Thursday, January 29, 2015

How to delete user account in Linux?



Deleting user account in Linux is as a task to remove user login credentials from system configuration files such as /etc/passwd, /etc/shadow and files which are owned by that particular user  from the Linux server. Here we are going to see on how to delete a user and precautions to be taken when deleting users. Lets start deleting user with examples.

Example: Delete user account from a machine

userdel username
or
deluser username 

Example:
userdel rajesh

The disadvantage of the above command is that it only deletes users login details but not his home directory.

Example: Deleting user account and his home directory from a Linux machine

userdel -r username
userdel –r rajesh

-r stands recurse for remove home directory.

Example: Delete user account forcefully though user logged in.




deluser –force username


deluser –f rajesh



Saturday, January 24, 2015

Three Special Permission in Linux - SUID, SGID & Sticky Bit



Three Special Permission in Linux - SUID, SGID & Sticky Bit.


Three special permission in linux are SUID, SGID and Sticky Bit which is use to control the linux user in advance.
What is SUID?

The common explanation given for SUID is, it is an advance file permission SUID allows an user to execute a script as if the owner of the script is executing it.

Example for SUID
root@linuxforfreshers:~#ls -l /usr/bin/passwd
-rwsr-xr-x 1 root root 22984 Jan  2013 /usr/bin/passwd
SUID bit is set on an executable. It runs with the permission of its owner.

Command :
root@linuxforfreshers:~#chmod u+s  < file name >

                                  or

root@linuxforfreshers:~#chmod 4755  < file name >
What is SGID?

If the set gid bit on directory entry is set, file in that directory will have the group ownership as the directory, instead of than the group of the user that created the file.

Command :
root@linuxforfreshers:~#chmod g+s  < file name >

                                 or

root@linuxforfreshers:~#chmod 2755  <file name >

What is Sticky Bit?
Sticky Bit is mainly used on folders in order to avoid deletion of a folder and its content by other users though they having write permissions on the folder contents. If Sticky bit is enabled on a folder, the folder contents are deleted by only owner who created them and the root user. No one else can delete other users data in this folder(Where sticky bit is set). This is a security measure to avoid deletion of critical folders and their content(sub-folders and files), though other users have full permissions.
How can I setup Sticky Bit for a Folder?
Sticky Bit can be set in two ways
1.     Symbolic way (t,represents sticky bit)
2.     Numerical/octal way (1, Sticky Bit bit as value 1)

Symbolic way:
chmod o+t /opt/dump/
or
chmod +t /opt/dump/
Numerical way:
chmod 1757 /opt/dump/
Here in 1757, 1 indicates Sticky Bit set, 7 for full permissions for owner, 5 for read and execute permissions for group, and full permissions for others.

root@linuxforfreshers:~#chmod o+t  < Dir Name >

                                   or

root@linuxforfreshers:~#chmod 1777 < Dir Name >

Tuesday, January 20, 2015

How to add user in Linux



This is a small “how-to” on adding users in Linux. As Linux is multi-user supporting operating system so that multiple users can login symeltiniously login and do their job. Linux administrators some time require to create user accounts for a project so that the users can login to the machine and work on it. This can be accomplished by executing adduser linux command from terminal. This command will create user accounts with normal privileged access and with default settings such as home directories, type of the shell, UID and GID as well. Only root user can execute adduser command. If a normal user want to create accounts in the system he should be granted access by root user for sudo access for adduser command.

Step1: Add user account with following command

adduser user-name
or
useradd user-name

Example:

adduser rajesh
or
useradd rajesh

Note: There is one more command useradd which will work similarly as adduser command.

Step2: Set password for this user so that he can login to the machine. If this step is missed user can not login to this machine.

passwd username

Example:

passwd rajesh
passwd ******
confirm passwd ******

Step3: Check if the user account is created successfully or not

grep rajesh /etc/passwd
or
tail /etc/passwd
This command should show you a line contain about user:rajesh details.

Saturday, January 17, 2015

Linux Change File / Directory Ownership - Chown Command



The files, directories and processes (which are again files) in Linux are owned by users. They have a group owner. The owner and group ownership is important as the security of files through permissions (the DAC) is set on owner, group owner and others. The chown command can change the ownership and group ownership of a file.

