Unit IV Final
Unit IV Final
User and Group Management: User accounts, local groups and group
memberships, configure networking and hostname resolution statically or
dynamically, start, stop, and check the status of network services and network
related commands.
Storage Management: List, create, delete, and modify physical storage partitions
and tools
• Read: a readable permission allows the contents of the file to be viewed. A read
permission on a directory allows you to list the contents of a directory.
• Write: a write permission on a file allows you to modify the contents of that file. For
a directory, the write permission allows you to edit the contents of a directory (e.g.
add/delete files).
• Execute: for a file, the executable permission allows you to run the file and
execute a program or script. For a directory, the execute permission allows you to
change to a different directory and make it your current working directory. Users
usually have a default group, but they may belong to several additional groups.
A user is an entity, in a Linux operating system, that can manipulate files and
perform several other operations. Each user is assigned an ID that is unique for
each user in the operating system. we will learn about users and commands which
are used to get information about the users. After installation of the operating
system, the ID 0 is assigned to the root user and the IDs 1 to 999 (both inclusive)
are assigned to the system users and hence the ids for local user begins from 1000
onwards. In a single directory, we can create 60,000 users.
In Linux, user management revolves around creating, modifying, and deleting user
accounts, managing permissions, and controlling access to system resources.
Proper user management ensures that users have the appropriate level of access to
perform their tasks and prevents unauthorized access to sensitive information or
system resources.
Linux/Unix operating systems have the ability to multitask in a manner similar to
other operating systems. However, Linux’s major difference from other operating
systems is its ability to have multiple users. Linux was designed to allow more than
one user to have access to the system at the same time. In order for this multiuser
1
design to work properly, there needs to be a method to protect users from each
other. This is where permissions come in to play.
Graphical tools are easy and suitable for new users, as it makes sure you'll not run
into any trouble.
Command line tools includes commands like useradd, userdel, passwd, etc. These
are mostly used by the server administrators.
Third and very rare tool is to edit the local configuration files directly using vi.
1.To list out all the users in Linux, use the awk command with -F option. Here, we
are accessing a file and printing only first column with the help of print $1 and awk.
awk -F':' '{ print $1}' /etc/passwd
2. Using id command, you can get the ID of any username. Every user has an id
assigned to it and the user is identified with the help of this id. By default, this id is
also the group id of the user.
id username
Example: id test
2
3.Using passwd command to assign a password to a user. After using this
command, we have to enter the new password for the user and then the password
gets updated to the new password.
passwd username
Example: passwd geeks
3
6. The command to change the home directory. The below command change the
home directory of the user whose username is given and sets the new home
directory as the directory whose path is provided.
usermod -d new_home_directory_path username
Example: usermod -d new_home_directory test
7.Creating a User
In Linux, every user is assigned an individual account which contains all the files,
information, and data of the user. You can create multiple users in a Linux operating
system using Linux user commands. The steps for creating a user are:
4
Step 3) Enter details of the new user and press Y
5
The system would ask for authentication and then it would add the user
to the group.
13.Finger
This command is used to procure information of the users on a Linux
machine. You can use it on both local & remote machines
The syntax ‘finger’ gives data on all the logged users on the remote and
local machine.
The syntax ‘finger username’ specifies the information of the user in User
administration in Linux.
6
Linux/Unix user management commands
User management in Linux is done by using Linux administration
commands. Here is a list of user management commands in Linux:
Command Description
Users can be listed in different groups. Group allow us to set permission on the group
level instead of setting the permission on individual level.
Every Linux distribution have a graphical tool to manage groups. Groups can be
managed by graphical tools, command line tools and by vi or vigr depending upon the
user's experience. Only experienced users should use vi or vigr to manage groups,
since it will do proper locking or changes in the file.
Primary group: When we create a file through a specific user account, by default, the
filegroup is set to the user's primary group. It will provide the same name as the file
user group as the user account name. The primary group stores the user information in
/etc/passwd file.
7
A user can be added to precisely one primary group. It is not necessary to add a user
to a secondary group, so a user can be added to zero or more secondary groups
Look at the above snapshot, groups php, java, android and spring are created with
groupadd command.
