Basic User Management Labs

Lab: who

who

Lab: what

w

Lab: last

  1. List all user login, logout, and system reboot occurrences:
last
  1. List system reboot info only:
last reboot

Lab: lastb

lastb

Lab: lastlog

lastlog

Lab: id

  1. View info about currently active user:
id
  1. View info about another user:
id user1

Lab: groups

  1. View current user’s groups:
groups
  1. View groups of another user:
groups user1

Lab: user authentication files

  1. list of the four files and their backups from the /etc directory:
ls -l /etc/passwd* /etc/group* /etc/shadow* /etc/gshadow*
  1. View first and last 3 lines of the passwd file
head -3 /etc/passwd ; tail -3 /etc/passwd
  1. verify the permissions and ownership on the passwd file:
ls -l /etc/passwd
  1. View first and last 3 lines of the shadow file:
head -3 /etc/shadow ; tail -3 /etc/shadow
  1. verify the permissions and ownership on the shadow file:
ls -l /etc/shadow
  1. View first and last 3 lines of the group file:
head -3 /etc/group ; tail -3 /etc/group
  1. Verify the permissions and ownership on the group file:
ls -l /etc/group
  1. View first and last 3 lines of the gshadow file:
head -3 /etc/gshadow ; tail -3 /etc/gshadow
  1. Verify the permissions and ownership on the gshadow file:
ls -l /etc/gshadow

Lab: useradd and login.defs

  1. use the cat or less command to view the useradd file content or display the settings with the useradd command:
useradd -D
  1. grep on the/etc/login.defs with uncommented and non-empty lines:
grep -v ^# /etc/login.defs | grep -v ^$

Lab: Create a User Account with Default Attributes (root)

  1. Create user2 with all the default directives:
useradd user2
  1. Assign this user a password and enter it twice when prompted:
passwd user2
  1. grep for user2: on the authentication files to examine what the useradd command has added:
cd /etc ; grep user2: passwd shadow group gshadow
  1. Test this new account by logging in as user2 and then run the id and groups commands to verify the UID, GID, and group membership information:
su - user2
id
groups

Lab: Create a User Account with Custom Values

  1. Create user3 with UID 1010 (-u), home directory /usr/user3a (-d), and shell /bin/sh (-s):
useradd -u 1010 -d /usr/user3a -s /bin/sh user3
  1. Assign user1234 as password (passwords assigned in the following way is not recommended; however, it is okay in a lab environment):
echo user1234 | passwd --stdin user3
  1. grep for user3: on the four authentication files to see what was added for this user:
cd /etc ; grep user3: passwd shadow group gshadow
  1. Test this account by switching to or logging in as user3 and entering user1234 as the password. Run the id and groups commands for further verification.
su - user3 
id
groups

Lab: Modify and Delete a User Account

  1. Modify the login name for user2 to user2new (-l), UID to 2000 (-u), home directory to /home/user2new (-m and -d), and login shell to /sbin/nologin (-s).
usermod -l user2new -m -d /home/user2new -s /sbin/nologin -u 2000 user2
  1. Obtain the information for user2new from the passwd file for confirmation:
grep user2new /etc/passwd
  1. Remove user2new along with their home and mail spool directories (-r):
userdel -r user2new
  1. Confirm the user deletion:
grep user2new /etc/passwd

Lab: Create a User Account with No-Login Access (root)

  1. Look at the current nologin users:
grep nologin /etc/passwd
  1. Create user4 with non-interactive shell file /sbin/nologin:
useradd -s /sbin/nologin user4
  1. Assign user1234 as password:
echo user1234 | passwd --stdin user4
  1. grep for user4 on the passwd file and verify the shell field containing the nologin shell:
grep user4 /etc/passwd
  1. Test this account by attempting to log in or switch:
su - user4

Lab: Check User Login Attempts (root)

  1. execute the last, lastb, and lastlog commands, and observe the outputs.
last
lastb
lastlog
  1. List the timestamps when the system was last rebooted (last).
last | grep reboot

Lab 5-2: Verify User and Group Identity (user1)

  1. run the who and w commands one at a time, and compare the outputs.
who
w
  1. Execute the id and groups commands, and compare the outcomes. Examine the extra information that the id command shows, but not the groups command.
id
groups

Lab 5-3: Create Users (root)

  1. create user account user4100 with UID 4100 and home directory under /usr.
useradd -m -d /usr/user4100 -u 4100 user4100
  1. Create another user account user4200 with default attributes.
useradd user4200
  1. Assign both users a password.
passwd user4100
passwd user4200
  1. View the contents of the passwd, shadow, group, and gshadow files, and observe what has been added for the two new users.
cat /etc/passwd
cat /etc/shadow
cat /etc/group
cat /etc/gshadow

Lab: Create User with Non-Interactive Shell (root)

  1. Create user account user4300 with the disability of logging in.
useradd -s /sbin/nologin user4300
  1. Assign this user a password.
passwd user4300
  1. Try to log on with this user and see is displayed on the screen.
su - user4300
  1. View the content of the passwd file, and see what is there that prevents this user from logging in.
cat /etc/passwd