Linux User Management Quiz

Questions and Answers

What is the maximum number of days a password may be used before expiration according to the given settings?

• 180 days (correct)
• 30 days
• 60 days
• 90 days

What does PASS_MIN_DAYS represent in the password policy?

• Maximum allowed password length
• Number of days warning given before password expires
• Minimum number of days allowed between password changes (correct)
• Minimum number of days before a password can be reused

How many days of warning are given before a password expires according to the settings?

• 30 days
• 7 days (correct)
• 0 days
• 14 days

Which command is used to edit the configuration file to set password expiration to 180 days?

vim /etc/login.defs (B)

What is the purpose of the supplementary group created in the lab exercise?

To provide users with root command privileges using sudo (C)

What is the purpose of a group in a system?

To provide a structure for organizing users and their access to resources. (A)

What does the 'x' represent in a line from the /etc/group file?

An obsolete group password field. (D)

How is the primary group for a user typically designated?

It shares the same name as the primary user. (C)

What is a characteristic of supplementary groups?

They allow for access to files across different categories. (B)

Where is the group membership for users stored?

In the /etc/group file. (D)

What does the id command display for a user?

The group membership including both primary and supplementary groups. (A)

What is a User Private Group?

A group that is created with the same name as a user. (C)

What command is used to switch to the root user in a login shell?

sudo su - (C)

What does the command 'echo $PATH' display?

Directories for executable files (A)

If more than five minutes have passed since the last authentication, what must the user do to run 'sudo' again?

Re-authenticate with the student password (B)

What does the command 'id' return when run by the root user?

User and group information (B)

What happens to the PATH variable when using 'sudo' to become the root user?

It is overridden for security reasons. (B)

After switching to root, what would be the output of 'pwd'?

/root (A)

What is the primary effect of using 'sudo' instead of 'su' directly?

It enhances security by overriding the PATH variable. (A)

Which command must be run to display the home directory of the root user?

echo $HOME (C)

What does the prompt of the root user typically look like compared to a regular user?

It starts with a hash symbol. (B)

Which command is used to exit the root user shell and return to the student user's shell?

exit (C)

What command should be used to lock a user account using sudo?

sudo usermod -L user02 (C)

What will happen if a user tries to execute the sudo command without having permission?

An email will be sent to the root user detailing the attempt. (C)

Which of the following commands provides access to the root account without running interactive login scripts?

sudo -s (D)

What is the purpose of using the visudo command?

To edit the sudoers file safely and check for syntax errors. (D)

How can a member of the wheel group use sudo under Red Hat Enterprise Linux 7?

By using their own password for any command. (D)

What does the % symbol indicate in the sudoers file configuration?

It indicates a group in the configuration. (B)

What log file is used to record executed sudo commands by default?

/var/log/secure (C)

Which of the following best describes the sudo -i command?

It switches to the root account and runs the user's default shell. (C)

Which user is specifically notified when there is an unauthorized attempt to use a sudo command?

The root user (A)

What does the command 'ALL=(ALL:ALL)' allow for users in the wheel group?

Run commands as any user and any group on the system (D)

How can you provide sudo access to a user named user01?

Create the /etc/sudoers.d/user01 file with 'user01 ALL=(ALL) ALL' (A)

What is the meaning of the NOPASSWD command in a sudoers file?

Users can run commands without a password (A)

Which of the following is a correct line for granting the games group permission to run the id command as the operator user?

%games ALL=(operator) /bin/id (C)

What security measure is recommended when using sudo with NOPASSWD?

Enable SSH public-key authentication (D)

How can you tighten security after enabling sudo access?

Re-enable the requirement for passwords for sudo (B)

What does the inclusion of files in /etc/sudoers.d affect?

Provides a way to manage sudo access for users and groups separately (A)

What command configuration would prevent the ec2-user from executing commands as root without a password?

ec2-user ALL=(ALL) ALL (A)

Which statement about the wheel group in this context is correct?

Users not in this group cannot use sudo (A)

Which command should be used to provide full sudo access to the group group01?

%group01 ALL=(ALL) ALL (A)

Flashcards

Group

A collection of users who share access to files and resources.

Group ID (GID)

A unique identifier assigned to a group, used by the system for internal management.

/etc/group

A file that stores information about local groups on a system.

Primary Group

The single group that a user is primarily associated with. It defines the ownership of files created by the user.

User Private Group

Groups created automatically when a new user is made, with the same name as the user and only the user as a member.

Supplementary Group

Groups in addition to the primary group that a user belongs to, granting additional access to files and resources.

id Command

It shows the group memberships of a user, including the primary and supplementary groups.

What is sudo?

The sudo command allows authorized users to execute commands with elevated privileges, typically as the root user. It provides a secure and controlled way to manage system administration tasks.

How can you lock a user account?

The usermod command allows you to modify user account settings. Using it with the -L flag locks an account, preventing logins until unlocked.

How do you get an interactive root shell?

The command sudo -i provides an interactive root shell. It switches to the root account and runs the user's default shell (usually bash).

What command is used to edit the sudoers file?

The visudo command is used to edit the /etc/sudoers file. Using visudo ensures the file is validated and prevents syntax errors.

What is the sudo configuration file?

The /etc/sudoers file is the main configuration file for the sudo command.

What is the wheel group?

A group defined within the /etc/sudoers file to grant sudo access to specific users. For example, members of the wheel group in Red Hat Enterprise Linux 7 and later can use sudo with their own password.

How can you avoid interactive login scripts while using sudo?

The -s flag with sudo executes the specified command without interactive login scripts, allowing you to run a command in the context of another user but without going through a full interactive shell login.

