Scribd
Upload
5 views36 pages

ITLSA1-22 Week 3 - Chapter - 8 4

The document outlines key administrative tasks in Linux, focusing on user and group management, including the importance of user accounts for identity verification and resource access control. It details the functions of critical files like /etc/passwd and /etc/shadow, which store user information and encrypted passwords, respectively. Additionally, it includes an activity for students to simulate system administration by creating user accounts and managing group permissions within a fictional company structure.

Uploaded by

kgantso14
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
5 views36 pages

ITLSA1-22 Week 3 - Chapter - 8 4

The document outlines key administrative tasks in Linux, focusing on user and group management, including the importance of user accounts for identity verification and resource access control. It details the functions of critical files like /etc/passwd and /etc/shadow, which store user information and encrypted passwords, respectively. Additionally, it includes an activity for students to simulate system administration by creating user accounts and managing group permissions within a fictional company structure.

Uploaded by

kgantso14
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 36

Linux-Based

Operating Systems
ITLSA1 - B22
Disclaimer

Please note that content made available on myLMS may deviate


only slightly from what is covered in lecturer-led sessions,
however, the content uploaded to myLMS represents all the
material that you need to refer to in preparation for your
assessments.
Learning Outcomes – Week 3
•One of the key administrative tasks with Linux is
managing users and groups.
•The primary reason for user accounts is to verify the
identity of each individual using a computer system.
•A secondary reason for user accounts is to permit the per-
individual tailoring of resources and access privileges.
•Resources can include files, directories, and devices.
Controlling access to these resources is a primary task of
an administrator
etc
Several files are used when creating users in
Linux. The following are a few most commonly
used.
/etc/passwd
/etc/shadow
/etc/group
/etc/passwd
The /etc/passwd file contains the user ID, and
default home directory. Because this file is used
by many tools it needs to be readable by any
user.
To view the /etc/passwd file use the less
command.
less /etc/passwd
The /etc/passwd file is a group of fields
separated with a colon (:). They are username,
password (shown as an x), numeric user ID,
numeric group ID, full name, user’s home
directory, and user’s shell account.
/etc/shadow
The /etc/shadow file contains the encrypted passwords and other
password information.
This file is viewable by the root user only.
To view the /etc/shadow file use the following commands:
su – root
tail /etc/shadow
The /etc/shadow file is a group of fields separated with a colon (:).
They are:
Username
password (13 characters encrypted)
the number of days since the password was last changed
the number of days before the password may be changed
the number of days to warn a user of an expiring password
the number of days after a password expires that account is disabled
the number of days since an account has bee disabled
a reserved field for possible future use.
Groups Tie together users that have a common
purpose
An organization may have persons responsible
for accounts payable and others responsible
for payroll.
• By placing the user accounts in an
accounts payable group then common
permissions can be given to all the
members of that group.
• Members of the accounts payable group
would not have access to the information
and resources of the payroll group. Users
within the same group have the same
read, write. or execute privileges of group
resources.
Activity

• Students will simulate being system administrators of a small tech company


called TechCorp. The company has three departments: dev, hr, and sales.Each
group will create users for employees, assign them to the correct department
(group), and restrict access to certain department files.
Activity
1. Create Groups for Departments
1. sudo groupadd dev
2. sudo groupadd hr
3. sudo groupadd sales
2. Create one user per department. Example
1. sudo useradd -m -G dev alice
2. sudo useradd -m -G hr bob
3. sudo useradd -m -G sales charlie
Activity
1. Verify Group Membership
1. groups alice
2. groups bob
3. groups charlie
2. Create Department Directories
1. sudo mkdir /company
2. sudo mkdir /company/dev
3. sudo mkdir /company/hr
4. sudo mkdir /company/sales
Activity
1. Set Group Ownership and Permissions
1. sudo chown :dev /company/dev
2. sudo chown :hr /company/hr
3. sudo chown :sales /company/sales
4. sudo chmod 770 /company/dev
5. sudo chmod 770 /company/hr
6. sudo chmod 770 /company/sales
2. Test Access Control
1. su - alice
2. cd /company/hr # Should be denied
3. cd /company/dev # Should be allowed
Activity

1. Discussion
1. What happens if you forget to assign a group?
2. What’s the difference between primary and secondary groups?
3. How does chmod work with numbers (e.g. 770)
4. ?Why is /etc/passwd not encrypted, but /etc/shadow is?
Any Question?
Week 4

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy