Part 1 – User management [this part is worth 50% of the marks for the test]
You have been asked to configure a computer system for a small company. The details are as
follows:
There are ten users, called Robert, Michael, Luke, Laura, Emily, Jimmy, Louise, Felix, Oscar,
Tiffany.
There are three project teams:
• “Red” – Robert, Michael, Laura, Tiffany, Oscar
• “Blue” – Jimmy, Louise, Emily, Felix, Michael
• “Green” – Oscar, Felix, Luke, Emily, Robert
Each project team needs a shared directory accessible only by the project members.
Each user needs:
• an initial password;
• some aliases to allow the user to use more readable command line commands (for
example using “dir”, “type”, “rename” and “delete” instead of their unfriendly
Linux equivalents “ls”, “cat”, “mv” and “rm”).
• a list of “logged on users” displayed when the user logs on.
Create a “/download” directory, where:
• any user who is a member of the “red” project can retrieve a file if they know it’s
name, but cannot use “ls” to find out the name of a file;
• users who are not members of the “red” project have no access to the directory;
• only Michael can add or delete files to the directory, or list its contents.
Obviously you will have to work from your bash. How to open a bash (or shell, or terminal) depends on your system. But I'm hoping you know how. Oh I might mention steps that are obvious, but I think you rather have me giving to much information as opposed to to little, right? I also hope you realise that sample test means you might get completely different questions on your actual test! (that is also mentioned in the pdf b.t.w.) the part in code boxes is all the text in your bash, the part in red is the text that you have to type. Oh and a last tip. when you are stuck, there's two options that might help you (and the pdf says they are allowed).
For examlpe if you're stuck on how to use useradd type:
Code:
$[color=red]man useradd[/color]
This will give you a detailed manual. You can get back to your bash simply by typing "q". Alternatively you can type:
Code:
$[color=red]useradd --help[/color]
This will give you a brief description on how to use it. You remain in your bash and don't need to exit.
Ok lets start over from the beginning. I made to many mistakes in the first method. So in order to get rid of some of the confusion let me type out a third method that is a combination of your friends method and mine. Note again that this is again not necesairly the best and perfect way. But inshaAllah, this tyme it will atleast work
So start with
Code:
$[color=red]sudo su[/color]
password:[color=red]******[/color]
#
Note that the prompt has changed from "$" to "#". That indicates you now have root access. However, not all linux-systems allow you to load a root-bash as regular user. If that is the case, you will have to login as root from the start. Anyway, now that we have root access we can start. The logical thing seems to me to first create the required groups. Type in:
Code:
#[color=red]groupadd redteam[/COLOR]
#[COLOR="Red"]groupadd blueteam[/COLOR]
#[COLOR="Red"]groupadd greenteam[/color]
Note that this time I used the name "redteam" instead of just "red" to avoid confusion between the directory, and the teamname.
Now one last step of preparation we are going to do. When creating users with useradd, it Copies any files located within the /etc/skel directory to the new home directory. This usually includes login and application startup scripts. Now part of the assignment was to make aliases for accessibility. these aliases have to be made in the startupscripts. So instead of doing that 10 times for all ten users, we are going to do that only once in the /etc/skel directory. The useraddfunction will then use our altered startupscript, and copy that one ten times, thus saving us a whole bunch of work. Now I don't know which text editor you are used to use from the shell (emachs, vi, nano) or did they teach you to use GUI-applications like gedit? Gedit is easiest to use, but you might run into problems with permissions when your are not logged in as root. therefor I normally use vi. So open the file we want to edit with your text editor of choice:
Code:
#[color=red]vi /etc/skel/.bashrc[/color]
or:
Code:
#[color=red]gedit /etc/skel/.bashrc[/color]
or:
Code:
#[color=red]emachs /etc/skel/.bashrc[/color]
or:
Code:
#[color=red]nano /etc/skel/.bashrc[/color]
Now I will explain the method with vi only. The terminal has changed and brought you into that file. You will see something like:
Code:
# ~/.bashrc: executed by bash(1) for non-login shells.
# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
# for examples
# If not running interactively, don't do anything
[ -z "$PS1" ] && return
...
...
...
Use the down-arrow on your keyboard to navigate all the way down. Near the end you will see the following lines:
Code:
# some more ls aliases
#alias ll='ls -l'
#alias la='ls -A'
#alias l='ls -CF'
Although this isn't really necessary, it would be a courtesy to the users to add your aliases right under those. So navigate your cursor to the empty line directly under it with your keyboard-arrows. Vi has two modes; navigation mode that allows you to navigate the text with your cursor and insertion mode that allows you to add text. So once you navigated to the preferred spot press "i" to start insertion mode and type the following lines:
Code:
[COLOR="Red"]alias dir='ls'
alias type='cat'
alias rename='mv'
alias delete='rm' [/COLOR]
Important note on using vi. During insertion mode you cannot use the navigation arrows or the backspace. If you make a typo, go back to navigation mode by pressing the esc button. Then navigate your cursor over the typo and press x to delete it, then navigate back to where you got. Press "i" again and continue typing. If you messed up and deleted something you shouldn't have, here's a way to solve that. First go to navigation mode by pressing esc. Then press colon ":" to go to options. You are now at the bottom of the window. Now type q! (force quit). Force quit allows you to exit without saving. Now you are back in the terminal and can load the text just like you did before and start over. When you are done with writing press esc. Then colon again, but this time write wq (write-quit) to first save your progress and then quit the editor.
Setting a new user:
Code:
#[color=red]useradd -g redteam -G greenteam -c "Robert" robert[/color]
And setting his password:
Code:
#[color=red]passwd robert[/color]
Changing password for user robert.
New password:[color=red]*******[/color]
Retype new password:[color=red]*******[/color]
Do this for all users:
Code:
#[color=red]useradd -G redteam,blueteam -c "Michael" michael[/color]
Don't forget their paswords:
Code:
#[color=red]passwd michael[/color]
Changing password for user michael.
New password:[color=red]*******[/color]
Retype new password:[color=red]*******[/color]
(Note that if you set their paswords to their names that all users will hence know all other user's pasword. Since robert is notified that his initial pasword is "robert" He'll be smart enough to figure out that micheal's pasword will be "michael". So that means that the initial days, before people change their paswords it will be very easy to breach security.
Making directories:
Code:
#[color=red]mkdir /home/red
mkdir /home/blue
mkdir /home/green
mkdir /home/download[/color]
Note that the reason I put these directories in teh home folder is because it will be iesier for users to navigate to them, and because the home folder is usually the biggest partition.But you can also set it to
/red instead of
/home/red
Now changing ownership:
Code:
#[color=red]chown :redteam /home/red
chown :blueteam /home/blue
chown :greenteam /home/green[/color]
This changes the group of directory /home/red to the "redteam"
Now we still have the download directory.
Code:
#[color=red]chown :redteam /home/download[/color]
This sets the groupowner to "redteam"
then without the colon we will set the personal owner.
Code:
#[color=red]chown michael /home/download[/color]
Now we want to change permission Type in:
Code:
#[color=red]chmod 070 /home/red
chmod 070 /home/blue
chmod 070 /home/green
chmod 710 /home/download[/color]
I still don't know how to do the list of logged in users. I know that in order to see the logged in users, you simply type in: "users" in your terminal, but I don't know how to set that automatically on log-in.
--x = permission one
-w- = permission two
-wx = permission three
r-- = permission four
r-x = permission five
rw- = permission six
rwx = permission seven
where x=execute; w=write and r=read
source:
http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch09_:_Linux_Users_and_Sudo