2.Group File: The /etc/group file defines the group membership. A user can be a
member of more than one group.
Syntax:
1. /etc/group
Look at the above snapshot, first column indicates group name, second is the
group's encrypted password which may remain empty also, third is group
identification (GID) and fourth is the list of members. Fourth list is empty as these
groups do not have members.
3.Groups: The group command talks about the group where current user belongs
to.
Syntax: groups
Look at the above snapshot, user jtp and sssit belongs to the different groups.
8
4. Add a user to a Group:Adding users to a group is a straight forward process. We
can add users to a group by using usermod command. To add a user to a group,
execute this command, followed by the group name and user name. The group name
is the name of a group in which you want to add a particular user.
let's create two users, user1 and user2, execute the command as follows:
1. sudo useradd user1
2. sudo useradd user2
The above command will add the two users called user1 and user2. Consider the
below output:
The -a option used to append the group; it is recommended to use this option when
adding a new user to a group. If you do not use the -a option, the user will be
removed from any group not specified after -G option.
If the usermod command executes successfully, it will not display any output, but in
case of failure, it will post warning messages such as user or group does not exist.
we can specify any numbers of groups, specify them by a comma after the primary
group.
9
6.List the Groups in Linux:Many groups exist in Linux; these groups can be user-
defined as well as pre-defined. We can list all the available groups by using getent
command.
To list all the available groups in the Linux system, execute the command as follows:
1. getent group
The above command will display a large list of pre-defined and user-defined
groups. Consider the below snap of the output:
The above snap of the output is taken from the last. At the starting of the output, there
is an extensive list of pre-defined groups.
7.Remove a User from Group:The Linux system allows us to remove a user from a
group. To remove a user from a group, execute the gpasswd command with -d
option followed by group name and user name. Consider the below command:
1. sudo gpasswd -d user1 jtpGroup
The above command will remove the user from the JtpGroup. Consider the below
output:
This group will be assigned a new group configuration at the next login. If the user
is logged in, the changes cannot be seen immediately.
8.Change a User's Primary Group:A user can be added to more than one group.
In such scenarios, there will be only one primary group, and the others will be
secondary groups. The access permission of files will be assigned to the primary
group. Sometimes we may need to change the primary group; it can be changed by
using the usermod command.
To change the user's primary group, execute the usermod command as follows:
1. sudo usermod -g JtpGroup2 user1
Consider the below output:
The above command will remove the user1 from JtpGroup and add it to JtpGroup2.
The -g option is used to assign a user to a primary group, and -G option is used to
assign a user to a secondary group.
9.usermod:
The group members can be edited with usermod or useradd command. If a group
is not listed then by default, usermod command will remove the user from every
group of which he is a member.
Here, -a (append) option is used to prevent this from happening.
Syntax:
10
1. usermod -a -G <group> <userName>
Example:
1. usermod -a -G php akki
2. usermod -a -G php abc
3. usermod -a -G java jtp
10.groupmod: With the help of groupmod command you can change the name of
an already existing group.
Syntax:
1. groupmod -n <oldGroup> <newGroup>
Example:
groupmod -n sql spring
11.groupdel: The command groupdel will delete a group permanently from the
system.
Syntax:
1. groupdel <group>
Example:
1. groupdel sql
Look at the above snapshot, group sql is deleted from the system.
11
12.gpasswd: Control of group membership can be passed on to another user with
gpasswd command.
Syntax: gpsswd -A <user> <group>
Example: gpasswd -A jtp java
Look at the above snapshot, we have passed the membership of java to the user with
command "gpasswd -A jtp java". Then we su to jtp and add aaa to java.
Group administrators need not to be a member of the group. They can add or
remove a member without being a member of that group.
File /etc/gshadow keeps the information about the group administrators as shown
in below snapshot.
To remove all the administrators from a group, set an empty administrator list.
Syntax:
1. gpasswd -A "" <group>
Example:
1. gpasswd -A "" java
Look at the above snapshot, administrator jtp is removed from the group java.
