What are the three ways to properly edit the /etc/group files? (select three)
Expand section "9.7. Automatically Refreshing Package Database and Downloading Updates with Yum-cron" Collapse section "9.7. Automatically Refreshing Package Database and Downloading Updates with Yum-cron"
Show
Settings Close
Language and Page Formatting Options
Red Hat TrainingA Red Hat training course is available for Red Hat Enterprise Linux Chapter 4. Managing Users and Groups The control of users and groups is a core element of Red Hat Enterprise Linux system administration. This chapter explains how to add, manage, and delete users and groups in the graphical user interface and on the command line, and covers advanced topics, such as creating group directories. 4.1. Introduction to Users and GroupsWhile users can be either people (meaning accounts tied to physical users) or accounts that exist for specific applications to use, groups are logical expressions of organization, tying users together for a common purpose. Users within a group share the same permissions to read, write, or execute files owned by that group. Each user is associated with a unique numerical identification number called a user ID (UID). Likewise, each group is associated with a group ID (GID). A user who creates a file is also the owner and group owner of that file. The file is assigned separate read, write, and execute permissions for the owner, the group, and everyone else. The file owner can be changed only by 4, and access permissions can be changed by both the 4 user and file owner.Additionally, Red Hat Enterprise Linux supports access control lists (ACLs) for files and directories which allow permissions for specific users outside of the owner to be set. For more information about this feature, see Chapter 5, Access Control Lists. Reserved User and Group IDsRed Hat Enterprise Linux reserves user and group IDs below 1000 for system users and groups. By default, the User Manager does not display the system users. Reserved user and group IDs are documented in the setup package. To view the documentation, use this command: cat /usr/share/doc/setup*/uidgid The recommended practice is to assign IDs starting at 5,000 that were not already reserved, as the reserved range can increase in the future. To make the IDs assigned to new users by default start at 5,000, change the 6 and 7 directives in the 8 file:[file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated] Note For users created before you changed 6 and 7 directives, UIDs will still start at the default 1000.Even with new user and group IDs beginning with 5,000, it is recommended not to raise IDs reserved by the system above 1000 to avoid conflict with systems that retain the 1000 limit. 4.1.1. User Private GroupsRed Hat Enterprise Linux uses a user private group (UPG) scheme, which makes UNIX groups easier to manage. A user private group is created whenever a new user is added to the system. It has the same name as the user for which it was created and that user is the only member of the user private group. User private groups make it safe to set default permissions for a newly created file or directory, allowing both the user and the group of that user to make modifications to the file or directory. The setting which determines what permissions are applied to a newly created file or directory is called a umask and is configured in the juan:x:1001:1001::/home/juan:/bin/bash1 file. Traditionally on UNIX-based systems, the juan:x:1001:1001::/home/juan:/bin/bash2 is set to juan:x:1001:1001::/home/juan:/bin/bash3, which allows only the user who created the file or directory to make modifications. Under this scheme, all other users, including members of the creator’s group, are