System Admin Class Spring 2006 HW5/Lab - Part B Due 2 weeks after last lab class dealing with hw5 Your Name ___________________________ Follow all the below steps, and answer the questions. Type up your answers neatly. There are two parts to this assignment..Part A and Part B. Part B we will do together in class!!! ------------------------------------------------------- --------------------------------------------------------------------- --------------------------------------------------------------------- PART B DO NOT PROCEED FURTHER UNTIL I AM IN CLASS WITH YOU !!!!! 10. Account Management - manual method You will see how to create accounts manually, and with a gui tool. Account creation, deletion, changing passwords, etc.. are all part of the account management process...something every system admin is involved with daily. Both the gui method and manual method to manage accounts is important to know. Login as root, and change directory to the /etc directory. cd /etc Now using emacs, edit the file /etc/passwd and create a new account for yourself. Something like: name:x:31000:100:name information:/home/name:/bin/csh where name the login name for the account you are creating, let that be your first name (8 characters max), where 31000 is your id number,and 100 is the group id number. Note that the password field is "x", which means a shadow password file is used for the actual encrypted passwords. Add this to the end of the file (last record). Of course "/home/name" should be whatever name you picked (like stan or fred or whatever name is yours). Save the file. Next edit /etc/shadow and add the following as the last line (last record) in the file: (be careful..there are 8 colons below) name:::::::: Edit /etc/group and look for an entry for the group "users" with the groupid number of 100. Add the above name to that group. users::100:name Again, with all of the above and below, "name" is th login name of the account you are creating. Also create a home directory for the above user (and check and change permissions/group/ownership as needed). cd /home mkdir name ls -l chown name name chgrp users name ls -l (double check permissions, ownership and group) Q. Now logout as administrator and then try signing on to the above account....does it work? Q. Did you have to enter a password? Why or why not? Q. what directory did it drop you into, when you logged in (check with the command "pwd" - print working directory). Next, sign back on as root, and look at the end of the password file "tail /etc/shadow", pay attention to the password field in the account you added. Next change its password using the command passwd name pick an easy password (a1b2c3). Look at /etc/shadow again (tail /etc/shadow). You should see the password again, in encrypted format. Logoff and log back on with this new account name and password. It should all work. Q. What did the passwd look like in /etc/shadow? Did it look like a1b2c3? Login as root again. Thus the above is the way to create an account, using a manual method. 11. Account Management - gui method Click on the Red Hat icon --> System Settings --> Users and Groups. This tool will allow you to manage user accounts (add users, delete users, change passwords, etc..) and also manage groups as needed. It automatically makes the needed changes to /etc/passwd, /etc/shadow and /etc/group, without you have to manually change the files. Q. What accounts do you see listed by default? (what name, user id, group, home directory, etc..) Next, click on Preferences and uncheck the box that says "filter system users and groups". Thus you should now see listed all system accounts also. Q. With the root account, what is its User ID number? Where is its home directory? Click on the root account and click on properties. Q. What info can you change/set regarding this account..look under all tabs. Can you expire accounts? Expire passwords? What else can you do? Next pick "Add User". Lets create a new user account called "megan". Give is a password (a1b2c3). Uncheck the box "create a private group for the user". After you create the account, check the "group" tab and see what group did they put megan into by default. Q. Which group? and then logoff as root and log back in as the user and see if it works. Q. What location (pwd) did the system drop you in when you logged in as megan? Q. Check the end of /etc/passwd and /etc/shadow, do you see the entry for this new user? What does it look like? Q. do you see an entry for them in /etc/group? What does it look like? Go back into User and Groups and delete this new account. (highlight "megan" and pick "delete") Pick "yes" when it asks you to delete the home directory also. Q. Check /etc/passwd and /etc/shadow again, is that account still listed? Does its home directory still exist? tail /etc/passwd tail /etc/shadow cd /home ls -l Q. Try logging off as root and logging back in as megan. Can you? Thus this User and Groups tool, allows you manage user accounts, including adding/deleting users, change/set passwords, lock accounts and other features. You can also manipulate groups via this too. A very handy gui tool for account management under linux. The End!!!