Professional Documents
Culture Documents
CODE BCN3043
TOPIC 1. User management (part 1)
INSTRUCTION:
1. Read and follow the simple notes given.
2. Do the tasks given
3. Used Centos 7 Server 2 with the password: 123456, root password: 123456
OBJECTIVE:
At the end of this lab section, students will be able to:
1. Add new admin into the system
2. Create password for each admin
3. Print out the specific output base on the command given
BACKGROUND:
1. Introduction
In managing network server, managing users such as adding and removing user is important.
When you create a new server, you are only given the root account by default. However, it is
dangerous to use this root account alone because - It will provide you a lot of power and
flexibility. For example, sometimes accidentally deleted the server’s entire important file system.
Each user should have an additional account so that their activities can be monitored and
managed. You can still acquire administrative privileges, when needed, through a mechanism
called sudo.
This lab sheet covers how to create user accounts, assign sudo privileges, and delete users on a
CentOS 7 server.
3. Take control of Linux
if you have ever used Ubuntu, you know that the root account is disabled. This is because the
root password is not set in Ubuntu, you can assign one and use it as with every other Linux
distribution. That anyway is another story. On normal Ubuntu Linux computers you need to use
sudo to act as root. Before you want to add the new user, the file sudoers should be modified by
typing (you must be in root directory to edit sudoers):
su
to change into root directory
exit
to exit from root directory
1.
vi /etc/sudoers
vi text editor has 2 mode :
insert mode : type i
command mode : press ESC
For more detail can refer to this link VI Text Editor with Commands:
https://www.guru99.com/the-vi-editor.html
4. Adding Users
If you are signed in as the root user, you can create a new user at any time by typing (Be sure to
replace username with the user that you want to create @ add):
adduser username
If you are signed in as a non-root user who has been given sudo privileges, as demonstrated in
the next section of this tutorial, you can add a new user by typing:
Then to make sure that the new user already added to the server, type this command:
tail -i /etc/passwd
note : the tail command will display the last I number of lines of a file
for example :
tail -2 /etc/passwd
Next, you’ll need to give your user a password so that they can log in. To do so, use the passwd
command:
passwd username
NOTE: REMEMBER TO ADD sudo AHEAD OF THE COMMAND IF YOU ARE SIGNED IN AS A NON-
ROOT USER WITH SUDO PRIVILEGES.
You will be prompted to type in the password twice to confirm it. Now your new user is set up
and ready for use! You can now log in as that user, using the password that you set up.
When you log out, you will see that the new user already added to the server such as example
below:
Log in into new user account, it shows that the server name is admin1
If your new user SHOULD have the ability to execute commands with root (administrative)
privileges, you will need to give the new user access to sudo.
We can do this by adding the user to the any group (which gives sudo access to all of its members
by default) through the gpasswd command. This is the safest and easiest way to
manage sudo user rights.
groupadd groupname
OR just simply type this command to create and add the username at the same time
gpasswd -a username groupname
you can check the username already add to the group by typing:
tail –i /etc/group
Now your new user is able to execute commands with administrative privileges. To do so, simply
type sudo ahead of the command that you want to execute as an administrator:
sudo some_command
You will be prompted to enter the password of the regular user account that you are signed in
as. Once the correct password has been submitted, the command you entered will be executed
with root privileges.
While you can add and remove users from a group (such as wheel) with gpasswd, the command
doesn’t have a way to show which users are members of a group. In order to see which users are
part of that group (and thus have sudo privileges by default), you can use the lid function. lid is
normally used to show which groups a user belongs to, but with the -g flag, you can reverse it
and show which users belong in a group:
The output will show you the usernames and UIDs that are associated with the group. This is a
good way of confirming that your previous commands were successful, and that the user has the
privileges that they need.
8. Deleting Users
If you have a user account that you no longer need, it’s best to delete the old account. You have
a couple of methods to do so, though the choice of which method to use depends on your own
situation.
If you want to delete the user without deleting any of their files, type this command as root:
userdel username
If you want to delete the user’s home directory along with the user account itself, type this
command as root:
userdel -r username
TASK (PRINT SCREEN ALL THE ANSWER)
1. Add three new users into the server according to these names
a. User1
b. User2
c. User3
Shows the prove that all the new users already created.
2. Set password for user1 with 1234, record what is happen and why it’s happen.
4. Login into these three new users using the password created and type command “who am I”
Screenshot the Answer
5. Grant sudo privileges of user1 and user2 into admin group. (add user1 and user2 inside admin
group)
Shows the prove that user1 and user2 are inside admin group
6. Delete user3. Shows the user3 already remove from the system
7. Print history and save it name <yourname>command. * print out the history command
together with your hardcopy