Linux User Management Quiz

Questions and Answers

What is the maximum number of days a password may be used before expiration according to the given settings?

180 days (correct)

30 days

60 days

90 days

What does PASS_MIN_DAYS represent in the password policy?

Maximum allowed password length

Number of days warning given before password expires

Minimum number of days allowed between password changes (correct)

Minimum number of days before a password can be reused

How many days of warning are given before a password expires according to the settings?

30 days

7 days (correct)

0 days

14 days

Which command is used to edit the configuration file to set password expiration to 180 days?

vim /etc/login.defs

What is the purpose of the supplementary group created in the lab exercise?

To provide users with root command privileges using sudo

What is the purpose of a group in a system?

To provide a structure for organizing users and their access to resources.

What does the 'x' represent in a line from the /etc/group file?

An obsolete group password field.

How is the primary group for a user typically designated?

It shares the same name as the primary user.

What is a characteristic of supplementary groups?

They allow for access to files across different categories.

Where is the group membership for users stored?

In the /etc/group file.

What does the id command display for a user?

The group membership including both primary and supplementary groups.

What is a User Private Group?

A group that is created with the same name as a user.

What command is used to switch to the root user in a login shell?

sudo su -

What does the command 'echo $PATH' display?

Directories for executable files

If more than five minutes have passed since the last authentication, what must the user do to run 'sudo' again?

Re-authenticate with the student password

What does the command 'id' return when run by the root user?

User and group information

What happens to the PATH variable when using 'sudo' to become the root user?

It is overridden for security reasons.

After switching to root, what would be the output of 'pwd'?

/root

What is the primary effect of using 'sudo' instead of 'su' directly?

It enhances security by overriding the PATH variable.

Which command must be run to display the home directory of the root user?

echo $HOME

What does the prompt of the root user typically look like compared to a regular user?

It starts with a hash symbol.

Which command is used to exit the root user shell and return to the student user's shell?

exit

What command should be used to lock a user account using sudo?

sudo usermod -L user02

What will happen if a user tries to execute the sudo command without having permission?

An email will be sent to the root user detailing the attempt.

Which of the following commands provides access to the root account without running interactive login scripts?

sudo -s

What is the purpose of using the visudo command?

To edit the sudoers file safely and check for syntax errors.

How can a member of the wheel group use sudo under Red Hat Enterprise Linux 7?

By using their own password for any command.

What does the % symbol indicate in the sudoers file configuration?

It indicates a group in the configuration.

What log file is used to record executed sudo commands by default?

/var/log/secure

Which of the following best describes the sudo -i command?

It switches to the root account and runs the user's default shell.

Which user is specifically notified when there is an unauthorized attempt to use a sudo command?

The root user

What does the command 'ALL=(ALL:ALL)' allow for users in the wheel group?

Run commands as any user and any group on the system

How can you provide sudo access to a user named user01?

Create the /etc/sudoers.d/user01 file with 'user01 ALL=(ALL) ALL'

What is the meaning of the NOPASSWD command in a sudoers file?

Users can run commands without a password

Which of the following is a correct line for granting the games group permission to run the id command as the operator user?

%games ALL=(operator) /bin/id

What security measure is recommended when using sudo with NOPASSWD?

Enable SSH public-key authentication

How can you tighten security after enabling sudo access?

Re-enable the requirement for passwords for sudo

What does the inclusion of files in /etc/sudoers.d affect?

Provides a way to manage sudo access for users and groups separately

What command configuration would prevent the ec2-user from executing commands as root without a password?

ec2-user ALL=(ALL) ALL

Which statement about the wheel group in this context is correct?

Users not in this group cannot use sudo

Which command should be used to provide full sudo access to the group group01?

%group01 ALL=(ALL) ALL

Study Notes

Manage Local Users and Groups

• User accounts provide security boundaries between users and programs
• Users are identified by usernames and unique identification numbers (UIDs)
• Passwords are assigned to prove user authorization
• Processes run as a particular user
• Files have owners, controlling access
• User accounts include superusers (root), system users, and regular users
• Superusers (root) have full system access

User Account Types

• Superuser: Administers the system, has a UID of 0 (root)
• System users: Perform supporting services
• Regular users: Limited access, for daily work

Linux System Security

• User accounts crucial for system security
• Every program/process runs with a user ID (UID) or a user type
• File access control determined by owner and access privileges
• User accounts are essential to control file access
• System uses UIDs to identify users in the database

User Information Files

• /etc/passwd: Stores user information (username, UID, GID, comment, home directory, shell)
• /etc/shadow: Stores encrypted passwords (security improvement)

User commands

• id: Displays user information (UID, GID, groups) for the currently logged-in user or a specified user
• ls -l: Lists file details; includes owner and permissions; for directories, the owner
• ps: Lists process information, including the associated UID for the process
• su: Switches to another user account
• sudo: Enables users to run commands with superuser privileges

Group Concepts

• Groups combine users with shared access to system resources
• Group names are used for easier recognition; systems use an ID for each group
• /etc/group: Stores group information (group name, GID, members)

Primary and Supplementary Groups

• Every user has a primary group
• Users can have supplementary group memberships, granted in /etc/group
• These memberships grant broader access permissions

Gaining Superuser Access

• Systems use the root user for elevated privileges
• sudo command runs a command with root privileges without having the root password
• su command switches to another user account or root account when no user specified
• su and sudo commands are used to switch between users

Understanding Su and Sudo

• su: Direct switch to another user account, often root; may require password.
• sudo: Run a command with root privileges; Authenticate with your own password.

Run Commands with Sudo

• When the root user account isn't accessible users can use the sudo command
• sudo ensures users have the correct user account permissions.
• sudo prevents users from having direct access to root

Description

Test your knowledge of managing local users and groups in Linux systems. This quiz covers the importance of user accounts, different user types, and Linux system security principles. Understand user identification and file access control mechanisms in a secure environment.