Pawan Sharma | May 31, 2012 | Be the first to comment!

/etc/skell (USER ADMINISTRATION)

In Redhat Enterprise Linux 6  (RHEL 6), when a user is created it have its own home directory. In user's home directory there are some hidden files like .bash_profile, .bashrc, etc. These hidden files automatically created in user's home directory when useradd add command is used to create a user.

There is a directory, in RHEL, /etc/skel which serves as a skeleton for user's home directory, Whenever a user is created all files in /etc/skell are copied in user's home directory. Mainly this directory contains below mentioned files:


.bash_logout
.bash_profile
.bashrc


/etc/skel directory can be used to set default properties for user, also to give all users a set of required file. This can be useful for a system administrator to give default files to every new user which he/she creates using useradd command . If you put some file in /etc/skel directory, these files will be automatically copied to home directory of a user when you create a new user.


Please comment if you have any doubts about User Administration in Linux or any questions related to RHCSA and RHCE exams....
Pawan Sharma | May 30, 2012 | 8 Comments so far

/etc/default/useradd (USER ADMINISTRATION)

User administration in Redhat Enterprise Linux (RHEL 6) is quiet interesting. When a user is created, different properties related to user are implemented, and these default user properties are stored in different files. User properties like, where user's home directory is to be created, what should be the user's shell, etc are taken from a file "user/default/useradd".

When useradd command executed, it takes some of user property values form a file called /user/default/useradd from where it gets the following values:


GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=
SHELL=/bin/bash
SKEL=/etc/skel
CREATE_MAIL_SPOOL=yes


Description : -

1. GROUP: Maximum number of groups for which a user can be a member of.

2. HOME : Directory where the user's home directory will be created.

3. INACTIVE: Number of days the account should be inactive after creation.

   Note: "-1" means never inactive i.e. always active

4. EXPIRE: Date on which the account should expire. It is given in the form YYYY-MM-DD.

5. SHELL: Default login shell for the user.

6. SKEL: Directory from where the default user profile files will be copied to the user's home directory.

7. CREATE_MAIL_SPOOL:
This option ensures that a new user will have a directory of its user name in /var/main where the mail process can store mail messages. 

By editing this file from command line, you can change the default shell and directory containing home directories for new users on Linux Operating System.
Pawan Sharma | May 27, 2012 | Be the first to comment!

Understanding /etc/login.defs

User administration is, I think, the basic but most important part of any system administrator's job. In production environment we have to do some security hardening related with user and groups. In Redhat Enterprise Linux 6 (RHEL6) we have a file called /etc/login.defs which have default password policy for users. Some times we have to change the password policy according to the organization's user policy, like minimum password length, password expiration period, etc.

We can apply password policy through graphical user administration tool, but I would suggest to use command line tool to change password policy. To change password policy through command line in Linux, we just have to edit /etc/login.defs file. Only root user can edit this file.

When useradd command used a user is created and then useradd binary now proceeds with the process of user creation and goes to the /etc/login.defs file to get following values from the file :


MAIL_DIR        /var/spool/mail

PASS_MAX_DAYS   99999
PASS_MIN_DAYS   0
PASS_MIN_LEN    5
PASS_WARN_AGE   7

UID_MIN           500
UID_MAX         60000

GID_MIN           500
GID_MAX         60000

CREATE_HOME     yes

Description : -
-----------
 1. MAIL_DIR: Directory where the user's mail will be stored.

 2. PASS_MAX_DAYS: Maximum number of days for the validity of a password.

 3. PASS_MIN_DAYS: Minimum number of days gap before a password can be changed again.

 4. PASS_MIN_LEN: Minimum required length of a password.

 5. PASS_WARN_AGE: Warning for password expiry to be given before the stipulated number of    days.

 6. UID_MIN: Minimim value for automatic user id selection.

 7. UID_MAX: Maximum value for automatic user id selection.

 8. GID_MIN: Minimum value for automatic group id selection.

 9. GID_MAX: Maximum value for automatic group id selection.

10. CREATE_HOME: Whether useradd should create home directories for users .

If we change these values in /etc/login.defs file, when new user is created, the user will hold the new values.


Pawan Sharma | May 23, 2012 | Be the first to comment!