Linux chown command
Change Ownership
To change the ownership of a file, chown is provided with two arguments, the new owner and the file whose owner is to be changed.

# ls -l corpora/stopwords/english
-rw-r--r-- 1 root root 623 Dec 10 2012 corpora/stopwords/english

# chown raghu corpora/stopwords/english

# ls -l corpora/stopwords/english

-rw-r--r-- 1 raghu root 623 Dec 10 2013 corpora/stopwords/english
The root user is the owner of the file, chown commands makes raghu user the new owner.
Changing owner and group

If the owner is followed by a colon and a group name (without spaces), the group name is changed as well.

# ls -l corpora/stopwords/rajesh
-rw-r--r-- 1 root root 424 Dec 10 2013 corpora/stopwords/rajesh

# chown raghu:altair corpora/stopwords/rajesh
# ls -l corpora/stopwords/rajesh

-rw-r--r-- 1 raghu altair 424 Dec 10 2012 corpora/stopwords/rajesh

Now the new owner of the file is raghu and the new group owner is altair group.
Now, in this syntax involving colon, if a colon but no group name follows the user name, the given user is made the owner of the file and that user's login group is made as the group owner of the file.

# ls -l corpora/stopwords/dutch
-rw-r--r-- 1 root root 453 Dec 10 2012 corpora/stopwords/dutch

# chown raghu: corpora/stopwords/dutch

# ls -l corpora/stopwords/dutch
-rw-r--r-- 1 raghu raghu 453 Dec 10 2013 corpora/stopwords/dutch

If the colon and group are mentioned, only the group of the file is changed. In this case, the command works like chgrp command.

# ls -l corpora/stopwords/finnish
-rw-r--r-- 1 root root 1579 Dec 10 2013 corpora/stopwords/finnish

# chown :altair corpora/stopwords/finnish
# ls -l corpora/stopwords/finnish
-rw-r--r-- 1 root altair 1579 Dec 10 2012 corpora/stopwords/finnish

Changing permissions for directories recursively
The ownership of the directories and files contained in them can be changed recursively with -R option.

# ls -l /home/rajesh/
total 12
-rw-rw-r-- 1 rajesh javaproject 0 Aug 19 2013 file1
drwxrwxr-x 2 rajesh rajesh 4096 Aug 19 2013 hello

# chown -R raghu /home/rajesh/
# ls -l /home/rajesh/
total 12
-rw-rw-r-- 1 raghu javaproject 0 Aug 19 2013 file1
drwxrwxr-x 2 raghu rajesh 4096 Aug 19 2013 hello

Verbose output
The --verbose option shows all the ownership changing. It outputs the diagnostics for each file processed

# chown -R --verbose rajesh /home/rajesh/
changed ownership of `/home/rajesh/hello' to rajesh
changed ownership of `/home/rajesh/.emacs' to rajesh
changed ownership of `/home/rajesh/.bash_history' to rajesh
changed ownership of `/home/rajesh/.bash_logout' to rajesh
changed ownership of `/home/rajesh/.bashrc' to rajesh
changed ownership of `/home/rajesh/file1' to rajesh
changed ownership of `/home/rajesh/.mozilla/plugins' to rajesh
changed ownership of `/home/rajesh/.mozilla/extensions' to rajesh
changed ownership of `/home/rajesh/.mozilla' to rajesh
changed ownership of `/home/rajesh/.bash_profile' to rajesh
changed ownership of `/home/rajesh/' to rajesh

The verbose option outputs processing of each file even when the changes are not made. But with -c or --changes option, the output is reported only when changes are made. For example,

# chown -R --verbose rajesh /home/rajesh/
ownership of `/home/rajesh/hello' retained as rajesh
ownership of `/home/rajesh/.emacs' retained as rajesh
ownership of `/home/rajesh/.bash_history' retained as rajesh
ownership of `/home/rajesh/.bash_logout' retained as rajesh
ownership of `/home/rajesh/.bashrc' retained as rajesh
ownership of `/home/rajesh/file1' retained as rajesh
ownership of `/home/rajesh/.mozilla/plugins' retained as rajesh
ownership of `/home/rajesh/.mozilla/extensions' retained as rajesh
ownership of `/home/rajesh/.mozilla' retained as rajesh
ownership of `/home/rajesh/.bash_profile' retained as rajesh
ownership of `/home/rajesh/' retained as rajesh