12
PART -B: NETWORKING COMMANDS
Linux Networking Commands
Linux networking commands are used extensively to inspect, analyze, maintain, and
troubleshoot the network/s connected to the system.
ss It is a replacement of netstat.
13
1.ifconfig: ifconfig is short for interface configurator. This command is utilized in
network inspection, initializing the interface, enabling or disabling an IP address,
and configuring an interface with an IP address. Also, it is used to show the network
and route interface.
o MTU
o MAC address
o IP address
Syntax:
Ifconfig
2.ip: It is the updated and latest edition of ifconfig command. The command
provides the information of every network, such as ifconfig. Also, it can be used to
get information about a particular interface.
Syntax:
1. ip a
2. ip addr
3.traceroute: The traceroute command is one of the most helpful commands in the
networking field. It's used to balance the network. It identifies the delay and decides
the pathway to our target. Basically, it aids in the below ways:
Syntax:
1. traceroute <destination>
4.tracepath: The tracepath command is the same as the traceroute command, and
it is used to find network delays. Besides, it does not need root privileges. By default,
it comes pre-installed in Ubuntu. It traces the path to the destination and recognizes
all hops in it. It identifies the point at which the network is weak if our network is not
strong enough.
Syntax:
1. tracepath <destination>
14
5.ping: It is short for Packet Internet Groper. The ping command is one of the widely
used commands for network troubleshooting. Basically, it inspects the network
connectivity between two different nodes.
Syntax:
1. ping <destination>
Syntax:
1. Netstat
8.ss: This command is the substitution for the netstat command. The ss command is
more informative and much faster than netstat. The ss command's faster response is
possible because it fetches every information from inside the kernel userspace.
Syntax:
1. Ss
9.nsloopup: The nslookup command is an older edition of the dig command. Also,
it is utilized for DNS related problems.
Syntax:
1. nslookup <domainname>
10.dig: dig is short for Domain Information Groper. The dig command is an
improvised edition of the nslookup command. It is utilized in DNS lookup to reserve
the DNS name server. Also, it is used to balance DNS related problems. Mainly, it is
used to authorize DNS mappings, host addresses, MX records, and every other DNS
record for the best DNS topography understanding.
Syntax:
1. dig <domainname>
11.route: The route command shows and employs the routing table available for our
system. Basically, a router is used to detect a better way to transfer the packets
around a destination.
Syntax:
1. Route
15
12.host: The host command shows the IP address for a hostname and the domain
name for an IP address. Also, it is used to get DNS lookup for DNS related issues.
Syntax:
1. host -t <resourceName>
13.arp: The arp command is short for Address Resolution Protocol. This command is
used to see and include content in the ARP table of the kernel.
Syntax:
1. Arp
14.iwconfig: It is a simple command which is used to see and set the system's
hostname.
Syntax:
1. Hostname
15.curl and wget: These commands are used to download files from CLI from the
internet. curl must be specified with the "O" option to get the file, while wget is
directly used.
curl Syntax:
1. curl -O <fileLink>
wget Syntax:
1. wget <fileLink>
16.mtr: The mtr command is a mix of the traceroute and ping commands. It regularly
shows information related to the packets transferred using the ping time of all hops.
Also, it is used to see network problems.
Syntax:
1. mtr <path>
17.whois: The whois command fetches every website related information. We can
get every information of a website, such as an owner and the registration
information.
Syntax:
1. mtr <websiteName>
16
18.ifplugstatus: The ifplugstatus command checks whether a cable is currently
plugged into a network interface. It is not available in Ubuntu directly. We can install
it with the help of the below command:
Syntax:
1. Ifplugstatus
20.tcpdump: The tcpdump command is widely used in network analysis with other
commands of the Linux network. It analyses the traffic passing from the network
interface and shows it. When balancing the network, this type of packet access will
be crucial.
Syntax:
1. $ tcpdump -i <network_device>
How much do you need to know about disks to successfully manage a Linux system?
What commands do what? How do you make good decisions about partitioning?
What kind of troubleshooting tools are available? What kind of problems might you
run into? This article covers a lot of territory – from looking into the basics of a Linux
file systems to sampling some very useful commands.