User Administration and /etc/gshadow

In Redhat Enterprise Linux /etc/gshadow is one of the file is rarely heard by users even system administrators. To learn Linux we have to know all command line tools and important files. In this post we will discuss about /etc/gshadow file.

/etc/gshadow is the goup shadow file and contains the following four fields-:

1. Group Name

2. Contains the encrypted group password of the text password which was specified using gpasswd command

    If the file /etc/gshadow is deleted , then this encryped password is moved to second field of /etc/group.

    If no password is given to group, then a '!' is displayed in the file.

3. Contains list of the group administrators names.By default it is blank i.e. only user having same name as,group name is first group administrator.

4. Contains list of group members names.Blank by default.


Pawan Sharma | May 22, 2012 | Be the first to comment!

Understanding /etc/group

In this post we will discuss about an important file /etc/group. To pass Redhat Certified System Administration(RHCSA) exam we need to know all important files related to user administration. In /etc/group file we can find group related all user groups in Linux operating system. 

When a user is added , a user private group is created and the corresponding entry is put in /etc/group. /etc/group contains 4 fields and are
explained below

1. GROUP NAME: which is the same as USER_NAME which is specified with the useradd command.

2. GROUP PASSWORD: Group Password can be given using the command gpasswd .

   For eg:     gpasswd pawan
                   Changing the password for group pawan
                   New Password:
                   Re-enter new password:

3. GID -> Group ID which is the same as UID.

4. The last field discribe ther members of the group except the user which is already a member of the group .

   A user is added to a group using the follwing command -:

   usermod -G GROUP_NAME USER_NAME

   For eg:  usermod -G pawan major_group

   A Group can also be created using the command groupadd

   For eg:  groupadd major_group

   An entry for the "major_group" group will be placed in the file /etc/group.

If we want to give same permissions to few users, we can make them member of a group. By making some users member of a group we can give permission to that group and all users in that group will get that permission. We can also set Access Control Lists (ACL) on group.

Pawan Sharma | | | Be the first to comment!

Understanding: /etc/shadow (User Account Management)

RHCSA exam focus on basic system administration, and questions asked in RHCSA are similar situations which you will face in real environment.
 /etc/shadow is not commonly used file, but is very important as far as User Administration and RHCSA is concern.
 /etc/shadow contains password related information for user and groups on the system. This file stores actual password in encrypted format for user's account with additional properties related to user password. Only root user can read shadow file, other users can not read this file.

There are 9 fields in /etc/shadow file seperated by ':' i.e. IFS (Internal Field Seperator) ,and they are explaeind as below -:An example entry of /etc/shadow is given below:

pawan:$1$J6/rsxw3$TEcDpPsW0gx9035DFNlUU/:15162:0:99999:7:::
                                                                                       
Each entry in /etc/shadow contains 9 fields which are separated by ":".
/etc/shadow
1. Username: It is used when user log-in. It should be between 1 to 32 character.

2. Password: It is a user's encrypted password. The password should be minimum of 6 to 8 characters long including special characters/digits.
3. Days since Unix epoch password was changed (Jan 1 1970). This can also be interpreted as the field , if chaged to 0 , the user password is immdeatly expired . When the user logs in the next time , he is forced to change his pasword ( root enforced ).

4. Minimum: Days left before password may be changed. This can also be interpreted as number of days after which the password is allowed to be changed.This is to stop user from changing his password very frequently . Normally is given 0 , so that user can change his password the number of times he desires.

5. Maximum: days after which password must be changed. This field is used to put the restriction on the maximum no. of days that a password can be used by the user.After the no. specified in the file against this file expires , he/she is forced to change their password.

6. Warn: The days before password is to expire, that user is warned that his/her password must be changed.

7. Inactive(Password Grace Field): The days after password expires, that account is disabled. This field is used as warning period alloted to user after his account's password is expired as specified by the 5th and 6th field. After this period the user's account is disabled and can only be re-enabled by the root user.
8. This field is used as an emergency disable field by the root user. If 0 is given in this field , the user account will be disabled immediately and he cannot login till the time root does not remove this restriction.
 
9. This field is reserved for future use.
5th , 6th and 7th field combined together can be used by the root to make a policy to make sure that passowrd is changed after a specified no of days , keeping in account grace and warning field. If the user is not able to comply for any perticular reason,his account is blocked.

Using this file you can manage password properties.
Please click on facebook like button if you like the post.

