User & Group Management

User

       User an object, which is used to access the computer resources ( like directory and printer)with some specific privilege. Each user is identified by a unic  numerical identification number called user id (UID)

Group

         Group is a collection of those users who has the same privilege on specific resources. Each group has a unique numerical identification number called group ID (GID) 

Types of USER

There are three types of user available in linux 

1.Supper User or root user (#)

2.System User

3.Normal User ($)   

ROOT USER

Super user or root user is the most powerful user account in linux operating system. it is the administrator of linux system.This will created while installing the operating system. The user id (UID) of root user is "0". 

SYSTEM USER 

System user is nothing but services. System users are the users that is created by software or applications. For Example, if we install Apache Server, then it will create user account named "apache". These types of user are known as system user.By default user-manager does not display the system users.The UID of system users start from 1 to 499.   

NORMAL USER 
Normal user are the users that is created by root user account.They are normal user like, Rahul, Anoop, Gagan, Trilok etc. Only the root user account has the permission to add or remove the user account. The user id (UID) starts from 500 65534.

User's UID 

USER TYPE	IN RHEL 6 OR OLDER	IN RHEL 7
Root User	0	0
System User	1-499	1-999
Normal User	Starts from 500	Starts from 1000

NOTE:The range of UID_MIN & GID_MIN is specified in
# vi /etc/login.defs

 User Configuration files:
. /etc/passwd   :User account information

. /etc/shadow   :Secure user account information and aging policy

. /etc/group     :Group account information

. /etc/gshadow :Secure group account information

/etc/passwd : 

                   Each line in the file contain the log in information of a single user on the system. 

                      root: x : 0 : 0 : rahul : /root : /bin/bash

root	Account username
x	Place holder for passwd information.The passwd is obtained from the "/etc/shadow" file. "/etc/passwd" store the encrypted passwd for any user.
0	User ID. Each user has a unique ID that indicates them on the system. The root user is always referenced by user id '0'.
0	Group ID. Each group has a unique group id. Each user has a primary group that is used as the group by default. The root group's id is always '0'.
rahul	Comment field. This field can be used to describe the user or user's function. This can be any thing from contact information for the user, to descriptions of the service the account was made for.
/root	Home Directory. for regular users, this would usually be /home/username. for root, this is /root
/bin/bash	User shell. This field contains the shell that will be spawned or the command that will be run when the user login in .

  

/etc/shadow :

The /etc/shadow file stores actual password in encrypted format for user's account with additional properties related to user passwd. All fields are separated by a colon (:) symbol.

     root : $1fdskrnmakmnhqwusaghl : 14257 : 0 : 89999 : 7 : 2 :1

root	User name. It is the login name of user account.
$1fdskrn	Password. It is encrypted password of user account.
14257	Last password change. Ex:-Days since jan 2 1989 the password was last changed.
0	Minimum. This field denotes the minimum number of days after which user can change his password (0 indicates it may be changed at any time.)
89999	Maximum. The maximum number of days the password is valid after that user is forced to change his/her password.
7	Warning threshold. This field denotes the number of days before which the user will receive a warning notification about the password expiry.
2	Inactive. The field denotes the number of days after which the account will be disabled,when the password is expired.
1	Expire. Password is expire, since jan 2 1989 that account is disabled. That is an absolute date specifying when the login may no longer be used.

/etc/group :

It store group information or defines the user group i.e It defines the group to which user belong. All fields are separated by colon (:).

   csg :  $1fdskrn : 1000 : gagan,anoop,Rahul

csg	Group name
$1fdskrn	Group Password. It is encrypted password of group user account.
1000	Group Id (GID). The numerical equivalent of the group name.
Gagan,anoop, rahul	Group Member List. It is a list of user names of users who are member of the group. The user name must be separated by commas.

/etc/gshadow :
The /etc/gshadow file is readable only by the root user and contains an encrypted password for each group as well as group membership and administrator information.

  csg :  $1fdskrn : Myfriend : gagan,anoop,Rahul

csg	Group name
$1fdskrn	Group Password. It is encrypted password of the group.
Myfriend	Group Administrator. Group member listed here can add or remove group members using the "gpasswd" command.
Gagan,anoop, rahul	Group Member List. It is a list of user names of users who are member of the group. The user name must be separated by commas.It is non administrative member of the group.