Hands-on Lab

User Groups and

Accounts Tasks
Contents
Setting Up Password Parameters 1

Adding Users 1

Adding Groups 2

Create Folders 3

Group Ownership 3

File Ownership 4

Add Users to Groups 4

Removing a User 5

Review 5
User Groups and Accounts Tasks

This lab covers how to create user groups and then manage those groups by assigning them
account tasks, folders, and other privileges.

Setting Up Password Parameters

Log in to the provided lab instance using the credentials provided on the Hands-on Lab page
and make yourself the root user using sudo su -.

Once we sign in to the instance, we need to change some of the login information, specifically
the password information. To do so, use your preferred text editor.

[root@linuxacademy ~]# $EDITOR /etc/login.defs

Change the maximum amount of days a password can be used, the minimum amount of days
allowed between password changes, the minimum password length, and the number of days
that a warning is provided before the password expires. To do this, we’ll be using the i command
to insert the new values. We’ll be changing the MAX to 60, length to 10, and WARN to 10. Note
that you can make these whatever you want, we’re just using these numbers for this example.

PASS_MAX_DAYS 60
PASS_MAX_DAYS 0
PASS_MIN_LEN 10
PASS_WARN_AGE 10

Once finished, save and quit and file.

Adding Users
With the password parameters set, we will now move on to adding our new users. For our
example, we are using usernames that are only five characters long. Usernames can be longer
or shorter than this, but we will only be using five. While adding the users, we will use the
comment field, -c, when adding the user’s name.

[root@linuxacademy ~]# useradd -c "Sam Browne" sbrow

[root@linuxacademy ~]# useradd -c "Caius Marco" cmarc
[root@linuxacademy ~]# useradd -c "Usko Stylianos" ustyl
[root@linuxacademy ~]# useradd -c "Duane Aleksandrop" dalek

We can make sure the users have been added by doing the following command:

[root@linuxacademy ~]# cat /etc/passwd

-1-
User Groups and Accounts Tasks

The users will appear at the bottom of the screen.

Now that we have confirmed our users have been added, we need to provide each user with a
password. Make sure to copy down these passwords for yourself as you will need them later in
the lab. Note that if we try to use simple passwords like password, it will not be accepted.

[root@linuxacademy ~]# passwd sbrow

Changing password for user sbrow.
New password: $PASSWORD
Retype new password: $PASSWORD
passwd: all authentication tokens updated successfully
[root@linuxacademy ~]# passwd cmarc
Changing password for user cmarc.
New password: $PASSWORD
Retype new password: $PASSWORD
passwd: all authentication tokens updated successfully
[root@linuxacademy ~]# passwd ustyl
Changing password for user ustyl.
New password: $PASSWORD
Retype new password: $PASSWORD
passwd: all authentication tokens updated successfully
[root@linuxacademy ~]# passwd dalek
Changing password for user dalek.
New password: $PASSWORD
Retype new password: $PASSWORD
passwd: all authentication tokens updated successfully

To check that passwords have been added to each user, we’re going to use tail to review the
/etc/shadow file:

[root@linuxacademy ~]# tail /etc/shadow

The usernames will appear along with their encrypted passwords.

Adding Groups
With our users added it’s time to create groups for them. We will be adding three different
groups; marketing, sales, and creative.

[root@linuxacademy ~]# groupadd marketing

[root@linuxacademy ~]# groupadd sales
[root@linuxacademy ~]# groupadd creative

To check on our groups, we’ll do the following:

[root@linuxacademy ~]# tail /etc/group

-2-
User Groups and Accounts Tasks

The groups will appear under the user names.

Create Folders
Now that we have groups we need folders for those groups. We’ll be making three folders, one
for each group.

[root@linuxacademy ~]# mkdir /groups

[root@linuxacademy ~]# mkdir /groups/marketing
[root@linuxacademy ~]# mkdir /groups/sales
[root@linuxacademy ~]# mkdir /groups/creative

Once created, we can view the folders:

[root@linuxacademy ~]# ll /groups/

The groups will appear.

Group Ownership
Now that we have the groups, we want to make sure that the groups own their corresponding
files. To check who owns what, we need to look at the group’s directory:

[root@linuxacademy ~]# cd /groups/

[root@linuxacademy ~]# ll

All folders will show that they are owned by root. To have them owned by the correct group, we’ll
make use of the recursion flag, -R:

[root@linuxacademy ~]# chgrp -R creative creative

[root@linuxacademy ~]# chgrp -R marketing marketing
[root@linuxacademy ~]# chgrp -R sales sales

Once everything is set, use ll to check that ownership is now set to the corresponding group
instead of root:

[root@linuxacademy ~]# ll
drwxr-xr-x. 2 root creative $DATE $TIME creative
drwxr-xr-x. 2 root creative $DATE $TIME marketing
drwxr-xr-x. 2 root creative $DATE $TIME sales

-3-
User Groups and Accounts Tasks

File Ownership
Now that the folders are completed, we want to make sure that any files made in the folders
keep the same ownership as the folder:

[root@linuxacademy ~]# chmod g+srw creative

[root@linuxacademy ~]# chmod g+srw marketing
[root@linuxacademy ~]# chmod g+srw sales

Review the folders to see that the drwxr-xr-x is now drwxr-rwsr-x.:

[root@linuxacademy ~]# ll
drwx-rwsr-x. 2 root creative $DATE $TIME creative

Add Users to Groups

With all of our folders set up, it is time to add our users to the groups. We’ll add sbrow and
cmarc to marketing, ustyl to sales, and dalek to creative:

[root@linuxacademy ~]# usermod -G marketing cmarc

[root@linuxacademy ~]# usermod -G marketing sbrow
[root@linuxacademy ~]# usermod -G sales ustyl
[root@linuxacademy ~]# usermod -G creative dalek

After adding them, review that they have been added to the correct groups:

[root@linuxacademy ~]# tail /etc/group

With everyone set in their groups, it’s time to go poke around in the folders and check that
everyone has the correct permissions. To do that, we’ll need to log in as a user. For now, let’s
practice with the username ustyl:

[root@linuxacademy ~]# su - ustyl

[ustyl@linuxacademy ~]$ pwd
/home/ustyle
[ustyl@linuxacademy ~]$ cd /groups/sales/
[ustyl@linuxacademy sales]$ pwd
groups/sales
[ustyl@linuxacademy sales]$ touch testfile
[ustyl@linuxacademy sales]$ ll
total 0
-rw-rw-r--. 1 ustyl sales 0 $DATE $TIME testfile

-4-
User Groups and Accounts Tasks

We can now see that ustyl is the owner and that they are in the sales folder. Now have ustyl try
and create a file in another folder.

[ustyl@linuxacademy ~sales]$ cd ../marketing/

[ustyl@linuxacademy marketing]$ touch testfile

ustyl should get a message that he cannot create the file. This lets us know that we have set
the file permissions up correctly. You can repeat this with one of the other users as well just to
be sure.

Removing a User
Before removing a user, make sure to use exit to logout and return to the root user. Once
you’re root again, then we can begin removing a user. Again, we’ll use ustyl as our example. We
will delete and then review our users to make sure that ustyl was removed.

[root@linuxacademy ~]# userdel -r ustyl

[root@linuxacademy ~]# ll /home/

The ustyl username should no longer be present.

Review
After completing this lab, you are now able to add users, groups, folders, and then connect
those folders back to the users and groups created; as well as delete users. Congratulations on
completing this lab!

-5-