IntroductionIn this lab you're going to practice creating user accounts using multiple methods. You will change settings on the user accounts, and create groups to organize the accounts. Then you will use the accounts and groups to manage permissions to data.Creating User AccountsFirst we're going to create a user account using the useradd command. Open the terminal and create a user account for Crystal Clear. Type sudo useradd -d /home/cclear/ -m cclear and hit enter. Look at the end of /etc/passwd and /etc/shadow to make sure the account was created. Type tail -n 1 /etc/passwd and hit enter to see the last line of /etc/passwd. Type sudo tail -n 1 /etc/shadow and hit enter to see the last line of /etc/shadow. Adding the -d and -m will tell the useradd command to create the user's home directory. Before we can use Crystal's account we need to set a password, type sudo passwd cclear and hit enter. Enter P@ssw0rd for the password. Switch to Crystal's account using the su command. Type in su cclear and hit enter and use P@ssw0rd to sign in. Notice when you're signed in with Crystal's account the working directory didn't change, but the way it's displayed does. The tilde is no longer used since the working directory isn't Crystal's home directory. Type in exit and press enter to log out of Crystal's account, Ctrl + D will do the same thing. Now we're going to use the adduser script to add an account for Robin Graves. Type in sudo adduser rgraves and hit enter.
Next we're going to use the finger command to check settings on Robin's account. Before we can use the finger command we need to install it, type in sudo apt-get install finger and press enter. Use the finger command on Robin's account and check the accounts properties. Type in finger rgraves and hit enter. Notice you can see her home directory information as well as her default shell. Managing Users and GroupsWe created two accounts using different methods. When we did this there are some differences in the way the accounts were created. Let's look at the last two lines of the /etc/passwd file, type in tail -n 2 /etc/passwd and hit enter. Notice Crystal's account doesn't have a default shell set. Let's set Crystal's account to use the bash shell by default. Type in sudo usermod -s /bin/bash cclear and hit enter. Then finger Crystal's account to make sure it worked. Type in finger cclear and hit enter. Crystal works in the HR department. We need to create a group for the HR department and add her to it. Type in sudo groupadd HR and hit enter. Then add Crystal to the HR group by typing sudo usermod -G HR cclear and hit enter. Finally make sure Crystal is a member of the group. Type in groups cclear and hit enter. Note: Information from this section is needed to answer lab question 3. We're going to start off by creating a shell script, type in echo \#\!\/bin\/bash > HelloWorld.sh; echo echo Hello World >> HelloWorld.sh and hit enter. Once the script is created try and execute it, type in ./HelloWorld.sh and hit enter. You'll receive an error message telling you permissions denied. This is because we don't have the permission to execute it. Type in ls -l HelloWorld.sh and hit enter. You will see the permissions are rw-r--r--, we need to change the permissions to rwxr--r-- to add the execute permission. Type in chmod u+x HelloWorld.sh and hit enter, this will add the execute permission to the user account. Type in ls -l HelloWorld.sh and hit enter to verify the permissions changed, they should be rwxr--r--. Try and run the script by typing ./HelloWorld.sh and hitting enter. If everything was done right you should see a "Hello World" message. Now we're going to log into Crystal's account and try to run the script, type in su cclear and hit enter. Login using P@ssword as the password. Try to run the HelloWorld script by typing ./HelloWorld.sh and hit enter. You will find out Crystal doesn't have permission to run it. Logout of Crystal's account by typing exit and hitting enter, or press Ctrl + D. We want to change the permissions so other can execute the script. Currently the permissions are rwxr--r-- or 744. (rwx = 4+2+1; r-- = 4+0+0) We want to change the permissions to rwxr--r-x or 745 (r-x = 4+0+1), type in chmod 745 ./HelloWorld.sh and hit enter. Now log back into Crystals account and try to run the script. Type in su cclear and hit enter, then type ./HelloWorld.sh and hit enter. If everything was done right you should see a "Hello World" message. Before you continue with the lab you will need to test something out here to answer question 4. Once you have gathered the information you need to answer question 4 log out of Crystal's account by typing exit and hitting enter, or press Ctrl+D. Now we want to lock down that file so only Robin can access it. If you type in ls -l and hit enter you'll see the current permissions are rwxr--r--, we want to change that to rwx------ or 700. Type in chmod 700 HelloWorld.sh and hit enter. Type in ls -l and hit enter to verify the permissions were change to rwx------. Make sure you can run the script by typing ./HelloWorld.sh and hit enter. If everything was done right you should see a "Hello World" message. QuestionsAnswer the lab questions |
Labs > Linux Labs >