not allowed to make any modifications. However, under the UPG scheme, this "group protection" is not necessary since every user has their own private group. See Section 4.3.5, “Setting Default Permissions for New Files Using juan:x:1001:1001::/home/juan:/bin/bash2” for more information. A list of all groups is stored in the juan:x:1001:1001::/home/juan:/bin/bash5 configuration file. 4.1.2. Shadow PasswordsIn environments with multiple users, it is very important to use shadow passwords provided by the shadow-utils package to enhance the security of system authentication files. For this reason, the installation program enables shadow passwords by default. The following is a list of the advantages shadow passwords have over the traditional way of storing passwords on UNIX-based systems:
Most utilities provided by the shadow-utils package work properly whether or not shadow passwords are enabled. However, since password aging information is stored exclusively in the juan:x:1001:1001::/home/juan:/bin/bash7 file, some utilities and commands do not work without first enabling shadow passwords:
4.2. Managing Users in a Graphical EnvironmentThe Users utility allows you to view, modify, add, and delete local users in the graphical user interface. 4.2.1. Using the Users Settings ToolPress the Super key to enter the Activities Overview, type juan:x:1001:0 and then press Enter. The Users settings tool appears. The Super key appears in a variety of guises, depending on the keyboard and other hardware, but often as either the Windows or Command key, and typically to the left of the Space bar. Alternatively, you can open the Users utility from the Settings menu after clicking your user name in the top right corner of the screen. To make changes to the user accounts, first select the Unlock button and authenticate yourself as indicated by the dialog box that appears. Note that unless you have superuser privileges, the application will prompt you to authenticate as 4. To add and remove users, select the + and - button respectively. To add a user to the administrative group juan:x:1001:2, change the Account Type from juan:x:1001:3 to juan:x:1001:4. To edit a user’s language setting, select the language and a drop-down menu appears. Figure 4.1. The Users Settings Tool When a new user is created, the account is disabled until a password is set. The Password drop-down menu, shown in Figure 4.2, “The Password Menu”, contains the options to set a password by the administrator immediately, choose a password by the user at the first login, or create a guest account with no password required to log in. You can also disable or enable an account from this menu. Figure 4.2. The Password Menu 4.3. Using Command-Line ToolsApart from the Users settings tool described in Section 4.2, “Managing Users in a Graphical Environment”, which is designed for basic managing of users, you can use command line tools for managing users and groups that are listed in Table 4.1, “Command line utilities for managing users and groups”. Table 4.1. Command line utilities for managing users and groups UtilitiesDescription juan:x:1001:5 Displays user and group IDs. juan:!!:14798:0:99999:7:::7, juan:!!:14798:0:99999:7:::4, juan:x:1001:8 Standard utilities for adding, modifying, and deleting user accounts. juan:x:1001:9, juan:!::0, juan:!::1 Standard utilities for adding, modifying, and deleting groups. juan:!!:14798:0:99999:7:::2 Utility primarily used for modification of group password in the juan:!::3 file which is used by the juan:!::4 command. juan:!::5, juan:!::6 Utilities that can be used for verification of the password, group, and associated shadow files. juan:!::7, juan:!::8 Utilities that can be used for the conversion of passwords to shadow passwords, or back from shadow passwords to standard passwords. juan:!::9, ~]# ls -ld /home/juan drwx------. 4 juan juan 4096 Mar 3 18:23 /home/juan0 Similar to the previous, these utilities can be used for conversion of shadowed information for group accounts. 4.3.1. Adding a New UserTo add a new user to the system, type the following at a shell prompt as 4:
