Scribd
Upload
7 views9 pages

SP-Lab8

The document outlines the objectives and tasks related to user and group management in a system programming lab at the University of Engineering and Technology, Taxila. It covers topics such as password management, user account modification, group creation, and the use of various commands like passwd, useradd, and groupadd. Additionally, it includes practical lab tasks for students to implement and verify their understanding of these concepts.

Uploaded by

Hafsa Rafique
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
7 views9 pages

SP-Lab8

The document outlines the objectives and tasks related to user and group management in a system programming lab at the University of Engineering and Technology, Taxila. It covers topics such as password management, user account modification, group creation, and the use of various commands like passwd, useradd, and groupadd. Additionally, it includes practical lab tasks for students to implement and verify their understanding of these concepts.

Uploaded by

Hafsa Rafique
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 9

UNIVERSITY OF ENGINEERING AND TECHNOLOGY, TAXILA

FACULTY OF TELECOMMUNICATION AND INFORMATION ENGINEERING

Computer ENGINEERING DEPARTMENT

Lab # 08
System Programming
Course Instructor: Dr. Adnan Mustafa
Date: 13/02/2025

System Programming 8th Semester-2k21-CP UET Taxila


UNIVERSITY OF ENGINEERING AND TECHNOLOGY, TAXILA
FACULTY OF TELECOMMUNICATION AND INFORMATION ENGINEERING

Computer ENGINEERING DEPARTMENT

User passwords
Objectives:
Understanding of
 User database file
 Password database file
 Encryption of password
 Modification of User Account
 Creation of group
 Addition of users to a group
 Privileges assignment
 Database of groups
 Modification of groups
passwd:
Passwords of users can be set with the passwd command. Users will have to provide their old
password before twice entering the new one.

The passwd tool will do some basic verification to prevent user from using simple password.

But root user doesn’t have following rules

System Programming 8th Semester-2k21-CP UET Taxila


UNIVERSITY OF ENGINEERING AND TECHNOLOGY, TAXILA
FACULTY OF TELECOMMUNICATION AND INFORMATION ENGINEERING

Computer ENGINEERING DEPARTMENT

shadow file:
User passwords are encrypted and kept in /etc/shadow. The /etc/shadow file is read only and can
only be read by root.

Users can change their password with the /usr/bin/passwd command.

encryption with passwd:

System Programming 8th Semester-2k21-CP UET Taxila


UNIVERSITY OF ENGINEERING AND TECHNOLOGY, TAXILA
FACULTY OF TELECOMMUNICATION AND INFORMATION ENGINEERING

Computer ENGINEERING DEPARTMENT

Passwords are stored in an encrypted format. This encryption is done by the crypt function. The
easiest (and recommended) way to add a user with a password to the system is to add the user
with the useradd -m user command, and then set the user's password with passwd.

encryption with openssl:


Another way to create users with a password is to use the -p option of useradd, but that
option requires an encrypted password. You can generate this encrypted password with the
openssl passwd command The openssl passwd command will generate several distinct
hashes for the same password, for this it uses a salt.

This salt can be chosen and is visible as the first two characters of the hash.

Example show you how to create new user with encrypted password.

/etc/login.defs:
The /etc/login.defs file contains some default settings for user passwords like password aging
and length settings.

System Programming 8th Semester-2k21-CP UET Taxila


UNIVERSITY OF ENGINEERING AND TECHNOLOGY, TAXILA
FACULTY OF TELECOMMUNICATION AND INFORMATION ENGINEERING

Computer ENGINEERING DEPARTMENT

chage:
The chage command can be used to set an expiration date for a user account (-E), set a
minimum (-m) and maximum (-M) password age, a password expiration date, and set the
number of warning days before the password expiration date. Much of this functionality is also
available from the passwd command. The -l option of chage will list these settings for a user.

disabling a password:
Passwords in /etc/shadow cannot begin with an exclamation mark. When the second field in
/etc/passwd starts with an exclamation mark, then the password cannot be used.