Where are sudo commands logged?

The sudo command by default logs all executed commands to the /var/log/secure file for security and auditing purposes.

PASS_MAX_DAYS

The maximum number of days a password can be used before it must be changed. This setting helps to enforce password security and prevent unauthorized access.

PASS_MIN_DAYS

The minimum number of days that must pass before a user can change their password again. It helps to prevent excessive password changes and ensures that users don't change passwords too quickly.

PASS_WARN_AGE

This setting determines the number of days before a password expires that the user receives a warning message. It allows users to plan ahead and avoid being locked out of their account.

/etc/login.defs

A file that contains the default settings for managing user accounts including password aging policies. It is a central location for configuring account security settings.

vim /etc/login.defs

The command used in Linux systems to edit the /etc/login.defs file. It is used to set password aging policies for user accounts.

What is /etc/sudoers?

A special file that dictates which users can run commands as other users or groups on a system.

What is /etc/sudoers.d directory?

A configuration file that defines which users and groups have sudo access, what commands they can run, and with what privileges.

What is the "sudo" command?

A command that allows a user to execute a command with elevated privileges, typically those of the root user.

What does '%group ALL=(ALL) ALL' mean in /etc/sudoers.d?

It enables all users in a specific group to execute any command as any other user or group.

What does '%group ALL=(user) /bin/command' mean in /etc/sudoers.d?

It allows users from a specific group to run a particular command as a specified user.

What does 'user ALL=(ALL) NOPASSWD: ALL' mean in /etc/sudoers.d?

It allows a user to run any command as any user or group, without requiring a password.

What is Ansible?

An automated tool used for managing and provisioning servers, often used for cloud instances and virtual machines.

Why is 'ec2-user ALL=(ALL) NOPASSWD: ALL' commonly used with Amazon EC2 instances?

It grants the ec2-user account full passwordless sudo access, allowing it to run any command as root without entering a password.

What are the security implications of using 'NOPASSWD: ALL'?

Although secure in some contexts, granting passwordless sudo access is potentially risky. Always take precautions to protect the account and limit access.

What does the command sudo su - do?

The command sudo su - elevates the user to root privileges in a new login shell. It provides a separate environment with root permissions, allowing for system-wide operations.

What information does the id command provide?

The command id displays the user and group information of the current user. It provides details like the user ID (UID), group ID (GID), group memberships, and security context.

What does the pwd command do?

The pwd command displays the current working directory of the user. It shows the absolute path of the directory where the user is currently located, which is the starting point for navigating the file system.

What does the HOME environment variable represent?

The environment variable HOME represents the home directory of the user. It is the default location for the user's files, configuration settings, and other personal data.

What is the purpose of the PATH environment variable?

The environment variable PATH defines the search path for executable files. It lists the directories where the system will look for commands when a user executes a program.

Why does sudo potentially override the PATH variable?

When using sudo, the PATH environment variable might be overwritten for security reasons. This ensures that the user cannot execute commands from untrusted directories after gaining root privileges.

What does the exit command do?

The command exit terminates the current shell session. Upon execution, the user is returned to the previous shell or logged out, depending on the context.

What is the functionality of the echo command?

The echo command displays the value of a variable or string. It is useful for viewing the content of environment variables or printing text to the console.

How do you switch to root using su?

The su command allows switching to another user's shell. However, to become root, you usually need to use sudo su -, which requires authentication as the original user.

What purpose does the shell prompt serve?

The shell prompt indicates the current user and host, providing context about the current environment. It helps users to understand where they are operating from.

Study Notes

Manage Local Users and Groups

• User accounts provide security boundaries between users and programs
• Users are identified by usernames and unique identification numbers (UIDs)
• Passwords are assigned to prove user authorization
• Processes run as a particular user
• Files have owners, controlling access
• User accounts include superusers (root), system users, and regular users
• Superusers (root) have full system access

User Account Types

• Superuser: Administers the system, has a UID of 0 (root)
• System users: Perform supporting services
• Regular users: Limited access, for daily work

Linux System Security

• User accounts crucial for system security
• Every program/process runs with a user ID (UID) or a user type
• File access control determined by owner and access privileges
• User accounts are essential to control file access
• System uses UIDs to identify users in the database

User Information Files

• /etc/passwd: Stores user information (username, UID, GID, comment, home directory, shell)
• /etc/shadow: Stores encrypted passwords (security improvement)

User commands

• id: Displays user information (UID, GID, groups) for the currently logged-in user or a specified user
• ls -l: Lists file details; includes owner and permissions; for directories, the owner
• ps: Lists process information, including the associated UID for the process
• su: Switches to another user account
• sudo: Enables users to run commands with superuser privileges

Group Concepts

• Groups combine users with shared access to system resources
• Group names are used for easier recognition; systems use an ID for each group
• /etc/group: Stores group information (group name, GID, members)

Primary and Supplementary Groups

• Every user has a primary group
• Users can have supplementary group memberships, granted in /etc/group
• These memberships grant broader access permissions

Gaining Superuser Access

• Systems use the root user for elevated privileges
• sudo command runs a command with root privileges without having the root password
• su command switches to another user account or root account when no user specified
• su and sudo commands are used to switch between users

Understanding Su and Sudo

• su: Direct switch to another user account, often root; may require password.
• sudo: Run a command with root privileges; Authenticate with your own password.

Run Commands with Sudo

• When the root user account isn't accessible users can use the sudo command
• sudo ensures users have the correct user account permissions.
• sudo prevents users from having direct access to root