l6 managing users and groups useradd usermod skel shadow passwd lock -l -u id chage

defaults are in
/etc/login.defs
/etc/defaults/useradd


[root@localhost ~]# useradd -m -d /home/max max
[root@localhost ~]# su - max
[max@localhost ~]$ pwd
/home/max


groupadd sales

[root@localhost ~]# tail -n 1 /etc/group
sales:x:1003:

usermod
  -g, --gid GROUP               force use GROUP as new primary group
  -G, --groups GROUPS           new list of supplementary GROUPS
  -a, --append                  append the user to the supplemental GROUPS mentioned by the -G option without removing him/her from other groups

[root@localhost ~]# usermod -aG sales max
[root@localhost ~]# grep max /etc/group
max:x:1002:
sales:x:1003:max

[root@localhost ~]# id max
uid=1002(max) gid=1002(max) groups=1002(max),1003(sales)

in passwd file there is no reference to secondary groups

[root@localhost ~]# id max
uid=1002(max) gid=1002(max) groups=1002(max),1003(sales)

passwd - accounts
shadow - passwords
etc/group
/etc/login,.defs 


  1. PASS_MAX_DAYS : Maximum number of days a password may be used. If the password is older than this, a password change will be forced.
  2. PASS_MIN_DAYS : Minimum number of days allowed between password changes. Any password changes attempted sooner than this will be rejected
  3. PASS_WARN_AGE : Number of days warning given before a password expires. A zero means warning is given only upon the day of expiration, a negative value means no warning is given. If not specified, no warning will be provided.
[root@localhost ~]# cat /etc/default/useradd 
# useradd defaults file
GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=
SHELL=/bin/bash
SKEL=/etc/skel
CREATE_MAIL_SPOOL=yes

The /etc/skel directory contains files and directories that are automatically copied over to a new user's home directory when such user is created by the useradd program



[root@localhost ~]# cat /etc/skel/.

./             ../            .bash_logout   .bash_profile  .bashrc        .mozilla/ 

how to add default file to user home dir
[root@localhost ~]# cd /etc/skel
[root@localhost skel]# touch newfile
[root@localhost skel]# useradd lisa
[root@localhost skel]# su - lisa
[lisa@localhost ~]$ ls -al
total 12
drwx------. 5 lisa lisa 122 May 13 16:09 .
drwxr-xr-x. 5 root root  39 May 13 16:09 ..
-rw-r--r--. 1 lisa lisa  18 Aug  2  2016 .bash_logout
-rw-r--r--. 1 lisa lisa 193 Aug  2  2016 .bash_profile
-rw-r--r--. 1 lisa lisa 231 Aug  2  2016 .bashrc
drwxrwxr-x. 3 lisa lisa  18 May 13 16:09 .cache
drwxrwxr-x. 3 lisa lisa  18 May 13 16:09 .config
drwxr-xr-x. 4 lisa lisa  39 Apr 16 20:36 .mozilla
-rw-r--r--. 1 lisa lisa   0 May 13 16:09 newfile
==========================


to lock user
# take away peters password
sudo passwd -l peter
To unlock him:
# give peter back his password
sudo passwd -u peter



[root@localhost ~]# chage -l max

Last password change : May 13, 2017
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7


[root@localhost ~]# grep max /etc/shadow
max:$6$fsesUeEF$Z/xafyL7f91A7oOKgUWhvc84Qx8HSjRdtatPFCyCGg8D2hknX3/0h152EXosnsX/HkgG6DCs0EXobRY/S/1FC.:17299:0:99999:7:::
[root@localhost ~]# passwd -l max
Locking password for user max.
passwd: Success
[root@localhost ~]# grep max /etc/shadow
max:!!$6$fsesUeEF$Z/xafyL7f91A7oOKgUWhvc84Qx8HSjRdtatPFCyCGg8D2hknX3/0h152EXosnsX/HkgG6DCs0EXobRY/S/1FC.:17299:0:99999:7:::

[root@localhost ~]# 

set expiration date
[root@localhost ~]# chage -E 2017-09-9 max
[root@localhost ~]# chage -l max
Last password change : May 13, 2017
Password expires : never
Password inactive : never
Account expires : Sep 09, 2017
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7

[root@localhost ~]# 

[root@localhost ~]# grep max /etc/shadow
max:$6$fsesUeEF$Z/xafyL7f91A7oOKgUWhvc84Qx8HSjRdtatPFCyCGg8D2hknX3/0h152EXosnsX/HkgG6DCs0EXobRY/S/1FC.:17299:0:99999:7::17418:
[root@localhost ~]# 

Comments

Popular posts from this blog

HAproxy logging

teamcity Automatic Agent Start under Linux

NFS mount add in fstab _netdev instead of default | firewall-cmd --list-all