Linux with Operating System Concepts

Download 5,65 Mb.

Pdf ko'rish

bet	130/254
Sana	22.07.2022
Hajmi	5,65 Mb.
	#840170

1 ... 126 127 128 129 130 131 132 133 ... 254

Bog'liq
Linux-with-Operating-System-Concepts-Fox-Richard-CRC-Press-2014

user-
name
. You can of course override this. For instance, if you segment user home directories
based on type of user into /home/faculty, /home/staff, and /home/student, you would want
to modify the entry. Alternatively, software is often given either no home directory or a
home directory under /var. Unchecking the box for
Create a home directory
will
create the user account without a home directory.
The last three checkboxes default to the selections as shown in the figure.
Create
a primary group
is selected and
Specify user ID manually
and
Specify
group ID manually
are unselected. The primary group is the user’s private group,
which is, by default, given the same name and ID as the username. There are few occa-
sions where you would not want to give a user account its own private group. The default
UID and GID are one greater than the last UID and GID issued. Unless you are creating
a software account or have a specific policy regarding numbering, you will leave these as
the default.
Based on the demands of your organization, you might come up with your own UID
and GID numbering scheme. The general pattern in Linux is to assign software an account
number between 1 and 99 while all users are given account numbers of 100 or greater
(root being given the number 0). However, you might come up with a different numbering
policy. For instance, a system that has administration, faculty, staff, and students might be
numbered as follows:
• 100–199: Administration
• 200–500: Faculty
• 501–999: Staff
• 1000–2999: Graduate students
• 3000–9999: Undergraduate students
If that were the case, you would alter the ID from the default based on the type of account
you were creating.
Group creation through the GUI is even simpler. Clicking on the Add Group button
brings up the add group popup window. Here, you specify the group name and option-
ally alter the GID. The Group tab in the User Manager GUI provides a listing of all of the
groups, their GIDs, and the users in each group. An example is shown in Figure 9.3. In this
example, we see three private groups, Student, zappaf, and foxr. The group cool contains
members zappaf and foxr but not Student. We might establish a group if we want directory
or file permissions to be accessible for group members but not the rest of the world.
9.2.2 Creating User and Group Accounts from the Command Line
As stated earlier, the text-based approach to creating users (and groups) is often pre-
ferred because it can be used to create numerous accounts more easily than through

User Accounts
◾
355
the GUI. Imagine that you have to create 50 new users. You could issue the first use-
radd command, and then use command line editing to quickly alter the command 49
times.
At a minimum, your useradd command will look like this:
useradd –m
username
After issuing the command for the first new user, you type control
+
p, escape
+
b,
control
+
k, and then type in a new name
<
enter
>
. You do this repeatedly for each new
account. Using the GUI requires clicking on Add User, filling out the form (at a minimum,
the user’s name), and clicking the OK button. With the command line, you do not have
to remove your hands from the keyboard, and you have just about the same to type since
you have to specify the username in each version. Additionally, you can easily write a shell
script that will use useradd to create new user accounts when it is passed a file of usernames
(we explore such a script later in this section).
The useradd command allows a number of options that we would use to alter the default
behavior. Some of these options are available via the GUI, but not all of them. See Table 9.1
to see the more useful options.
When a user is created, an entry is added to the /etc/passwd file. In earlier days in Unix,
the passwd file stored passwords in an encrypted form. However, the passwd file has per-
missions of -rw-r-- r-- , meaning that it is readable by the world, this was felt to be a security
flaw. In spite of the passwords being in an encrypted format, one could change their own
password over and over in an attempt to compare it to other user-encrypted passwords in
an attempt to guess those passwords. Now, passwords are kept in /etc/shadow, which is not
accessible by anyone except root. So, whenever a new user is created, an entry is also added
to /etc/shadow.
FIGURE 9.3
Adding groups.

356
◾
Linux with Operating System Concepts
Here are some example useradd instructions with explanations:
•
useradd foo1
—create new user account foo1 with all of the default values except
for a home directory (because –m was not used).
•
useradd –m foo2
—create new user account foo2 with all of the default values
including a home directory at /home/foo2.
TABLE 9.1
Common useradd Options

Download 5,65 Mb.

Do'stlaringiz bilan baham:

1 ... 126 127 128 129 130 131 132 133 ... 254