    Pawan Sharma | May 21, 2012 | | Be the first to comment!

    Understanding: /etc/passwd (User Account Management)

         In this post we will discuss one of the most important file in Redhat Enterprise Linux (RHEL), which is /etc/passwd. This file is very important because this serves as a default database of user on the system. Using /etc/passwd we can add users, modify user settings, etc from command line.
         For user administration part of the RHCSA Exam this is the most important file. Using /etc/passwd you can do the exam tasks and also check the results to confirm your completed tasks related to users.

    An example entry of /etc/passwd is given below:

    pawan:x:501:501:Pawan Sharma:/home/pawan:/bin/bash

    Each entry in /etc/passwd file contains 7 fields.

    1. Username: It is used when user log-in. It should be between 1 to 32 character.

    2. Password: An 'x' character indicates that encrypted password is stored in /etc/shadow file. The 'x' refers and matches password value from /etc/shadow file. If we put * inplace of x then user can't login. If we keep second field blank then user can login without password.

    3. User ID (UID): Each user must be assigned a User ID (UID). UID=0 is reserved for root user and UID 1 to 99 are reserved for other predefined accounts. It is a unique identity number for every user on the system.

    4. Group ID (GID): Whenever a user is created a primary group is also created for a user. Every user have its own primary group but it can also have supplementary groups.


    5. GECOS: This is optional and only used for informational purpose. Usually it contains the fill name of the user. You can say it as a comment field.

    6. Home Directory: It represents  the absolute path to the user's home directory. If this directory does not exist the '/' directory becomes the users home directory.

    7. Shell: The absolute path of command or shell (/bin/bash). Typically this field contain information about user's default shell.
    This file is one of the most important file as far as RHCSA is concerned. So do a lot of experiments on this file, but before making any changes to this file take a backup of this file.

    If you have any questions regarding user administration or /etc/passwd please ask me. I will try to answer.....

      Pawan Sharma | | | Be the first to comment!

      User Administration in Linux

      User administration is the most important part of Linux system administration. It is one of the most important objective of RHCSA and RHCE certification exam. In Linux Users and Groups can be administered using user/group administration GUI tool, also users can be created through command line as well in Redhat Enterprise Linux. But I will suggest you to use command line user administration commands as much as possible because in production environment GUI won’t be provided. Many people who are learning Linux don’t know all features of user administration commands and related files. In the next few posts we will discuss all about the user administration and features.

      There are three types of users in Linux.

      1. Superuser: At the time of Linux installation it is create. Root user has right to make other users & his “userid” & “groupid” is zero in “/etc/passwd” file.
      2. Systemuser: These users create by System. They can't login because their shell ‘sbin/noloin’ is default in seventh field in `/etc/passwd' file.
      3. Normaluser: These users create by superuser.

      To add a user from command line we need to use a command useradd/adduser:
      user and group in Red hat enterprice linuxFor example “useradd pawan”.

      adduser is not a binary but it is a symlink to the old unix command useradd which is present in /usr/sbin directory and this command can only be executed by root. In total, 69 things happen when a command useradd is given, we will discuss all.

      When useradd command executed, the information of useradd store in two main configuration files ‘passwd’ & ‘group’ these are related with other configuration files.

      Configuration files

      |----/etc/passwd
      |
      |----/etc/group
      |
      |----/etc/shadow
      |
      |----/etc/gshadow
      |
      |----/etc/login.defs
      |
      |----/etc/default/useradd
      |
      |----/etc/skel

      We will discuss about all these files in details in next post.

      Pawan Sharma | May 16, 2012 | Be the first to comment!

      Removing LV, VG and PV

      In this post we will see haw to remove Logical Volume, Volume Group and Physical Volume. The order is, to remove Logical Volume first, then Volume Group and then Physical Volume.

      1. To delete a Logical Volume first unmount the LV:
      umount <mount_point>
       
      2.  Then remove Logical Volume using lvremove command:
      lvremove <lvname>

      Removing LV, PV and VG
      After removing Logical Volume now we can remove Volume group

      • To remove Volume Group use vgremove command:
                 vgremove <vgremove>
      Removing Logical Volume
       
      •  To remove Physical Volume use pvremove command:
                  pvremove <pvname>

      Removing Physical Volume

       Here we complete the LVM part of RHCSA and RHCE exam objective. For any questions related to Logical Volume Manager please post comments.
      Pawan Sharma | | Be the first to comment!

