Ubuntu Linux System Administration

1. User Accounts

As in all Linux, user accounts are maintained in the /etc/passwd file, which is owned by the superuser but readable by anyone. Each user has a line in the /etc/passwd file of the form

loginName:x:gid:uid:usefInfo:homeDir:initialProgram

where the second field x indicates checking user password. Encrypted user passwords are maintained in the /etc/shadow file. Each line of the shadow file contains the encrypted user password, followed by optional aging limit information, such as expiration date and time, etc. When a user tries to login with a login name and password, Linux will check both the /etc/passwd and /etc/shadow files to authenticate the user. After a user login successfully, the login process becomes the user process by acquiring the user’s gid and uid, changes directory to the user’s homeDir and executes the listed initialProgram, which is usually the command interpreter sh.

2. Add New User

This may be a pathological case for most users who run Ubuntu Linux on their personal PCs or laptops. But let’ s assume that the reader may want to add a family member to use the same computer but as a different user. As in all Linux, Ubuntu supports an adduser command, which can be run as

sudo adduer username

It adds a new user by creating an account and also a default home directory /home/usemame for the new user. Henceforth, Ubuntu will display a list of user names in its “About The Computer” menu. The new user may login to the system by selecting the new username.

3. The sudo Command

For security reasons, the root or superuser account is disabled in Ubuntu, which prevents anyone from login as the root user (well, not quite; there is a way but I won’t disclose it). sudo (“superuser do”) allows a user to execute a command as another user, usually the superuser. It temporarily elevates the user process to the superuser privilege while executing a command. When the command execution finishes, the user process reverts back to its original privilege level. In order to be able to use sudo, the user’s name must be in the /etc/sudoers file. To allow a user to issue sudo, simply add a line to sudoers files, as in

username ALL(ALL) ALL

However, the /etc/sudoers file has a very rigid format. Any syntax error in the file could breech the system security. Linux recommends editing the file only by the special command visudo, which invokes the vi editor but with checking and validation.

Source: Wang K.C. (2018), Systems Programming in Unix/Linux, Springer; 1st ed. 2018 edition.

Leave a Reply

Your email address will not be published. Required fields are marked *