Scribd
Upload
6 views18 pages

Users & Group Management Part 2

The document provides an overview of user management commands in Linux, focusing on the 'chage', 'chmod', and 'chgrp' commands. The 'chage' command is used to manage user password expiry and account aging, while 'chmod' modifies file permissions and 'chgrp' changes the group ownership of files. Various options and examples for each command are detailed to illustrate their usage in managing user access and security.

Uploaded by

shiinecabdicabdulaahi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
6 views18 pages

Users & Group Management Part 2

The document provides an overview of user management commands in Linux, focusing on the 'chage', 'chmod', and 'chgrp' commands. The 'chage' command is used to manage user password expiry and account aging, while 'chmod' modifies file permissions and 'chgrp' changes the group ownership of files. Various options and examples for each command are detailed to illustrate their usage in managing user access and security.

Uploaded by

shiinecabdicabdulaahi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 18

Users, Groups and Permissions in

Linux
PART-TWO 2
Liban Bashir
Network Security Administrator/
Former SYSTEM ADMIN
RHCSA / RHCE & RED HAT
VIRTUALIZATION
[email protected]
Permissions- agenda
 Chage command
 Chmod Command
 Change group ownership

(chown)
Chage Command
 The ‘chage’ command in Linux is a powerful
tool used to manage user password expiry and
account aging information. It is particularly
useful in environments where user access
needs to be controlled over time, such as when
login access is time-bound or when it’s
necessary to enforce regular password changes
for security purposes. With the
‘chage’ command, administrators can view and
modify password expiry details, set mandatory
password change intervals, specify account
expiration dates, and more.
What is the ‘chage’
command?
 The ‘chage’ command, short for “change
age,” allows system administrators to
manage account aging parameters,
including when a password was last
changed, when it must be changed next,
and when an account should be locked or
warned about password expiration. This
command is essential for maintaining
security policies that require users to
update their passwords periodically or limit
the duration of user access.
Common Options and Examples of ‘chage’ command in
Linux

 1. ‘-l’ option (List Account Aging


Information)
 Use this option to view the account aging

information. In order to view the aging


information of the root, use the keyword
‘sudo‘.
 Sudo chage –l root
‘-E’ option (Set Account Expiry Date)

 Use this option to specify the date when the


account should expire. In order to change
the aging information of the root, use the
keyword sudo. Further using the ‘-l’ option
to view the changed date.
 Sudo chage –E 2024-12-31 isak
‘-M’ and ‘-m’ option (Set Maximum and Minimum
Password Age)

 Use this option to specify the maximum and


minimum number of days between
password change. In order to change the
aging information of the root, use the
keyword ‘sudo’. Further using the ‘-l’ option
to view the changed period.
 Input : sudo chage -M 5 root
‘-I’ option (Set Inactivity Period After Password Expiry)

 Use this option to specify the number of days


the account should be inactive after its expiry. It
is necessary that the user should change the
password after it expires, this command is
useful when the user does not login after its
expiry. Even after this inactivity period if the
password is not changed then the account is
locked and the user should approach the admin
to unlock it.
 In order to change the aging information of the
root, use the keyword ‘sudo’. Further we used
the ‘-l’ option to view the inactivity period.
‘-W’ option (Set Password Expiry Warning)

 Use this option to give prior warning before


the password expires.The input given in the
command is the number of days prior to the
expiry date when the warning should be
given. In order to change the aging
information of the root, use the keyword
‘sudo’. Further, using the ‘-l’ option to view
the warning period.
‘-W’ option (Set Password Expiry Warning)

 Chage –m 2 –M 30 –W 3 –I 5 ISAK

 Vim /etc/login.defs
Chmod Command

 The "chmod" command modifies the read, write, and


execute permissions of specified files and the search
permissions of specified directories.

 The format for the command is as shown below:


 chmod [who] permission file

 [who] refers to who you are giving permissions to.


 Specified in the order: user, group, others.
 The permissions that can be given are : read, write
or execute.
Chmod Command

The Octal digits used for assigning


permissions are as follows:
Octal Digit Permissions 3-Character Display
read, write,
7 rwx
execute
6 read, write rw-
5 read, execute r-x
4 read r--
3 write, execute -wx
2 write -w-
1 execute --x
0 (none) ---
Chmod Command

 Mkdir /Marketing
Chmod Command

 chmod u=rwx,g=rwx,o=rwx /Marketing/


Chmod Command

 chmod u=rwx,g=rwx,o=-rwx /Marketing/


Chgrp Command

 The chgrp (change group) command alters


the group name that a file or directory
belongs to. Each file in Linux is created by a
user, while each user belongs to groups. By
changing the group ownership of a file, the
permissions to access and modify a file
changes as well.

 chgrp [GROUP_NAME] [DIRECTORY/FILE_NAME]


Chgrp Command

 Chgrp business /Marketing


Questions?

You might also like