      Reducing Size of Logical Volume

      In this post we will learn how to reduce size of a Logical Volume. It is not suggested to reduce a Logical Volume, as it may lead to data loss, but sometimes it is required to reduce a LV. If there is Logical Volume which is not using all the space an you have to take some space from it and give it to other mount point, in such situation we require to reduce a LV.

      In this example we will reduce Logical Volume lvdata1 from 1Gb to 300Mb.

      1. To reduce a Logical Volume first we have to unmount the LV using umount command.
      2. Then run command e2fsck to verify the file system. This command will run a file system check on the Logical Volume:
      e2fsck -f <full_path_of_Logical_Volume>
      Reducing Logical Volume.
      3. Then run command resize2fs to resize the file system to 300Mb.
      resize2fs /dev/DATAVG/lvdata1 300M.
       
      Then reduce LV using lvreduce command:
      lvreduce –L 300M /dev/DATAVG/lvdata1.
      Reducing Mount Point Size in RHEL

      After resizing mount point, mount the mount point using mount -a command.

      Be very careful when reducing the Logical Volume as it may cause data loss. In the next post we will see how to remove LV, VG and PV.
      If you have any questions please feel free to comment.





      Pawan Sharma | May 15, 2012 | Be the first to comment!

      Extending Logical Volume

      In this post we will see how to how to increase or decrease size of a Logical Volume online. Online means that you can change (extend or reduce) the size of a mount point while it is mounted and is used by any program without any data loss. Yes RHEL have this facility to extend or reduce a mount point online. This is very useful when you can’t unmount the mount point and have to increase the size of it.

      It is one of the RHCSA objective which is also used very frequently in production environment. This objective is mostly used where there are database on the server. As data increase in mount point it is required to extend the mount point. In this post we will see how to increase a size of a mount point and in next post we will see how to reduce size of a mount point.

      1. To extend a Logical Volume we need free space in its respective VG. In the below image we can see that Volume Group DATAVG have 1.88 GB free space. Use command vgdisplay to show free space in Volume Group.
      Extending Logical Volume in RHEL
      In the above image we can see that is something like 510/1.99 GB. Here 510 is Physical Extents(PE), above image shows that each PE size is 4 Mb.
      To extend a Logical Volume it is not needed to unmount it, also it can be used at the time of extending.
      2. In this example we will extend Logical Volume lvindx by 500Mb, which is mounted on /indx.  To extend lvindx by 500Mb use below command:
      lvextend –L +500M /dev/DATAVG/lvindx
      Note: if you don's add "+" sign in front of size the Logical Volume would be re-sized to 500M.
      Extending Mount Point in RHEL.
      In the above image output of lvscan command shows the increased size but df –Ph does not shows the extended size, /indx is still 1008M as before. This is because the LV has been extended but to take effect we have to run a command to add the extended spate to a mounted Logical Volume.
      3.Now to extend the mount point online user resize2fs command:
      resize2fs /dev/DATAVG/lvindx
      Extending mount point with LV in RHEL
      Above command will reflect changes and make the mount point extended online without affecting the existing data on the mount point.
      That’s how you can increase size of a mount point. In the next post we will see how to reduce a Logical Volume.


      Pawan Sharma | May 13, 2012 | Be the first to comment!

      Renaming Volume Group and Logical Volumes


      In this post we will learn how to rename a logical volume or Volume group. Renaming Logical Volumes and Volume Groups is an important objective of RHCSA and RHCE certification exam. In the exam you would we asked to rename a LV or VG. This RHCSA/RHCE objective is not only important for the certification exam point of view but also for the real system administration environment. Many times in the production environment we need to rename the Logical Volume Groups and Logical Volume. So it is very important to learn how LVM and partitioning works in LINUX.

      While renaming a  Logical Volume or Volume group it is important to take precautions as it may lead to data loss if you do something wrong. To rename a Logical Volume first we have to unmount the LV and then rename it using lvrename command. And to rename a Volume Group first we have to unmount all LVs in that VG and also deactivate all LVs (Under that VG) to use vgrename commang. Steps given below will explain the process more easily.

