Linux System Admin Chapters 7 & 8

Questions and Answers

What is the primary use of the Root User account in Linux?

Accessing internet browsing features

Managing user accounts and permissions only

Basic file sharing and collaboration

Performing system administration tasks (correct)

Which type of user can execute commands as the Root User using the sudo command?

System Account

Sudo User (correct)

Guest User

Standard User

What is the purpose of System Accounts in Linux?

For applications or automated services with restricted permissions (correct)

To provide internet access to users

To enable unrestricted access for standard users

To allow guest access for temporary users

What permission level do Standard Users have in the Linux operating system?

Restricted access to core system settings

What are User Groups used for in Linux?

To streamline permission assignment for multiple users

Which type of account has limited access and is managed for specific temporary tasks?

Guest User

What security risk is presented by incorrectly set user permissions in Linux?

It can render the system inoperable

What do each user's account info and passwords get stored in within the Linux system?

Specific files and directories

Which command is used to display currently logged in users in a Linux system?

who

What option should be added to the 'who' command to display headers for each column?

-H

Which of the following commands can be used to list all users in a Linux system?

cat /etc/passwd

Which command is used to create a new user in Linux?

useradd

What is the main purpose of the /etc/passwd file in Linux?

To list user accounts and their associated details

What does the usermod command do in Linux?

Modifies existing user account attributes

Which parameter for the usermod command is used to change the user's home directory?

-d

Which file contains information about user groups in Linux?

/etc/group

What is the primary function of the adduser command in Linux?

Create a new user with a home directory and default shell

Who has access to the /etc/shadow file?

Only the root user and users with appropriate privileges

Which command can be used to verify if a new user has been added in the Linux system?

cat /etc/passwd

What does the -d option do in the usermod command?

Changes the location of the user's home directory

What is stored in the /etc/sudoers file?

Permissions for users to execute commands as sudo

Which of the following files provides default templates for new user accounts?

/etc/skel

Which command deletes a user from the /etc/passwd file?

userdel

What does the command sudo userdel -r test_account2 do?

Deletes the user and their home directory

What type of data does the /etc/gshadow file manage?

Encrypted group passwords and related information

How can you confirm if a new group has been created successfully?

Run the getent command

What does the /etc/login.defs file control?

User account validity and password aging policies

Which command is used to add a user to an existing group?

usermod

Which method is preferred for managing users and groups in Linux?

Command-line tools

What is the purpose of the id command when used with a username?

To show the groups a user belongs to

What does the deluser command do?

Removes a user from a specific group

Which command modifies a user's existing group membership while keeping them in their current groups?

usermod

Study Notes

Chapter 7 and 8 System Admin

• Managing access to the Linux operating system and its resources is crucial for system administration.
• Incorrect user permissions can create security vulnerabilities and even render the system inoperable.

Introduction

• Managing access to the Linux system and its resources is essential for system administration.
• Incorrect user permissions pose a security risk, potentially causing the Linux system to fail.

Types of User Accounts in Linux

• A table outlining various user account types in Linux, their access levels, and typical uses.

Account Types

• Root User: Has complete access to the entire Linux system, enabling tasks like initiating commands, modifying settings, and installing software.
• Standard User: Has restricted privileges, unable to modify core system settings or other user accounts. Focused on basic resource use.
• Sudo User: A standard user with granted permissions to run commands with root privileges (requires sudo command prefix).
• System Account: Used for applications and automated services that need specific access to perform tasks. Has limited or restricted permissions.
• Guest User: A temporary account with limited access, typically used for short-term system access without requiring personal files or settings.
• User Groups: Users organized into logical groups with identical permissions, simplifying permission management for administrators.

Understanding User Management Files

• Linux stores user and group data in specific files and directories.
• System administrators can control and alter user and group settings using these files.

Main Files and Directories

• /etc/passwd: Lists user accounts and their associated information (user ID, group ID, home directory, and default shell). Readable by most users; only root/sudo can add/modify users.
• /etc/group: Lists user groups, their names, group IDs, and members. Administrators can use this to manage configurations for groups of users.
• /etc/sudoers: Contains specifications for users with elevated permissions (sudo privileges) on specific machines and directories; essential for admins to configure sudo command permissions.
• /etc/shadow: Stores encrypted user password information, including expiration dates, last change dates, and account expiration dates. Only accessible by root or users with privileges.
• /etc/gshadow: Stores encrypted group password information and password-related data. Only accessible by root or users with privileges.
• /etc/skel: Directory of default configuration scripts and templates (e.g., bashrc and bash_profile) that are used when a new user is created to streamline the process.
• /etc/login.defs: Contains system-wide policies for user accounts, including password aging policies. System administrators can adjust the settings to enforce security and management rules.

Linux User Management Commands

• Command-line tools are the preferred method for managing users and groups in Linux.
• Tools incorporate checks and balances for enhanced security.

Check Currently Logged Users

• who: Displays current user sessions and details in columns.
• Use the -H option to display headers for each column, clarifying data within the columns.
• Figure 1 and 2 in the presentation describe the output of the command who and who -H respectively.

List All Users

• /etc/passwd file contains data about all Linux users.
• Several Linux commands (e.g., cat, awk, getent) can be employed to extract user data within the terminal.
• The cat /etc/passwd command lists all users, along with expanded information such as the user's default shell and home directory.
• The more or less commands can be used to view the information in a paginated format. (e.g, to view multiple pages of user data)

Create User (useradd/adduser)

• useradd command creates a new user in Linux. Requires root/sudo privileges.
• sudo useradd test_account for example would add a new user named test_account.

Modify Default User Settings (usermod)

• usermod command modifies existing user accounts.
• Options allow specified data changes (-d, -S, -e, -c, -u, -aG).
• sudo usermod -d /var/test_account test_account is example to change home directory for test_account.

Delete User (userdel)

• userdel command removes a user from /etc/passwd.
• sudo userdel -r test_account2 example would remove user test_account2 and associated information.

Linux User Group Management Commands

• User groups streamline permission management on user accounts.
• Changes to group permissions affect all members.

Create Group

• sudo groupadd <group_name> creates a new user group.
• Check group existence with getent group <group_name>.

How to Add/Remove Members From Group

• sudo adduser username groupname to add a member to a group,
• e.g., sudo adduser test_account test_group, adding test_account to the group test_group.

Removing User From a Group

• sudo deluser <username> <groupname> removes a user from a specific group. e.g., sudo deluser test_account test_group.

Displaying All Groups a User Is a Member Of

• id test_account to display the groups a user belongs to
• Use the -n/-G options in id to list groups as names instead of numeric IDs.

List All Groups and Members

• Use getent group to retrieve data about all user groups, IDs, and members from the /etc/group file.

Linux C/C++ logging

• There are various ways for syslog to be implemented within a C/C++ environment.
• Numerous logging libraries offer different levels of functionality
• Ways to speed up or configure syslog can be considered for applications.

Speeding up syslog

• Methodologies such as filtering logs at the source or having separate hard drives for logs can optimize syslog.
• Placing logs in RAM for faster retrieval is another method.

Logging from the command line

• The logger command line utility is used for logging messages.
• Example logging commands exist.

Description

Explore the critical aspects of user account management in Linux. This quiz covers the types of user accounts, their permissions, and the potential security risks associated with incorrect access levels. Test your knowledge on maintaining system integrity and administration.