…where options are command-line options as described in Table 4.2, “Common useradd command-line options”. By default, the juan:!!:14798:0:99999:7:::7 command creates a locked user account. To unlock the account, run the following command as 4 to assign a password:
Optionally, you can set a password aging policy. See the Password Security section in the Red Hat Enterprise Linux 7 Security Guide. Table 4.2. Common useradd command-line options Option ~]# ls -ld /home/juan drwx------. 4 juan juan 4096 Mar 3 18:23 /home/juan4 'comment' comment can be replaced with any string. This option is generally used to specify the full name of a user. ~]# ls -ld /home/juan drwx------. 4 juan juan 4096 Mar 3 18:23 /home/juan5 home_directory Home directory to be used instead of default ~]# ls -ld /home/juan drwx------. 4 juan juan 4096 Mar 3 18:23 /home/juan6. ~]# ls -ld /home/juan drwx------. 4 juan juan 4096 Mar 3 18:23 /home/juan7 date Date for the account to be disabled in the format YYYY-MM-DD. ~]# ls -ld /home/juan drwx------. 4 juan juan 4096 Mar 3 18:23 /home/juan8 days Number of days after the password expires until the account is disabled. If ~]# ls -ld /home/juan drwx------. 4 juan juan 4096 Mar 3 18:23 /home/juan9 is specified, the account is disabled immediately after the password expires. If ~]# ls -la /home/juan total 28 drwx------. 4 juan juan 4096 Mar 3 18:23 . drwxr-xr-x. 5 root root 4096 Mar 3 18:23 .. -rw-r--r--. 1 juan juan 18 Jun 22 2010 .bash_logout -rw-r--r--. 1 juan juan 176 Jun 22 2010 .bash_profile -rw-r--r--. 1 juan juan 124 Jun 22 2010 .bashrc drwxr-xr-x. 4 juan juan 4096 Nov 23 15:09 .mozilla0 is specified, the account is not disabled after the password expires. ~]# ls -la /home/juan total 28 drwx------. 4 juan juan 4096 Mar 3 18:23 . drwxr-xr-x. 5 root root 4096 Mar 3 18:23 .. -rw-r--r--. 1 juan juan 18 Jun 22 2010 .bash_logout -rw-r--r--. 1 juan juan 176 Jun 22 2010 .bash_profile -rw-r--r--. 1 juan juan 124 Jun 22 2010 .bashrc drwxr-xr-x. 4 juan juan 4096 Nov 23 15:09 .mozilla1 group_name Group name or group number for the user’s default (primary) group. The group must exist prior to being specified here. ~]# ls -la /home/juan total 28 drwx------. 4 juan juan 4096 Mar 3 18:23 . drwxr-xr-x. 5 root root 4096 Mar 3 18:23 .. -rw-r--r--. 1 juan juan 18 Jun 22 2010 .bash_logout -rw-r--r--. 1 juan juan 176 Jun 22 2010 .bash_profile -rw-r--r--. 1 juan juan 124 Jun 22 2010 .bashrc drwxr-xr-x. 4 juan juan 4096 Nov 23 15:09 .mozilla2 group_list List of additional (supplementary, other than default) group names or group numbers, separated by commas, of which the user is a member. The groups must exist prior to being specified here. ~]# ls -la /home/juan total 28 drwx------. 4 juan juan 4096 Mar 3 18:23 . drwxr-xr-x. 5 root root 4096 Mar 3 18:23 .. -rw-r--r--. 1 juan juan 18 Jun 22 2010 .bash_logout -rw-r--r--. 1 juan juan 176 Jun 22 2010 .bash_profile -rw-r--r--. 1 juan juan 124 Jun 22 2010 .bashrc drwxr-xr-x. 4 juan juan 4096 Nov 23 15:09 .mozilla3 Create the home directory if it does not exist. ~]# ls -la /home/juan total 28 drwx------. 4 juan juan 4096 Mar 3 18:23 . drwxr-xr-x. 5 root root 4096 Mar 3 18:23 .. -rw-r--r--. 1 juan juan 18 Jun 22 2010 .bash_logout -rw-r--r--. 1 juan juan 176 Jun 22 2010 .bash_profile -rw-r--r--. 