Linux – Users and Groups – Part 1

Ok.. Lets start with creating a group called “dba” and create user “oracle” belongs to “dba” group. We could see that from “/etc/passwd” that oracle user id is 1521 and primary group id is 5000.

users_groups1.JPG

But we haven’t set the password yet for “oracle” user. If we watch closely “/etc/shadow” password the second column is !! which suggests no password set. So lets set password and check again.

users_groups2

If you want to see password expiry, last change details #chage -l <user>. We can update the password expiry days using #chage -M <user>. Special number 99999 is it never expires which we want for most of the service accounts. You can also make account never expire using #chage -E -1 <user>

users_groups8

Password Lock:

We can lock the password so that user can not login using password #passwd -l <user>. If the password is locked then we can see double exclamation marks !! in the starting of second column.

users_groups3

Lets try logging into the account while the password is locked.

users_groups4

Unlock the password #passwd -u <user> and try again. We can also see the number of failed attempts.

users_groups5.JPG

While the password is locked user not allowed to change password.

While the password is locked user is still allowed to login using different mechanism – for e.g. SSH keys.

users_groups6.JPG

Check the lock status #passwd -S <user>

users_groups7

Account Lock:

Lock the account #usermod -L <user>. Note the sing exclamation mark (!) starting at second column.

users_groups9.JPG

Unlocak the account #usermod -U <user>

users_groups10

Account Expiry:

Lets make the account expired so that no one can login using any way ( password, ssh ).#chage -E 0 <user> expires the account.

users_groups12

Try logging again and it comes with the message “Your account has expired

users_groups13.JPG

Advertisements

One thought on “Linux – Users and Groups – Part 1

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s