.

useradd used to add new users
usermod used to modify the attributes of the user
groupadd used to add new group to server
groupmod used to change group attributes
passwd used to create or change user passwords
chage command used to create/edit password aging

Locating files with Special Permissions/attributes

find . / -perm +4000 |less
find root owned 
find / -perm +2000  | less
get all GID/SUiD 
find / -perm +1000 (sticky bit)
can be (used to find 777)

Setuid Suid Set UserID is used on Unix systems for tasks that require higher privileges. Has greatest impact on executable files.

chmod u+s <file>
setgid 
chmod g+s
or 
chmod 2770 /some/directory
assigns group ownership to directories

example

Configure the users mike,chris and jamie

make these users part of the ru group 
useradd -s /sbin/nologin ru
useradd chris -G ru -p '    '
(grub-md5-crypt can be used to generate system passwords)

configure the directory /home/ru so that each user can read,create, and modify files.

chmod 2770 /home/ru
or 
chmod u+s /home/ru