1 juan juan 124 Jun 22 2010 .bashrc drwxr-xr-x. 4 juan juan 4096 Nov 23 15:09 .mozilla4 Do not create the home directory. ~]# ls -la /home/juan total 28 drwx------. 4 juan juan 4096 Mar 3 18:23 . drwxr-xr-x. 5 root root 4096 Mar 3 18:23 .. -rw-r--r--. 1 juan juan 18 Jun 22 2010 .bash_logout -rw-r--r--. 1 juan juan 176 Jun 22 2010 .bash_profile -rw-r--r--. 1 juan juan 124 Jun 22 2010 .bashrc drwxr-xr-x. 4 juan juan 4096 Nov 23 15:09 .mozilla5 Do not create a user private group for the user. ~]# ls -la /home/juan total 28 drwx------. 4 juan juan 4096 Mar 3 18:23 . drwxr-xr-x. 5 root root 4096 Mar 3 18:23 .. -rw-r--r--. 1 juan juan 18 Jun 22 2010 .bash_logout -rw-r--r--. 1 juan juan 176 Jun 22 2010 .bash_profile -rw-r--r--. 1 juan juan 124 Jun 22 2010 .bashrc drwxr-xr-x. 4 juan juan 4096 Nov 23 15:09 .mozilla6 password The password encrypted with ~]# ls -la /home/juan total 28 drwx------. 4 juan juan 4096 Mar 3 18:23 . drwxr-xr-x. 5 root root 4096 Mar 3 18:23 .. -rw-r--r--. 1 juan juan 18 Jun 22 2010 .bash_logout -rw-r--r--. 1 juan juan 176 Jun 22 2010 .bash_profile -rw-r--r--. 1 juan juan 124 Jun 22 2010 .bashrc drwxr-xr-x. 4 juan juan 4096 Nov 23 15:09 .mozilla7. ~]# ls -la /home/juan total 28 drwx------. 4 juan juan 4096 Mar 3 18:23 . drwxr-xr-x. 5 root root 4096 Mar 3 18:23 .. -rw-r--r--. 1 juan juan 18 Jun 22 2010 .bash_logout -rw-r--r--. 1 juan juan 176 Jun 22 2010 .bash_profile -rw-r--r--. 1 juan juan 124 Jun 22 2010 .bashrc drwxr-xr-x. 4 juan juan 4096 Nov 23 15:09 .mozilla8 Create a system account with a UID less than 1000 and without a home directory. ~]# ls -la /home/juan total 28 drwx------. 4 juan juan 4096 Mar 3 18:23 . drwxr-xr-x. 5 root root 4096 Mar 3 18:23 .. -rw-r--r--. 1 juan juan 18 Jun 22 2010 .bash_logout -rw-r--r--. 1 juan juan 176 Jun 22 2010 .bash_profile -rw-r--r--. 1 juan juan 124 Jun 22 2010 .bashrc drwxr-xr-x. 4 juan juan 4096 Nov 23 15:09 .mozilla9 User’s login shell, which defaults to [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]00. [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]01 uid User ID for the user, which must be unique and greater than 999. Important The default range of IDs for system and normal users has been changed in Red Hat Enterprise Linux 7 from earlier releases. Previously, UID 1-499 was used for system users and values above for normal users. The default range for system users is now 1-999. This change might cause problems when migrating to Red Hat Enterprise Linux 7 with existing users having UIDs and GIDs between 500 and 999. The default ranges of UID and GID can be changed in the 8 file.Explaining the Process The following steps illustrate what happens if the command [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]03 is issued on a system that has shadow passwords enabled:
At this point, a locked account called [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]04 exists on the system. To activate it, the administrator must next assign a password to the account using the [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]38 command and, optionally, set password aging guidelines (see the Password Security section in the Red Hat Enterprise Linux 7 Security Guide for details). 4.3.2. Adding a New GroupTo add a new group to the system, type the following at a shell prompt as 4:[file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]0 …where options are command-line options as described in Table 4.3, “Common groupadd command-line options”. Table 4.3. Common groupadd command-line options OptionDescription ~]# ls -ld /home/juan drwx------. 4 juan juan 4096 Mar 3 18:23 /home/juan8, [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]41 When used with ~]# ls -la /home/juan total 28 drwx------. 4 juan juan 4096 Mar 3 18:23 . drwxr-xr-x. 5 root root 4096 Mar 3 18:23 .. -rw-r--r--. 