1

Chapter 5
User and File Management
ITP3901 OPERATING SYSTEMS FUNDAMENTALS
(AY 2019/20)
REFERENCES:
HTTPS://ACCESS.REDHAT.COM/DOCUMENTATION/EN-US/RED_HAT_ENTERPRISE_LINUX/3/HTML/INTRODUCTION_TO_SYSTEM_ADMINISTRATION/S1-ACCTSGRPS-RHLSPEC.HTML

HTTPS://ACCESS.REDHAT.COM/DOCUMENTATION/EN-US/RED_HAT_ENTERPRISE_LINUX/4/HTML/INTRODUCTION_TO_SYSTEM_ADMINISTRATION/S2-ACCTSGRPS-FILES.HTML

HTTPS://LINUXFROMBEGINNING.WORDPRESS.COM/2008/09/20/LINUX-FILESYSTEMS-FILESYSTEM-HIERACHY-STANDARD/
 2

User
Management

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 3

Linux Account Tools

 root can use the following command-line tools to help with account
maintenance.
 useradd
 passwd
 usermod
 userdel
 groupadd
 groupdel
 groupmod

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 4
useradd

 You can add user to a Linux system by using useradd command.

 To use the useradd command, you must have administrative rights (i.e.
login as root).
e.g.
[root@myLinux]#useradd student
Add a new user with username student.

[root@myLinux]#useradd –g SDA2 student

Add a new user with username student in SDA2 primary group

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 5
useradd options

Option Description

-d <home directory> The new user will be created using <home directory> as the
value for the user’s login directory.

-g The user’s initial login group.

-e The date on which the user account is disabled, specify the date
in format YYYY-MM-DD
-G A list of groups of which the user is also a member (secondary
group membership).

-M The user’s home directory will not be created even if the default
is to create the home directory.

-m The user’s home directory will be created if it does not already

exist.

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 6
passwd

 passwd is used to change the password of an established account and can

be invoked by generic system users as well as the system administrator.

Remark: -l and -u options in passwd can be set to lock and unlock the user’s
account.
Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals
 7
usermod

 User’s information can be changed by using usermod command (BASH).

 To disable/lock the account tjones on a Linux system, do the following:
usermod -L tjones

 To enable/unlock the account, use the –U option:

usermod -U tjones

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 8
usermod Options

Option Description
-l <login name> Changes the user’s account name to <login name>. This does
not change the home directory of the user

-L Locks the user’s password, effectively disable the password.

-U Unlocks the user’s password, reverses the –L option.

-d <home directory> The new user will be created using <home directory> as the
value for the user’s login directory.

-g The user’s initial login group.

-e The date on which the user account is disabled.
-G A list of groups of which the user is also a member.

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 9
userdel

 The userdel command is used to remove users who no longer requires

access to the system.
 -r : remove the home directory of user and any files contained in it.

e.g
[root@myLinux]#userdel john
[root@myLinux]#userdel –r student

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 10
groupadd

 The groupadd command is used to add new group to your system.

Option Description
-g Permits the specification of the group ID number instead of using
the next-highest number defined by the system

-o Permits to add group with non-unique ID

 To add a new group called support to the system, issue the following
command:
groupadd support

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 11
groupdel

 The groupdel command is used to remove a user group.

 To remove the support group that was created above, execute the following
command:
groupdel support

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 12
groupmod

 The groupmod command is used to adjust previously created groups.

 The groupmod command has only a few options.
 -g gid - change the numerical value of the group's ID.
 -n group_name - The name of the group will be changed from original group
name to group_name.
 To change the name of an existing support group to devel group while
keeping the group membership , issue the following command:
groupmod -n devel support

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 13
Configuration files for account
management

 /etc/passwd
 Contains an entry for each user on the system
e.g. root:x:0:0:root:/root:/bin/bash
 /etc/group
 Contains definitions of groups and their corresponding members
e.g. SDA2::502:student1,student2,student3
 /etc/shadow
 Stores account password information and contains password aging information

e.g. juan:$1$.QKDPc5E$8F.:11956:0:90:5:30:12197:

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 14
User Manager

 The User setup in Settings is a tool that allows you to view, modify, add,

and delete local users in the graphical user interface

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 15

File Management

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 16

Linux File System

 The basic function of a file system is to represent and organize the files in
hard disk.
 Linux treats everything as a file
 Processes (Running program)
 Hardware devices
 Interprocesses communication channels

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 17
Supported File System Types

 The de facto file system on Linux is ext (or extended) file system. A
second version of this system was called ext2
 Fedora 11 supports the latest version ext4.
 Fedora currently supports other systems
 msdos(DOS FAT)
 ntfs (Windows)
 iso9660 (CDROM)
 hpfs (IBM OS/2)

 The file /proc/filesystems contains a list of the file systems

supported on your system.

