Unix System AdministrationUnix System Administration

Chapter 6Chapter 6

Adding New UsersAdding New Users

Bob + Jane = Adding UsersBob + Jane = Adding Users

Edit /etc/passwd (& /etc/shadow if Edit /etc/passwd (& /etc/shadow if necessary)necessary)

Set the password using passwd commandSet the password using passwd command Create the user’s home directoryCreate the user’s home directory Copy config files (dot files) to the home Copy config files (dot files) to the home

directorydirectory Setup any mail aliasesSetup any mail aliases

How Many Users Does It Take How Many Users Does It Take To Screw-Up Your System?To Screw-Up Your System?

Add user to any secondary groups via Add user to any secondary groups via /etc/group/etc/group

Record account info (paper)Record account info (paper) Enter user into site-wide database (e.g. Enter user into site-wide database (e.g.

LDAP)LDAP) Configure disk quotaConfigure disk quota verify account is setup correctlyverify account is setup correctly

Can’t Unix People Spell?Can’t Unix People Spell?

/etc/passwd format/etc/passwd format– username (must be uniq)username (must be uniq)– encrypted password (“x” if shadow used)encrypted password (“x” if shadow used)– userid (does not need to be uniq, 0-65535)userid (does not need to be uniq, 0-65535)– groupid (primary group)groupid (primary group)– gecos (comment or real name field)gecos (comment or real name field)– home directory locationhome directory location– login shell (empty = /bin/sh)login shell (empty = /bin/sh)

Everybody Has a Better Everybody Has a Better MousetrapMousetrap

Edit the password file using vipw or just viEdit the password file using vipw or just vi Other utilities to ease account creation and Other utilities to ease account creation and

managementmanagement– Most OS’s have a utility to add usersMost OS’s have a utility to add users– useradd/usermod/userdel (Linux, Solaris, …)useradd/usermod/userdel (Linux, Solaris, …)– admintool (Solaris)admintool (Solaris)– smit or smitty (AIX)smit or smitty (AIX)– linuxconf (Linux)linuxconf (Linux)

Size Does MatterSize Does Matter

64 (1 char password)64 (1 char password) 4,096 (2 char password)4,096 (2 char password) 262,144 (3 char password)262,144 (3 char password) 16,777,216 (4 char password)16,777,216 (4 char password) 1,073,741,824 (5 char password)1,073,741,824 (5 char password) 68,719,476,736 (6 char password)68,719,476,736 (6 char password) 4,398,046,511,104 (7 char password)4,398,046,511,104 (7 char password) 281,474,976,710,656 (8 char password) 281,474,976,710,656 (8 char password)

So Long Sucker, Er, I Mean So Long Sucker, Er, I Mean AlumniAlumni

Removing a userRemoving a user– backup all user info (below) firstbackup all user info (below) first– remove entries in /etc/passwd and /etc/shadowremove entries in /etc/passwd and /etc/shadow– remove userid from /etc/groupremove userid from /etc/group– remove any entries in /etc/aliasesremove any entries in /etc/aliases– remove mail spool file (INBOX)remove mail spool file (INBOX)– remove home directoryremove home directory

I Have The PowerI Have The Power

Setting quotasSetting quotas– edquota usernameedquota username– edquota -p protousername usernameedquota -p protousername username

Disabling account (but not removing)Disabling account (but not removing)– passwd -l usernamepasswd -l username

Stop Your Web Browsing and Stop Your Web Browsing and Pay Attention!Pay Attention!

Name a possible problem with reusing Name a possible problem with reusing UIDs.UIDs.

What/who is PAM?What/who is PAM?

How many characters are actually used in How many characters are actually used in the password?the password?