1 juan juan 18 Jun 22 2010 .bash_logout -rw-r--r--. 1 juan juan 176 Jun 22 2010 .bash_profile -rw-r--r--. 1 juan juan 124 Jun 22 2010 .bashrc drwxr-xr-x. 4 juan juan 4096 Nov 23 15:09 .mozilla1 gid and gid already exists, juan:x:1001:9 will choose another unique gid for the group. ~]# ls -la /home/juan total 28 drwx------. 4 juan juan 4096 Mar 3 18:23 . drwxr-xr-x. 5 root root 4096 Mar 3 18:23 .. -rw-r--r--. 1 juan juan 18 Jun 22 2010 .bash_logout -rw-r--r--. 1 juan juan 176 Jun 22 2010 .bash_profile -rw-r--r--. 1 juan juan 124 Jun 22 2010 .bashrc drwxr-xr-x. 4 juan juan 4096 Nov 23 15:09 .mozilla1 gid Group ID for the group, which must be unique and greater than 999. [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]45, [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]46 key=value Override 8 defaults.[file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]48, [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]49 Allows creating groups with duplicate GID. ~]# ls -la /home/juan total 28 drwx------. 4 juan juan 4096 Mar 3 18:23 . drwxr-xr-x. 5 root root 4096 Mar 3 18:23 .. -rw-r--r--. 1 juan juan 18 Jun 22 2010 .bash_logout -rw-r--r--. 1 juan juan 176 Jun 22 2010 .bash_profile -rw-r--r--. 1 juan juan 124 Jun 22 2010 .bashrc drwxr-xr-x. 4 juan juan 4096 Nov 23 15:09 .mozilla6, [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]51 password Use this encrypted password for the new group. ~]# ls -la /home/juan total 28 drwx------. 4 juan juan 4096 Mar 3 18:23 . drwxr-xr-x. 5 root root 4096 Mar 3 18:23 .. -rw-r--r--. 1 juan juan 18 Jun 22 2010 .bash_logout -rw-r--r--. 1 juan juan 176 Jun 22 2010 .bash_profile -rw-r--r--. 1 juan juan 124 Jun 22 2010 .bashrc drwxr-xr-x. 4 juan juan 4096 Nov 23 15:09 .mozilla8 Create a system group with a GID less than 1000. 4.3.3. Adding an Existing User to an Existing GroupUse the juan:!!:14798:0:99999:7:::4 utility to add an already existing user to an already existing group. Various options of juan:!!:14798:0:99999:7:::4 have different impact on user’s primary group and on his or her supplementary groups. To override user’s primary group, run the following command as 4:[file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]1 To override user’s supplementary groups, run the following command as 4:[file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]2 Note that in this case all previous supplementary groups of the user are replaced by the new group or several new groups. To add one or more groups to user’s supplementary groups, run one of the following commands as 4:[file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]3 [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]4 Note that in this case the new group is added to user’s current supplementary groups. 4.3.4. Creating Group DirectoriesSystem administrators usually like to create a group for each major project and assign people to the group when they need to access that project’s files. With this traditional scheme, file management is difficult; when someone creates a file, it is associated with the primary group to which they belong. When a single person works on multiple projects, it becomes difficult to associate the right files with the right group. However, with the UPG scheme, groups are automatically assigned to files created within a directory with the setgid bit set. The setgid bit makes managing group projects that share a common directory very simple because any files a user creates within the directory are owned by the group that owns the directory. For example, a group of people need to work on files in the [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]58 directory. Some people are trusted to modify the contents of this directory, but not everyone.
