Linux-Lesson 2
True or false? Using a dot at the behind of a file name makes the file more secure.
False
Which command does a system administrator use to add a user (bsmith) to an existing group (finance)?
sudo usermod -aG finance bsmith
With which command can you change the default user shell to the KornShell for user bsmith?
sudo usermod -s /bin/ksh bsmith
What are the three commands used to properly edit the /etc/passwd file?
-useradd -usermod -userdel
Name the three types of Linux user accounts.
-Root user(superuser) -Standard user -Service
Which three commands does a system administrator use to properly edit a Linux systems's file group file?
-groupadd -groupmod -groupdel
Which file contains the groups and user members of that those groups?
/etc/group
In which file are user accounts stored?
/etc/passwd
Which file system-wide customizations for all users on a system that a user cannot change?
/etc/profile
In which file are hashed passwords stored?
/etc/shadow
Which directory's contents are copied to the user's home directory upon account creation?
/etc/skel
Where should administrators set system-wide variables on a Linux system rather than editing the /etc/profile file directly?
In scripts within the /etc/profile.d directory
Why do administrators, classes, and best practices state that you should manage users by managing groups?
Managing groups simplifies user administration. Rather than granting explicit permissions to users on an individual basis, you grant them to groups and add users to those groups.
Why is it important to put the principle of least privilege into practice?
System security is greatly enhanced by only granting users the minimum amount of rights and permissions they require to perform a task.
What is the primary difference between .bashrc and the .bash_profile files?
The .bash_profile file is executed upon first login to the system and .bashrc is executed upon subsequent logins.
Why are /etc/passwd and /etc/shadow different files?
The /etc/passwd file stores user account details such as user names, default shell, home directory, and group names. The /etc/shadow file contains the hashed passwords that are only readable by the root user account, whereas /etc/passwd is readable by everyone. Having a separate file for each, with different permissions, strengthens security.
A user reports that she was working an important script when the system rebooted at approximately 6:30 P.M. last night. No warning was given. How can you find out who was logged into the system at the time and who could have rebooted the system without warning?
The last command will inform you as to who was logged into the system. If an administrator rebooted the system, you'll be able to identify him or her from the entries displayed. If the system crashes, last will also provide that information. Further investigation of systems logs may be required in the event of a crash.
True or False? The groupmod command is used to change the name of an existing group?
True
You suspect that a hardware failure is imminent and you need to reboot the system to ensure everything is working properly or to force a failure. Before issuing the reboot command, which command can you use to check to see if other users are logged into the system?
Who
You need to add an administrator to the /etc/sudoers file to give them the ability to use the sudo command. Which command must you use to add users to the /etc/sudoers file?
You must use visudo since you cannot edit the /etc/sudoers file directly with Vim or other text editors.
As a Linux administrator, you might often switch accounts from yours to the root user or to other accounts to perform tasks. Which command can you issue to find out which user account you're currently using?
whoami
As an administrator, you might need to to reboot a system or otherwise perform maintenance. Which command would you issue to not only view logged on users but also their current activity?
The w command displays idle time and the amount of CPU time consumed by user-owned processes. This information will tell you if it's safe to reboot a system or if you should ask users to log off first.
As a system administrator, why might you issue the id command?
The id command displays group information at at glance in an easy-to-read format.
Why is it a security best practice to log onto a Linux system with a regular user account rather than with the root user account?
The primary reason is to prevent harmful mistakes from happening to the system through errant commands such as rm(remove). Users who can use sudo command should do so on an individual command basis to perform necessary tasks with elevated privileges, while remaining in their user shells for other functions.
Describe the difference between using the su command and using the sudo command to perform administrative tasks.
The su command enables an authorized user to become the root user by switching to the root user account in a complete root-owned shell. This is handy for the administrator but very dangerous because of the potential for human error. The sudo command enables an authorized user to issue individual commands as the root (or other user), limiting potential damage to the system.