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 18
ext2 / ext3 / ext4

 ext3
 Common Linux filesystem.
 Journaling eliminates need for fsck
 Beginning with the release of Red Hat Linux 7.2, the default file system
changed from the venerable ext2 format to the journaling ext3 file system.
 ext2
 Old Linux non-fragmenting fast filesystem.
 Can be converted to ext3 by adding journal:
tune2fs –j /dev/sda1
 ext4 (Fedora 11 changed the default file system from ext3 to ext4)

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 19
File System Structure

 Most Linux distributions are committed to the Filesystem Hierarchy

Standard (FHS), a collaboration document that defines the name and
locations of many files and directories.
 Note: Refer to : http://www.pathname.com/fhs/

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 20
File System Structure (Cont.)

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 21
The /boot/ and /dev/ Directory

 This directory contains everything required for the boot process. Thus
/boot/ stores data used before the kernel begins executing user-mode
programs.

 The /dev/ directory contains file system entries which represent devices
that are attached to the system. These files are essential for the system to
function properly.

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 22
The /etc/ and
/etc/sysconfig/ Directory

 The /etc/ directory is reserved for configuration files that are local to the
machine.
 This directory (/etc/sysconfig/) holds local system configuration
files (e.g. network card configuration files and graphics card configuration
file).

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 23
The /lib/ and /mnt/ Directory

 The /lib/ directory should contain only those libraries that are needed to
execute the binaries in /bin/ and /sbin/. These shared library images
are particularly important for booting the system and executing commands
within the root file system.
 The /mnt/ directory is for temporarily mounted file systems, such as
CDROM/DVDROM and floppy disks.

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 24
The /bin/ & /sbin/ Directory

 /bin/
 This directory contains executables for all users.
 /sbin/
 The /sbin/ directory is for executables used only by the root user (e.g.
shutdown command)

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 25
The /home/ directory

 /home/ contains the home directories of users (except root).

e.g. the home directory of the user student should be
/home/student/

home directory of the user

john is /home/john/

home directory of the user mary

is /home/may/

home directory of root

is /root/
Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals
 26
The /var/ & /var/log/
directory

 This directory (/var) contains files to which the system writes data during
the course of its operation
 log files are stored under /var/log/

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 27
Six Types of files

 Regular files (Text / Binary)

 Device files
 Interface of devices
 Directories
 Symbolic links (similar to shortcut in MS Windows)
 Local domain sockets
 Connections between processes
 Named pipes
 Allow communication between two processes (running program)

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 28
Linux File Types

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 29
Hard Links and Soft Links

 Symbolic link points to the file by path and name

 e.g. similar to the shortcut in MS Windows
 If the location or file name is changed, the link will fail.
 Hard Link is a direct reference
 If a hard link is pointed to a file, even the file is renamed or moved to other
location, the link still works.

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 30
Link Creation (ln)

 Both hard links and symbolic/soft links can be created using the ln
command.
 While the –s option of the ln command creates a symbolic link, with no
option it creates a hard link.
e.g.

ln abc.txt mylink.txt <= hard link

ln –s abc.txt mylink.txt <= symbolic link

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 31
File Permission

 There are three groups of people

 Owner
 Group User
 Everyone
 There are three types of access right
 Read is defined as r
 Write is defined as w
 Execute is defined as x

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 32
File Permission (Cont.)

 Given a file (list the permission by using ls –l)

drwxrwxrwx2 john osa osaexampaper.doc

d means directory
Number of
- means file.
links
Everyone permission

Group ownership
Group permission
Owner of file

Owner permission
A hyphen(-) indicates that a particular permission is denied.

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 33
Permission of Directory

 For a directory, “read”, “write” and “execute” have slightly different

meanings
 The ″read″ permission refers to the ability to list the files and subdirectories
contained in that directory.
 The ″write″ permission refers to the ability to create and remove files and
subdirectories within it.
 The ″execute″ permission refers to the ability to enter the directory using the
cd command (i.e. change the current working directory to be this directory).

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 34
chmod command

 The chmod command is used to set the permission values for files and
directories.

Letter Permission Value

r Read 4
w Write 2
x Execute 1

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 35
chmod command (Cont.)

 Although chmod does have more readable formats for permissions, it is

more commonly to use the numerical scheme.

Letter Permission Value

--- No permission 0
r-- Read only 4
rw- Read and write 6
rwx Read, write and execute 7
r-x Read and execute 5
--x Execute only 1

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 36
chmod command (Cont.)

 e.g The following chmod command (in octal form) gives

 Owner => Read, write and execute permission
 Group => Read and execute permission
 Everyone => Read only permission

[root@myLinux]#chmod 754 examination.doc

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 37
chown

 The chown command allows you to change the ownership of a file to

someone else. Only the root user can use this command.
[root@myLinux]#chown student tutorial.doc
 The –R option applies when the specified filename is a directory name.
[root@myLinux]#chown –R student tutdir

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 38
chgrp

 The chgrp command is used to change the group settings of a file. It works
much like chown.
[root@myLinux]#chgrp student tutorial.doc
 The –R option applies when the specified filename is a directory name.
[root@myLinux]#chgrp –R student tutdir