4.3.5. Setting Default Permissions for New Files Using juan:x:1001:1001::/home/juan:/bin/bash2When a process creates a file, the file has certain default permissions, for example, [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]68. These initial permissions are partially defined by the file mode creation mask, also called file permission mask or umask. Every process has its own umask, for example, bash has umask [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]69 by default. Process umask can be changed. What umask consists ofA umask consists of bits corresponding to standard file permissions. For example, for umask [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]70, the digits mean that:
Umasks can be represented in binary, octal, or symbolic notation. For example, the octal representation [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]70 equals symbolic representation [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]77. Symbolic notation specification is the reverse of the octal notation specification: it shows the allowed permissions, not the prohibited permissions. How umask worksUmask prohibits permissions from being set for a file:
The following figure shows how umask [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]70 affects creating a new file. Figure 4.3. Applying umask when creating a file Important For security reasons, a regular file cannot have execute permissions by default. Therefore, even if umask is [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]79, which does not prohibit any permissions, a new regular file still does not have execute permissions. However, directories can be created with execute permissions: 14.3.5.1. Managing umask in ShellsFor popular shells, such as [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]80, [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]81, [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]82 and [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]83, umask is managed using the juan:x:1001:1001::/home/juan:/bin/bash2 shell [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]85. Processes started from shell inherit its umask.Displaying the current mask To show the current umask in octal notation: 2To show the current umask in symbolic notation: 3Setting mask in shell using umaskTo set umask for the current shell session using octal notation run: 4Substitute octal_mask with four or less digits from ~]# ls -ld /home/juan drwx------. 4 juan juan 4096 Mar 3 18:23 /home/juan9 to [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]75. When three or less digits are provided, permissions are set as if the command contained leading zeros. For example, umask [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]75 translates to [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]89. Example 4.1. Setting umask Using Octal Notation To prohibit new files from having write and execute permissions for owner and group, and from having any permissions for others: 5Or simply: 6To set umask for the current shell session using symbolic notation: 7Example 4.2. Setting umask Using Symbolic Notation To set umask [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]90 using symbolic notation: 8Working with the default shell umaskShells usually have a configuration file where their default umask is set. For [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]80, it is juan:x:1001:1001::/home/juan:/bin/bash1. To show the default [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]80 umask: 9The output shows if umask is set, either using the juan:x:1001:1001::/home/juan:/bin/bash2 command or the [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]95 variable. In the following example, umask is set to juan:x:1001:1001::/home/juan:/bin/bash3 using the juan:x:1001:1001::/home/juan:/bin/bash2 command: 0To change the default umask for [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]80, change the juan:x:1001:1001::/home/juan:/bin/bash2 command call or the [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]95 variable assignment in juan:x:1001:1001::/home/juan:/bin/bash1. This example changes the default umask to 02: 1Working with the default shell umask of a specific userBy default, [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]80 umask of a new user defaults to the one defined in juan:x:1001:1001::/home/juan:/bin/bash1. To change [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]80 umaskfor a particular user, add a call to the juan:x:1001:1001::/home/juan:/bin/bash2 command in 07 file of that user. For example, to change [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]80 umask of user 09 to 02: 2Setting default permissions for newly created home directoriesTo change permissions with which user home directories are created, change the [file contents truncated] UID_MIN 5000 [file contents truncated] GID_MIN 5000 [file contents truncated]95 variable in the 8 file: 34.4. Additional ResourcesFor more information on how to manage users and groups on Red Hat Enterprise Linux, see the resources listed below. Installed DocumentationFor information about various utilities for managing users and groups, see the following manual pages: What is used to specify a group ID?-g, –gid GID : This option is used to provide a group id (numeric) to the new group, and it should be non-negative and unique unless explicitly created to be non-unique (using -o option). If this option is not used, the default id is assigned, which is greater than every other group already present.
What commands would grant additional users access to use the sudo command quizlet?You need to add an administrator to the /etc/sudoers file to give them the ability to use the sudo command.
Where should administrators set system wide variables on a Linux system rather than editing the etc profile file directly?d/ directory serves as a storage location for scripts administrators may use to set additional system-wide variables. It is recommended you set the environment variables via scripts contained in /etc/profile. d/ rather than editing the /etc/profile file directly.
What command can an administrator use to change the password of an existing user account in quizlet?Chmod (Change Mode) allows the user to change the access (mode) of a file to read, write, execute, or a combination of those permissions. The passwd (password) command is used to change a Linux user's password. The chown (Change Owner) command is used to modify the file owner or group owner assignment.
|