Disk technology
In the beginning days of Unix and later Linux, disks were physically large, but very
small in terms of storage capacity. A 300 megabyte disk in the mid-90’s was the size
of a shoebox. Today, you can get multi-terrabyte disks that are the size of a slice of
toast.
Traditionally, files resided within file systems that resided in disk partitions that were
themselves simply slices of disks. This organization still dominates today, though
servers in large data centers often take on an entirely different structure.
1.file
2.file system
3.disk partition
4. disk
17
/\
/ \
/ \
/ file \
/ \
/==========\
/ \
/ file system \
/ \
/==================\
/ disk partition \
/======================\
/ disk \
/==========================\
This simplistic view still works for many systems, but these days there are lot of
complexities that make disk management harder in some ways and easier in others.
A file system might be virtual – no longer residing on a single disk and more
complex to manage, but far easier to resize as needed. In fact, the entire system
could be virtual. And what we might manage as if it were a single disk could actually
be some portion of a very large disk array.
Disk management
Sysadmins generally have to deal with many issues when it comes to managing
disks. These include:
• Partitioning disks
• Creating file systems
• Mounting file systems
• Sharing file systems
• Monitoring free space within file systems
• Backing up (and sometimes restoring) file systems
The reasons to partition a disk include:
• protecting some file systems from running out of space (e.g., you may want
the OS partition to be separated from home directories or applications to keep
it from being affected if users’ files begin to take up far an excessive amount
of disk space)
• improving performance
• allocating swap space
18
• facilitating maintenance and backups (e.g., you might be able to unmount
/apps if it’s not part of / and you might want to back up /home more frequently
than /usr)
• more efficient (and targeted) fsck
• maintaining (particularly on test systems) multiple operating systems
• reserving enough disk space for file system expansion
• sharing select file systems with other systems
Partitioning commands
For most Linux servers, partitioning is done before the servers are deployed. On the
other hand, you might add disks at some later time or hold back some significant
amount of free disk space for future use.
Command action
d delete a partition
19
As you can see, the fdisk command provides a lot of functionality. The partitions that
you set up may look something like this configuration in which four partitions have
been set up on a single disk – /dev/sda.
sda
+------------+------------------------+--------------------+------+
+------------+------------------------+--------------------+------+
$ df -h
The pydf command (think "python df" as it's really a python script) also provides a
very useful disk usage display showing mount points and cute little illustrations for
how full each partition is.
$ pydf
20
The parted command displays partition information in a different format:
$ sudo parted -l
The lsblk (list block devices) command illustrates the relationship between disks
and their partitions graphically and also supplies the major and minor device
numbers and mount points.
$ lsblk
The fdisk command reports more details on disk partitions and uses very different
numbers. You can also use fdisk to create or delete partitions, list unpartitioned
space, change a partition type, or verify the partition table.
$ sudo fdisk -l
21
Device Boot Start End Blocks Id System
The sfdisk command is similar to fdisk, but makes some partition manipulation
activities easier to perform.
/dev/sda4 0 - 0 0 0 Empty
The cfdisk command can also be used to display or manipulate disk partitions.
$ sudo cfdisk
22
[ Help ] [ New ] [ Print ] [ Quit ] [ Units ]
[ Write ]
$ iostat -x 60
Device: rrqm/s wrqm/s r/s w/s rkB/s wkB/s avgrq-sz avgqu-sz await
r_await w_await svctm %util
sda 8.37 3.26 13.41 2.79 341.14 191.82 65.79 0.61 37.60 30.40
72.14 2.52 4.08
Probably one of the most informative commands for looking at disk health
is smartctl (part of smartmontools). While the command generates a lot of output, it
provides valuable measurements that might help you pinpoint disk problems,
particularly once you get used to working with its extensive output
23
LU WWN Device Id: 5 0014ee 0015c85ef
been run.
command.
24
Offline surface scan supported.
Self-test supported.
power-saving mode.
25
10 Spin_Retry_Count 0x0033 100 100 051 Pre-fail Always - 0
No Errors Logged
1 0 0 Not_testing
2 0 0 Not_testing
3 0 0 Not_testing
4 0 0 Not_testing
26
5 0 0 Not_testing
27