      1. To rename a Logical Volume, first we have to unmount the LV using umount <mount_point>.
      Renaming Logical Volume
      2. Then rename the Logical Volume using lvrename command: 
      lvrename <old_lvname> <new_lvname>  and then mount the LV using mount command and make changes to /etc/fstab.
      Rename Volume Group in RHEL 6
       In the next example we will rename the Volume Group.
      1. To rename the VG first unmount the mount all mount points in the VG:
       umount <mount_point>
      2. And then deactivate the Volume Group to inactive all LVs in it. Using vgchange command.
      vgchange -an <vg_name>
      Renaming Logical Volume
      3. Then rename the VG using vgrename command.
      vgrename <vg_name>
      4. After renaming the Volume Group use vgchange command to activate all LVs in VG.
      vgchange -ay <vg_name>
      Rename LogicalVolume
      4. After activating all Logical Volumes mount the LVs and make changes to /etc/fstab to make changes persistent.

      That’s how we can rename Logical Volume and Volume Group. In the next post we will see how to extend and reduce LVs online.

      If you have any questions or quires add comments.

      Pawan Sharma | May 1, 2012 | Be the first to comment!

      LVM Part 2: Creating PV, VG and LV

      In this post we will see how to create LVM partitions. LVM is one of the most important objectives of both RHCSA and RHCE. Also it is the most important and useful tool for Linux system administrators as it provides facility of extending and reducing partitions online.
      LVM covers following topics.
      1. Creating Physical Volumes
      2. Creating Volume Group.
      3. Creating Logical Volumes.
      4. Rename Volume Group.
      5. Rename Logical Volume.
      6. Extending Logical Volume Online.
      7. Extending Logical Volume Online.
      8. Reducing Volume Group.
      9. Deleting Logical Volume.
      10. Deleting Volume Group
      11. Deleting Physical Volume.
      In the previous post I mentioned that the Physical Volume can be a partition or a whole disk.  To see current partitions and disks use fdisk –l. In this example I will use the whole disk to create a Physical Volume.

      1. First select the disk from which you have to create the Physical Volume. In this example I am using the second and third disk (sdb and sdc) to create two PV.

      2. Use fdisk to create partition on the required hard disc and create a partition of whole disk as shown below.
      Partition manager in RHEL 6

      3. Now change type of partition to LINUX LVM. For that press t to edit the partition type and select 8e (Linux LVM) and use p to print partition table and save it using wq.

      Disk partitioning in RHEL6

      Note. It is not required to change the partition type to 8e (Linux LVM), this is just for the refrence.

      4. Now use pvcreate command to create the Physical Volume. Ex pvcreate /dev/sdb1, I have created one more PV with disc sdc, and use pvdisplay/pvscan command to view Physical volume.
      Disk partitioning in RHEL6
      5. Now create Volume Group using these two PVs.

      Ex: vgcreate <VG_NAME> /dev/sdb1 /dev/sdc. And use vgscan/vgdisplay command to view the VG.
      Disk partitioning in RHEL6


      In the above image we can see that there is 3.99GB/1022 PE free space we will create two LVs of 1 GB each.


      6. From the above volume group we can create logical volumes as we like, in this example I will create 2 logical volumes each of size 1 GB.

      lvcreate –L 1G –n lvdata MYVG0
      -L is for size
      -n is for lvname.

      MYVG01 is VG name from which we have to create the LV.

      The above command will create a LV of size 1GB. We can see the created logical volume by lvscan/lvdisplay command.
      Disk partitioning in RHEL6

      In this example we will create LV using physical extents. In vgdisplay command we can see that Physical Extent size is 4Mb therefore to create LV of size 1Gb we need 256 Physical Extents (PE).
      lvcreate –l 256 –n lvdata1 MYVG01
      Here –l is for number of PE.

           Disk partitioning in RHEL6

      7. Now to use these LVs first we have to create file system (format) of these LVs using mkfs.ext4 command.
      • mkfs.ext4 /dev/MYVG01/lvdata
      • mkfs.ext4 /dev/MYVG01/lvdata1
      8. Now to mount these LVs on directories, first create two directories and then use mount command to mount these LVs. To make these changes persistent make entry in fstab.

      Disk partitioning in RHEL6

      Disk partitioning in RHEL6

      In the next post we will see how to rename Volume Groups and Logical Volumes. If you have any questions and queries please post comments.