Wednesday, 4 October 2017

Welcome to my second LinuxLab which is a special part of my preparation for LPIC-1. This lab was created according to Linux LPIC-1 Certification Bible where I have recently cover a several chapter including user management in Linux, file permissions, and so on. So, in this article I will focus on four assignments in order to complete this article and to demonstrate how to add a new user, creating a unique user group, setting file permissions and I will show you how to use ssh/sftp protocol in order to extract a report.txt file on your private server and etc. 

Written by: Amar Tufo
4. October, 2017

On the image above you can see the tasks for LinuxLab which we have to solve in this article. I have even planed to make a YouTube tutorial for this LinuxLab but I have decided to write an article and then I shall see about YoutTube part. Let's begin!

Creating a new user!

The first part of this LinuxLab is to create a new Linux user named ubuntugeek with it's home directory and new user group named ubuntustation. There are dozens tutorials available online on how to make a new Linux user as well as new user group. But in this article you need to understand several major things when creating a new user. One in particular is the way you are gonna access the newly created user in Linux; Second is /etc/passwd file which holds all information on user including it's name, group, user id, group id, user home directory, and login shell. Now, here's my sample of /etc/passwd file.

Image 1: /etc/passwd file for user amar
Image source: /home/amar/Desktop/image1

It's very important to understand the /etc/passwd file since information stored in this file are crucial when it comes to user management in Linux as you can use this file to add user manually to your Linux distribution. For more on /etc/passwd file check this link. Here are three key notes on /etc/passwd file. 

root account - this account is known as superuser and it is the most privileged account on a Linux system. It gives you the ability to administer the system by adding new accounts, changhing user passwd, examining log files, installing software and changing file permissions. 

nobody account - this account is used for system services and has no shell or home directory.

the /bin account - contains the home directory of /bin with no shell assignment. 

You can get the same information on the current user by typing the following command like in this sample down bellow. 

grep amar /etc/passwd

Once you type your user name, the output should be as follow:

Image 2: Output of the command grep amar /etc/passwd
Image source: /home/amar/Desktop/image2

In the following table, here's an explanation of the command above to understand what these information are.

Image 3: Explanation of the grep amar /etc/passwd command
Image source: /home/amar/Desktop/image3

The last thing I wanna note here is the user password. Now, Linux store user password in a unique file named /etc/shadow. The x: character you see in the table above represents my encrypted password which is stored in /etc/shadow file. Password is basically showed in a bunch of random letters and numbers which are difficult to read but safe and encrypted. In other hands, you don't want others to know your password. Here's my sample of /etc/shadow file.

Image 4: Output of the command sudo grep amar /etc/shadow 
Image source: /home/amar/Desktop/image4

Creating ubuntugeek user.

The output for your user name will be different than my which is ok. Now, we can start to make our ubuntugeek user with it's user group and home directory. The command you will see here are well tested for the purpose of this article. There are several ways to create a new Linux user and one way that I prefer is via useradd command using the following command syntax:

sudo useradd -m ubuntugeek

Once you type the following command, you should be able to see the newly created ubuntugeek user as on this image down bellow.

Image 5: Accessing newly created user ubuntugeek using su ubuntugeek command
Image source: /home/amar/Desktop/image5

One note: In order to access our ubuntugeek user, in command above I have use -m to tell the Terminal to force create ubuntugeek home directory. Without home directory, we won't be able to access ubuntugeek user neither it's data. Before we make our user group and add ubuntugeek inside it, we need to assign ubuntugeek password. We can do that using the following command: 

sudo passwd ubuntugeek

The output of the following command is as follow:

Image 6: Assigning ubuntugeek password
Image source: /home/amar/Desktop/image6

The name of your user is different than my in the sample above, but it's the same syntax you should follow in order to assign your user password or change an existing password and etc.

Creating group ubuntustation.

User groups are essential part in Linux. Basically it can be described as a collection of multiple users which have default permissions on the system files and etc. Note, that groups need to be manage some how and that's where permissions comes in to play. Permissions are important part of Linux security since they allow Linux System administrator to set the permission for user as root account, groups and others. This way, I can set the permission to read, write and execute certain file or limit other users to write or modify the file, but grant them to read and execute certain file and so on. More on groups, please click the following link. Before I show you how to create ubuntustation group for our ubuntugeek user, I will show you how to view file permissions over the files or directory. The following command is used to see the file permissions.

cd Desktop
cd application
ls -l

In the command above, I have chosen application directory on Desktop which I have listed using the ls -l command. Here's the output.

Image 7: Listing file permissions on the application directory content
Image source: /home/amar/Desktop/image7

Each file has a default permission set assigned to user (root account), groups and others. This default permissions are known by characters such as rwx as shown on image7 above. What they does or mean is important to know because you will work with them a loot. In short, here is a explanation of rwx characters:

read (r) - it allows the file to be viewed or directory content to be listed.

write (w) - it allows you to modify the file or to write to the file.

execute (x) - it allows you to run the file, program or execute a script.

In the image 7 you can clearly see -rwx characters in front of main.cpp file in my application directory. In this case, main.cpp is C++ source code file on which I have set the default permission for user (amar) which is rwx, group can rw but can't execute the file, and others can execute and read the main.cpp file. Here's a command which I have used to set the main.cpp permissions:

chmod u+rwx,g+rw,o-wx main.cpp

The command used in this sample is chmod (change mod). It's this command that allow Linux System administrator to grant access on certain files and directories for user, groups and others or to take them away at will in order to protect the system or user it self. Since this is a LinuxLab, I don't have time to explain chmod and file permissions in detail but if you are interested to know more about this command which I highly recommend, then visit this link.

Finally, let's make our ubuntustation group and to complete this article. The command used to create group is groupadd. Here's the full command.

groupadd ubuntustation

Now, there's nothing special to note or add here to this command. Only thing is that our newest group has been created and we can now add our ubuntugeek user to ubuntustation group using the following command.

sudo usermod -G ubuntustation ubuntugeek

In the command above I have used the usermod command to add ubuntugeek user to ubuntustation. The Terminal command to make sure that we have added ubuntugeek to ubuntustation is the following:

Image 8: Checking that ubuntugeek user is part of ubuntustation group
Image source: /home/amar/Desktop/image8

This is it. We have successfully added our ubuntugeek to ubuntustation group and therefore completed this first part of my LinuxLab. Make sure to read entire article, comment it, share it via social media and please if you note errors while reading this article weather in text or Linux commands used in this article, please comment it down bellow so that I can fix it and update it as soon as possible. Until the next time, I see you soon in part two of my LinuxLab. 


0 komentari:

Post a Comment



Follow me on Facebook:

Popular Posts