Linux Module 2 - Users and Groups
Which file forces system-wide customizations for all users on a system that a user cannot change?
/etc/profile
In which file are hashed passwords stored?
/etc/shadow
Which directory's contents are copied to the user's home directory upon account creation?
/etc/skel
permissions
Access rights assigned to users, enabling them to access and/or modify files and directories.
group
An access control object that contains multiple users with similar security requirements.
PATH variable
An environment variable that specifies where an application's binaries are stored on the file system.
principle of least privilege
An information security best practice that states that users should have as much access as is required to do their job, but no more than that.
user account
An object that represents a person's identity to the operating system and is used to perform certain tasks.
True or false? Using a dot at the beginning of a file name makes the file more secure
False. The file is hidden from normal view as a matter of organization, but does nothing for security.
Where should administrators set system-wide variables on a Linux system rather than editing the /etc/profile file directly?
In scripts within the /etc/profile.d directory.
True or false? The groupmod command is used to change the name of an existing group.
True
Which command does a system administrator use to add a user (bsmith) to an existing group (finance)?
sudo usermod -aG finance bsmith
With which command can you change the default user shell to the KornShell for user bsmith?
sudo usermod -s /bin/ksh bsmith
What are the three commands used to properly edit the /etc/passwd file?
useradd, usermod, and userdel
You suspect that a hardware failure is imminent and you need to reboot the system to ensure that everything is working properly or to force a failure. Before issuing the reboot command - which command can you use to check to see if other users are logged onto the system?
who
As a Linux administrator you might often switch accounts from yours to the root user or to other user accounts to perform tasks. Which command can you issue to find out which user account you're currently using?
whoami
Which file contains the groups and user members of those groups?
/etc/group
In which file are user accounts stored?
/etc/passwd
home directory
A container for a user's personal files and other files specific to that user.
Why do administrators and classes and best practices state that you should manage users by managing groups?
Managing groups simplifies user administration. Rather than granting explicit permissions to users on an individual basis, you grant them to groups and add users to those groups.
Name the three types of Linux user accounts
Root user (superuser), standard user, and service.
As an administrator you might need to reboot a system or otherwise perform maintenance. Which command would you issue to not only view logged on users but also their current activity?
The w command displays idle time and the amount of CPU time consumed by user-owned processes. This information will tell you if it's safe to reboot a system or if you should ask users to log off first.
Why is it important to put the principle of least privilege into practice?
System security is greatly enhanced by only granting users the minimum amount of rights and permissions they require to perform a task.
What is the primary difference between the .bashrc and the .bash_profile files?
The .bash_profile file is executed upon first login to the system, and .bashrc is executed upon subsequent logins.
Why are /etc/passwd and /etc/shadow different files?
The /etc/passwd file stores user account details such as user names, default shell, home directory, and group names. The /etc/shadow file contains the hashed passwords that are only readable by the root user account, whereas /etc/passwd is readable by everyone. Having a separate file for each, with different permissions, strengthens security.
Authentication
The cybersecurity practice of verifying an individual's identity.
As a system administrator why might you issue the id command?
The id command displays group information at a glance in an easy-to-read format.
A user reports that she was working on an important script when the system rebooted at approximately 6:30 P.M. last night. No warning was given. How can you find out who was logged into the system at that time and who could have rebooted the system without warning?
The last command will inform you as to who was logged into the system. If an administrator rebooted the system, you'll be able to identify him or her from the entries displayed. If the system crashed, last will also provide that information. Further investigation of systems logs may be required in the event of a crash.
Why is it a security best practice to log onto a Linux system with a regular user account rather than with the root user account?
The primary reason is to prevent harmful mistakes from happening to the system through errant commands such as rm (remove). Users who can use the sudo command should do so on an individual command basis to perform necessary tasks with elevated privileges, while remaining in their user shells for other functions.
Describe the difference between using the su command and using the sudo command to perform administrative tasks.
The su command enables an authorized user to become the root user by switching to the root user account in a complete root-owned shell. This is handy for the administrator but very dangerous because of the potential for human error. The sudo command enables an authorized user to issue individual commands as the root (or other user), limiting potential damage to the system
You need to add an administrator to the /etc/sudoers file to give them the ability to use the sudo command. Which command must you use to add users to the /etc/sudoers file?
You must use visudo since you cannot edit the /etc/sudoers file directly with Vim or other text editors.
Which three commands does a system administrator use to properly edit a Linux system's group file?
groupadd, groupmod, and groupdel