lk/basics/users.md

269 lines
3.6 KiB
Markdown
Raw Permalink Normal View History

2022-01-16 18:20:39 +00:00
---
title: "users"
2022-01-26 21:29:48 +00:00
tags: [ "Documentation", "Basics" ]
2022-01-16 18:20:39 +00:00
---
2020-01-02 17:40:18 +00:00
# Basic Information
Let's get some entries with 'getent', e.g. passwd or group.
```bash
getent passwd
```
2020-01-02 17:40:18 +00:00
```bash
getent group
```
2020-01-02 17:40:18 +00:00
Obviously:
```bash
getent shadow
```
2020-01-02 17:40:18 +00:00
## Examples
```bash
sudo adduser maestro
```
2020-01-02 17:40:18 +00:00
add user 'maestro'
This depends upon the settings in the /etc/default/useradd file and /etc/login.defs
```bash
sudo useradd -m pinkie
```
2020-01-02 17:40:18 +00:00
add user 'pinkie' with a home directory
```bash
sudo adduser -m -e 2017-04-25 temp
```
2020-01-02 17:40:18 +00:00
add expiry date to user
```bash
userdel maestro
```
2020-01-02 17:40:18 +00:00
delete maestro
```bash
userdel -r maestro
```
2020-01-02 17:40:18 +00:00
delete maestro and hir homefolder
```bash
groups
```
2020-01-02 17:40:18 +00:00
find which group you are in
```bash
id
```
2020-01-02 17:40:18 +00:00
same
```bash
id -Gn maestro
```
2020-01-02 17:40:18 +00:00
Find which groups maestro is in
```bash
deluser --remove-home maestro
```
2020-01-02 17:40:18 +00:00
delete user maestro
```bash
usermod -aG sudo maestro
```
2020-01-02 17:40:18 +00:00
Add user maestro to group sudo:
2020-01-02 17:40:18 +00:00
```bash
cat /etc/passwd
```
2020-01-02 17:40:18 +00:00
list users' passwords (and therefore users)
```bash
groupadd awesome
```
2020-01-02 17:40:18 +00:00
create the group 'awesome'
Passwords are stored in /etc/shadow.
2020-01-02 17:40:18 +00:00
There are user accounts for processes such as 'bin' and 'nobody' which are locked, so they're unusable.
2020-01-02 17:40:18 +00:00
```bash
passwd -l bin
```
2020-01-02 17:40:18 +00:00
Lock the user 'bin'.
2020-01-02 17:40:18 +00:00
```bash
more /etc/passwd | grep games
```
2020-01-02 17:40:18 +00:00
we find the name, password and user id of the user 'games'. I.e. the password is 'x', and the user id is '5'. The password is an impossible hash, so no input password could match.
```bash
groupdel learners | delete the group 'learners'
```
2020-01-02 17:40:18 +00:00
```bash
gpasswd -d pi games | remove user 'pi' from the group 'games'
```
2020-01-02 17:40:18 +00:00
```bash
id games
```
2020-01-02 17:40:18 +00:00
find the id number of group 'games' (60)
```bash
usermod -aG sudo maestro
```
2020-01-02 17:40:18 +00:00
add user to group 'maestro'
user info is stored in /etc's passwd, shadow, group and gshadow
# Defaults
The default new user profiles are under /etc/skel.
# Shells
A list of shells is in /etc/shells.
Only root can run shells not listed in /etc/shells
To change a user's shell:
usermod --shell /bin/bash user1
Alternatively, change the shell in /etc/passwd.
Usermod also lets you change a user's username:
```bash
usermod -l henry mark
```
2020-01-02 17:40:18 +00:00
However, this will not change the home directory.
Lock a user out of an account:
usermod -L henry
# More Arguments
-G or -groups adds the user to other groups:
```bash
usermod -G sudo henry
```
2020-01-02 17:40:18 +00:00
-s adds the user to a shell.
-u let's you manually specifiy a UID.
# Groups
In /etc/group, a group file may look like this:
`sudo:x:27:mike,steve`
We can use groupmod, like like usermod, e.g. to change a name:
```bash
groupmod -n frontoffice backoffice
```
2020-01-02 17:40:18 +00:00
Delte a group:
```bash
groupdel frontoffice
```
2020-01-02 17:40:18 +00:00
# Logins
2020-01-02 00:04:35 +00:00
See list of logged on users.
```bash
w
```
2020-01-02 00:04:35 +00:00
See last logons:
```bash
last
```
2020-01-02 00:04:35 +00:00
or all logon attempts, including bad attempts:
```bash
lastb
```
2020-01-02 00:04:35 +00:00
List recently accessed files:
```bash
last -d
```
2020-01-02 00:04:35 +00:00
See files opened by steve
```bash
lsof -t -u steve
```
2020-01-02 00:04:35 +00:00
See files opened by anyone but steve
```bash
lsof -u ^steve
```
2020-01-02 00:04:35 +00:00
2020-01-02 17:40:18 +00:00
# Looking for Dodgy Files
2020-01-02 00:04:35 +00:00
Some files can be executed by people as if they had super user permissions, and that's okay... sometimes.
Let's start with files executable by user:
```bash
sudo find / -type f -perm -g=s -ls
```
2020-01-02 00:04:35 +00:00
And then those executable by the group:
```bash
find / -type f -perm -g=s -ls
```
2020-01-02 00:04:35 +00:00
And finally, worrying files, executable by anyone as if sie were the owner:
```bash
find / -xdev \( -o -nogroup \) -print
```
2020-01-02 00:04:35 +00:00
Then have a look at resource usage per user.
# SGID
2020-01-02 00:04:35 +00:00
```bash
sudo chmod u+s process.sh
```
2020-01-02 00:04:35 +00:00
This will modify process.sh to that instead of being simply executable, anyone executing it will have the permissions as if owner while executing it.