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 39
Configuration Files

 There are a large number of configuration files contained in the /etc

directory hierarchy.
/etc/-|
|---bashrc
|---crontab
|---fstab
|---grub.conf
|---hosts
|---init.d
|---inittab
|---passwd
|---group
|---shadow
|--- … … …

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 40
/etc/fstab

 The fstab file contains the file system table, which is a table of all
disk partition, and their mount points and default mount options
 Sample:

/dev/hda2 / ext2 defaults 1 1

/dev/hdb1 /home ext2 defaults 1 2
/dev/cdrom /media/cdrom auto ro,noauto,user,exec 0 0
/dev/fd0 /media/floppy auto rw,noauto,user,sync 0 0
……

 The first column is the device file name.

 The second column is the mount point.

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 41
/etc/fstab (Cont.)

 The third column in /etc/fstab specifies the filesystem type of the device
or partition.
 The fourth column in fstab lists all the mount options for the device or
partition.
 The 5th column in /etc/fstab is the dump option. Dump checks it and
uses the number to decide if a filesystem should be backed up. If it is zero,
dump will ignore that filesystem. If you take a look at the example fstab, the
5th column is zero in most cases.
 The 6th column is a fsck option. fsck looks at the number in the 6th column
to determine in which order the filesystems should be checked. If it is zero,
fsck will not check the filesystem.

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 42
/etc/system.d

 This is a symbolic link to a directory that contains a number of startup

scripts.
 The startup scripts perform a number of functions, including initialization of
network connections and startup of server daemon processes.

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 43
/etc/systemd/system/
default.target

 The default.target is a symbolic link points the initialization process to

target boot level when you start the system.
e.g. Run level Run level Target
0 poweroff.target
1 rescue.target
2,3,4 multi-user.target

Steps to boot in multi-user level(3) 5 graphical.target

6 reboot.target
Remove the existing link:
# rm -f /etc/systemd/system/default.target
Create a new link to multi-user.target
# ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
or
graphical.target
Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals
 44
/etc/passwd

 The passwd configuration file stores the account information (including

the user name, full name and path to the home directory and default shell)
for every user on the system.

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 45
/etc/passwd (Cont.)

 On each line is a seven field, colon delimited list which contains the
following information:
 Username — The name the user types when logging into the system.
 Password — The encrypted password for the user (or an x if shadow passwords are
being used).
 User ID (UID) — The numerical equivalent of the username which is referenced
by the system and applications when determining access privileges.
 Group ID (GID) — The numerical equivalent of the primary group name which
is referenced by the system and applications when determining access privileges.
 GECOS — The GECOS field is optional, and is used to store extra information
(such as the user's full name). Multiple entries can be stored here in a comma
delimited list.

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 46
/etc/passwd (Cont.)

 Home directory — The absolute path to the user's home directory, e.g.
/home/juan.
 Shell — The program automatically launched whenever a user logs in. This is
usually a command interpreter (often called a shell). Under Red Hat Linux, the
default value is /bin/bash. If this field is left blank, /bin/sh is used. If it is
set to a non-existent file, then the user will be unable to log into the system.

e.g.
root:x:0:0:root:/root:/bin/bash

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 47
/etc/group

 The /etc/group contains a list of system groups (and the group member).
 Each line is a four field, colon delimited list including the following
information:
 Group name — The name of the group.
 Group password —Not used.
 Group ID (GID) — The numerical equivalent of the group name. It is used by
the system and applications when determining access privileges.
 Member list — A comma delimited list of users in the group.

e.g.
OSF::502:student0,student1,student2

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 48
/etc/shadow

 The /etc/shadow file is readable only by the root user, and

contains password and optional password aging information.
 Each of these lines is a nine field, colon delimited list including the
following information:
 Username — The name the user types when logging into the system.
 Encrypted password — The password is encrypted using either the crypt
library function, or the md5 hash algorithm. In this field, values other
than a validly-formatted encrypted or hashed password are used to
control user logins and to show the password status. For example, if the
value is ! or * the account is locked, and the user is not allowed to log in.
If the value is !! a password has never been set before (and the user, not
having set a password, will not be able to log in).

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 49
/etc/shadow (Cont.)

 Date password last changed — The number of days since January 1, 1970 that the
password was last changed. This information is used for the following password
aging fields.
 Number of days before password can be changed — The minimum number of
days that must pass before the password can be changed.
 Number of days before password change is required — The number of days that
must pass before the password must be changed.
 Number of days warning before password change — The number of days before
password expiration during which the user is warned of the impending expiration.
 Number of days before the account is disabled — The number of days after a
password expires before the account will be disabled.

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals

 50
/etc/shadow (Cont.)

 Date since the account has been disabled — The date since the user account has
been disabled.
 A reserved field — Not used.

e.g.
juan:$1$.QKDPc5E$8F.:11956:0:90:5:30:12197:

Chapter 5 - User and File Management ITP3901 Operating Systems Fundamentals