Create and delete local user accounts

- [Instructor] In Linux, every user has a username, a numeric user ID and belongs to at least one group for use with discretionary access control. Discretionary access control meaning access is granted based on who the user is and what group or groups they belong to. User account information is stored in /etc/passwd. User passwords and account aging are stored in /etc/shadow. User account defaults for commands and the shadow utilities are stored in /etc/login.defs. Those tools that use the login.defs file, would include useradd, userdel, usermod, groupadd, groupdel and groupmod commands as well as the change command among others. This login.defs file contains settings for the password aging, minimum and maximum numbers for user IDs, minimum and maximum numbers for system user IDs, minimum and maximum numbers for user group IDs and minimum and maximum numbers for system group IDs. You will notice that in both cases the system ID numbers are less than 1,000. Also configured in this file is whether to create initial home directories or not. And the hash and coding type such as MD5 or SHA512. Default settings for the user add command are stored in /etc/useradd. This includes where home directories are created, whether the account should expire, which shell to use if not specified in the command line, whether to create a mail spool or not and where the skeleton directory resides. The skeleton directory contains the files that are copied to each new user's home directory automatically. These would include any shell initialization files or any other files you want included in any new user's home directory, in my case, Firefox browser configuration. Other user authentication settings are in the /etc/pam.d directory where configuration files for the pluggable authentication modules are stored. We won't be covering pluggable authentication modules in this course. The process of creating users in Linux is fairly straightforward, for this exercise, I'll be using my RHhost1 VM. Let's go to our terminal and type in user add with no arguments. (keys clacking) Here we see the many options for the user add command. Thanks to the stored defaults, we don't have to specify any of these options to create a user. Any options that we leave out are taken from the system defaults. Let's create a new user now by typing in clear and then type in sudo space, useradd space, bob and hit enter. Then type in your password if prompted. We can verify that this user exists by viewing the etc password file using cat. Type in cat space /etc/passwd and hit enter. The very last line is the account information for the new username Bob. The first column in the line is the username. The second column is the placeholder for the password, in the distant past, the encoded password was stored here. This X tells us that we're using the shadow suite and the password is stored in the /etc/shadow file. The third column is a user's numeric ID number. The fourth column is a primary group ID number, every user has to belong to at least one group which is their primary group. When the user creates files, they will be owned by this group. We can cross reference does group ID number in the etc group file. Type in cat space, /etc/group and hit enter. We see that Bob's primary group is also named Bob. In Red Hat based distributions, the primary group is a group with the same name as the user and is created automatically, but note that not all distributions act this way. The fifth column is the GECOS field which is used to store general records. Often we think of it as a comment field for storing information about the user account, don't put anything sensitive here as this file is world readable. The sixth column is a user's home directory where they'll store their files. This location is configured in the /etc/login.defs file as well. The seventh and last column is the shell to execute upon login. The last thing we'll do is view the password and aging information in the etc shadow file. We need to elevate privileges using sudo for this. Type in clear, and then type in sudo space, cat /etc/shadow and hit enter. The last line belongs to the new username, Bob. We can see that the second column where the password should be, has two exclamation points, this means the password has not been set yet, and thus Bob can't log in. Let's set the password using the password command and view the etc shadow file again. Type in clear and then type in sudo space, passwd space, Bob and hit enter. Now enter Bob's password twice. (keys clacking) And then type in sudo space, cat space, /etc/shadow and hit enter. Now we see that the Bob user has an encoded password in the second field. Let's also look in /home for home directories. Type in clear and then type in ls space, /home and hit enter. We see that the Bob user's home directory is present, this is a setting in the login.defs file, and now all the next distributions create the home directory automatically. Let's also lists hidden files inside of /home/Bob. Type in sudo space, ls space, -l for long list, a for all, space /home/bob and hit enter. The files we see are the skeleton files that were copied from the /etc/skel directory, also listed in the login.defs configuration file. Deleting users is pretty straightforward as well. If you'd like to delete the user but keep their home directory and files, you'd type sudo space, userdel space, bob. However, if you want to get rid of the Bob account and Bob's home directory including his files, you'd add the -r option to userdel and then hit enter. We can view the etc password file to verify that the account is gone. Type in cat space /etc/passwd and hit enter. If you want to verify that Bob's home directory has been removed as well, type in ls space /home and hit enter. To view more useradd options check the man page by typing a man space, useradd.