Link3: https://www.youtube.com/watch?v=2kwdLidH4aY

GROUPS
Users can be listed in groups. Groups allow you to set permissions on the group level instead of
having to set permissions for every individual user. groupadd:
Groups can be created with the groupadd command. The example below shows the creation of
five (empty) groups.

System Programming 8th Semester-2k21-CP UET Taxila


UNIVERSITY OF ENGINEERING AND TECHNOLOGY, TAXILA
FACULTY OF TELECOMMUNICATION AND INFORMATION ENGINEERING

Computer ENGINEERING DEPARTMENT

group file:
Users can be a member of several groups. Group membership is defined by the /etc/group
file

The first field is the group's name. The second field is the group's (encrypted) password (can be
empty). The third field is the group identification or GID. The fourth field is the list of
members, these groups have no members groups:
A user can type the groups command to see a list of groups where the user belongs to.

Usermod:
Group membership can be modified with the useradd or usermod command.

groupmod:
You can change the group name with the groupmod command

System Programming 8th Semester-2k21-CP UET Taxila


UNIVERSITY OF ENGINEERING AND TECHNOLOGY, TAXILA
FACULTY OF TELECOMMUNICATION AND INFORMATION ENGINEERING

Computer ENGINEERING DEPARTMENT

groupdel:
You can permanently remove a group with the groupdel command.

gpasswd:
You can delegate control of group membership to another user with the gpasswd command. In
the example below we delegate permissions to add and remove group members to fahad for the
group group1. Then we su to fahad and add user2 to the group1.

System Programming 8th Semester-2k21-CP UET Taxila


UNIVERSITY OF ENGINEERING AND TECHNOLOGY, TAXILA
FACULTY OF TELECOMMUNICATION AND INFORMATION ENGINEERING

Computer ENGINEERING DEPARTMENT

Group administrators do not have to be a member of the group. They can remove themselves
from a group, but this does not influence their ability to add or remove members.

To remove all group administrators from a group, use the gpasswd command to set an empty
administrators list.

Link1: https://www.youtube.com/watch?v=hogtpHiz4DE
Link2: https://www.youtube.com/watch?v=AGY0eFLyEbI
Link3: https://www.youtube.com/watch?v=68q4m-wN7A0 (Groups)
Link4: https://www.youtube.com/watch?v=3mFggEiDo4c (Groups)

Lab Tasks:
1. Set the password for serena to hunter2.
2. Also set a password for venus and then lock the venus user account with usermod.
Verify the locking in /etc/shadow before and after you lock it.
3. Use passwd -d to disable the serena password. Verify the serena line in /etc/shadow
before and after disabling.
4. What is the difference between locking a user account and disabling a user account's
password like we just did with usermod -L and passwd -d?
5. Try changing the password of serena to serena as serena.
6. Make sure serena has to change her password in 10 days.
7. Make sure every new user needs to change their password every 10 days.
8. Take a backup as root of /etc/shadow. Use vi to copy an encrypted hunter2 hash from
venus to serena. Can serena now log on with hunter2 as a password ?
9. Use chsh to list all shells (only works on RHEL/CentOS/Fedora), and compare to cat /
etc/shells.
10. Which useradd option allows you to name a home directory ?
11. Create the groups tennis, football and sports.
12. In one command, make venus a member of tennis and sports.
13. Rename the football group to foot.
14. Use vi to add serena to the tennis group.
15. Use the id command to verify that serena is a member of tennis.

System Programming 8th Semester-2k21-CP UET Taxila


UNIVERSITY OF ENGINEERING AND TECHNOLOGY, TAXILA
FACULTY OF TELECOMMUNICATION AND INFORMATION ENGINEERING

Computer ENGINEERING DEPARTMENT

16. Make someone responsible for managing group membership of foot and sports. Test that
it works.

System Programming 8th Semester-2k21-CP UET Taxila

You might also like