RHCSA Exam (EX200) User and group Administration

ComputerCarriage > Posts > Howto > RHCSA Exam (EX200) User and group Administration
rhcsa exam

Introduction

In this post we are going to see Linux user and group administration, this is applicable for RHCSA Exam for RHEL 8 / 7 versions. We are going to see Linux users and group creation, modification, deletion. Managing user and group can be done by command or GUI tools

For RHCSA Exam we have user and group administration one of the questions, get practice by creating user, group with different scenarios. Few users are created by default, each users are created for the services / application to use.

Three important files that has to be noted

User/etc/passwd
Group/etc/groups
Shadow/etc/shadow

User file

The /etc/passwd file contains the username,password,userid, group id, groupname,shell.
The values are separated by colon (:), the value x denotes the password, which is stored in the /etc/shadow file

[root@server1 ~]# cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin

Group file

The /etc/group contains list of groups are created in the server, users are mapped with the group

[root@server1 ~]# cat /etc/group
root:x:0:
bin:x:1:
daemon:x:2:
sys:x:3:

Shadow file

The /etc/shadow file consists of the username, password and password expiry

[root@server1 ~]# cat /etc/shadow
root:$6$mSW2hm02cqJh1wJh$NQVuSxJiaX4sY2MiMwQoXydkQ.49Tmp0RIVx6lQGrEk8E/jtdxeQPw8uc3YD9R3fTU8z9P8I1DUCofTobrm151::0:99999:7:::
bin::18358:0:99999:7::: daemon::18358:0:99999:7:::
daemon:*:18358:0:99999:7:::

root User

The root user or administrator user will have the user and group id set to 0

[root@server1 ~]# id root
uid=0(root) gid=0(root) groups=0(root)

Few points to be noted

  • The user and group ID starts with 1000, however we can manually change the User and Group ID
  • We are going to create group web and db, and users to web / db group and a user have more than one group
  • User can be a single group or multiple group. root user can always over ride the user / group privileges.

User Administration

Creating a User

Creating users as user1 and user2 and user3 with different UID

[root@server1 ~]# useradd user1
[root@server1 ~]# useradd user2

Verify the user has been created successfully, Now you can see user1 and user2 are created with the user/group ID 1000,1001 respectively

[root@server1 ~]# id user1
uid=1000(user1) gid=1000(user1) groups=1000(user1)
[root@server1 ~]# id user2
uid=1001(user2) gid=1001(user2) groups=1001(user2)

Setting up the password

Use the passwd command to set the password, the password is case sensitive and minimum 8 characters long, use the passwd command to set password for all other users.

[root@server1 ~]# passwd user2
Changing password for user user2.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
[root@server1 ~]#

User creation with Specific user ID

In scenarios few application needs specific user ID and group ID is need

[root@server1 ~]# useradd -u 501 user6
[root@server1 ~]# id user6
uid=501(user6) gid=1004(user6) groups=1004(user6)

Group Administration

Creating a group

We are going to create two group web and db using the group command

[root@server1 ~]# groupadd web
[root@server1 ~]# groupadd db

Verify that group has been created

[root@server1 ~]# grep web /etc/group
web:x:1002:
[root@server1 ~]# grep db /etc/group
db:x:1003:user5
[root@server1 ~]# grep db /etc/group

Group with Specific group ID

In few scenarios the application /db requires specific group ID has to be created, using the -g option in groupadd / groupmod command we can assign the particular group ID

[root@server1 ~]# groupadd -g 555 testgroup

[root@server1 ~]# grep 555 /etc/group
testgroup:x:555:

Creating new user and with specific group

We are going assign a user with a specific group instead of the default group that is assigned, We are going to create user3 into the group web

[root@server1 ~]# useradd user3 -g web

Create user4 and assign the group db

[root@server1 ~]# useradd user4 -g db

Create user5 with primary group as web and secondary group as db

[root@server1 ~]# useradd user5 -g web -G db

Verify the User and group ID of all the three users created

[root@server1 ~]# id user3
uid=1002(user3) gid=1002(web) groups=1002(web)
[root@server1 ~]# id user4
uid=1003(user4) gid=1003(db) groups=1003(db)
[root@server1 ~]# id user5
uid=1004(user5) gid=1002(web) groups=1002(web),1003(db)

Note:

User can have only one primary group and multiple secondary groups, Primary group denotes with -g and secondary group with -G, for multiple secondary group with -G group1, group2,..,groupX

User / Group Modification

We can alter user and group depending upon the requirement. Suppose we want to change the user to some other group or set a default shell variable we can use the following methods

Adding Secondary group to db, primary group remains same as user2

[root@server1 ~]# id user2
uid=1001(user2) gid=1001(user2) groups=1001(user2)

We are going to alter user2 secondary group as db and verify it using the id command

[root@server1 ~]# usermod -G db user2
[root@server1 ~]# id user2
uid=1001(user2) gid=1001(user2) groups=1001(user2),1003(db)

In the above example we can see the user2 primary group is user2 and the secondary group is db

Adding multiple group for a user

Adding one or more secondary group, now the user2 will be part of user2 group, as well as web and db as secondary group

[root@server1 ~]# usermod -G db,web user2
[root@server1 ~]# id user2
uid=1001(user2) gid=1001(user2) groups=1001(user2),1002(web),1003(db)

In the above example we can see the secondary group for the user2 will be web and db, We can also verify the changes are also been updated in the /etc/group

root@server1 ~]# grep user2 /etc/group
user2:x:1001:
web:x:1002:user2
db:x:1003:user5,user2

In the above output we could see user is in user2/web/db group

Group modification

Using group modification command we are going to rename the testgroup to devgroup

[root@server1 ~]# groupmod testgroup -n devgroup
[root@server1 ~]# grep 555 /etc/group
devgroup:x:555:

Deleting the User / Group

We are going to delete the user6 and the group devgroup, check the id command output, we could see user6 has the group assigned devgroup

[root@server1 ~]# id user6
uid=501(user6) gid=555(devgroup) groups=555(devgroup)
[root@server1 ~]# userdel user6
[root@server1 ~]# groupdel devgroup

Verify the command using the id command

[root@server1 ~]# id user6
id: 'user6': no such user
[root@server1 ~]#

Thats is from the user and group administration session for RHCSA Exam , hope this will be help for the RHCSA Exam preparation, we will be posting few more exam preparation posts in the coming days, please let you your feedbacks,

RHCSA Exam – https://www.redhat.com/en/services/training/ex200-red-hat-certified-system-administrator-rhcsa-exam

LVM Filesystem creation – https://computercarriage.com/2020/06/07/lvm-filesystem-creation-in-linux/

yum package manager RHEL-CentOS 6/7/8 – https://computercarriage.com/2020/05/31/easy-use-of-yum-package-manager/

How to extend a partition using Logical Volume Manager – https://computercarriage.com/2020/05/12/lvm-howto/

RCHSA Exam duration : 2.30 Hours

RHCSA Exam Code: EX200

RHCSA Exam objectives – https://www.redhat.com/en/services/training/ex200-red-hat-certified-system-administrator-rhcsa-exam?section=Objectives

RHCSA Exam recommended course

RH134 – https://www.redhat.com/en/services/training/rh134-red-hat-system-administration-ii

RH124 – https://www.redhat.com/en/services/training/rh124-red-hat-system-administration-i

Leave a Reply