1
00:00:06,570 --> 00:00:09,540
- So we have just created
Users as well as Groups.

2
00:00:09,540 --> 00:00:11,400
We haven't really talked about properties

3
00:00:11,400 --> 00:00:13,500
for the Users and Groups.

4
00:00:13,500 --> 00:00:16,320
So let's go explore.

5
00:00:16,320 --> 00:00:17,610
Users and their properties

6
00:00:17,610 --> 00:00:21,450
are stored in the file /etc/passwd.

7
00:00:21,450 --> 00:00:24,993
And for the users, the
following properties are used.

8
00:00:25,860 --> 00:00:27,780
It starts with the username, of course.

9
00:00:27,780 --> 00:00:30,008
And after that there is the UID.

10
00:00:30,008 --> 00:00:33,330
The UID is the unique user ID.

11
00:00:33,330 --> 00:00:34,260
And behind the scenes,

12
00:00:34,260 --> 00:00:36,633
Linux is only using the user ID.

13
00:00:37,500 --> 00:00:39,030
It's not using username.

14
00:00:39,030 --> 00:00:41,790
That's just for convenience for us people

15
00:00:41,790 --> 00:00:43,980
to add the username.

16
00:00:43,980 --> 00:00:46,860
I will show you in the next lesson

17
00:00:46,860 --> 00:00:48,630
how exactly that works.

18
00:00:48,630 --> 00:00:50,160
Now we have the GID.

19
00:00:50,160 --> 00:00:53,040
Now the interesting thing
is that in /etc/passwd

20
00:00:53,040 --> 00:00:55,860
there is place to store one GID.

21
00:00:55,860 --> 00:00:59,340
And that's the group ID
of the primary group.

22
00:00:59,340 --> 00:01:01,860
So primary group
membership is administered

23
00:01:01,860 --> 00:01:06,860
in the GID fields in /etc/passwd.

24
00:01:07,470 --> 00:01:11,040
Then there is the so-called GECOS field,

25
00:01:11,040 --> 00:01:12,120
which stands for

26
00:01:12,120 --> 00:01:15,480
General Electric Common
Object Subscription.

27
00:01:15,480 --> 00:01:18,990
That's referring to 1970-something

28
00:01:18,990 --> 00:01:22,980
when General Electric created
their own Unix distribution.

29
00:01:22,980 --> 00:01:25,770
Nowadays people also call
this the common field

30
00:01:25,770 --> 00:01:29,160
and you can use it to add
an additional description

31
00:01:29,160 --> 00:01:31,080
for the user.

32
00:01:31,080 --> 00:01:33,030
The Home directory is the next one.

33
00:01:33,030 --> 00:01:35,190
That is what refers to
the default directory

34
00:01:35,190 --> 00:01:37,890
where the user will land after logging in.

35
00:01:37,890 --> 00:01:39,390
Or the default directory

36
00:01:39,390 --> 00:01:41,670
where the user is allowed to create files

37
00:01:41,670 --> 00:01:43,440
or even both of them.

38
00:01:43,440 --> 00:01:45,270
And last there is the Shell.

39
00:01:45,270 --> 00:01:48,120
The Shell is the program
that is started after login.

40
00:01:48,120 --> 00:01:51,930
And in many cases, the
Shell will be /bin/bash

41
00:01:51,930 --> 00:01:54,063
if we need a user to login, of course.

42
00:01:55,320 --> 00:01:58,830
Now, if you want to list
current properties for a user

43
00:01:58,830 --> 00:02:03,003
you can use getend
passwd on that username.

44
00:02:04,140 --> 00:02:08,310
Notice that passwords are
not stored in /etc/passwd.

45
00:02:08,310 --> 00:02:10,666
They are stored in a
separate configuration file,

46
00:02:10,666 --> 00:02:11,970
/etc/shadow.

47
00:02:11,970 --> 00:02:14,310
For the simple reason that /etc/shadow

48
00:02:14,310 --> 00:02:16,890
has a higher level of security.

49
00:02:16,890 --> 00:02:20,250
If ever you would want to
edit these files directly,

50
00:02:20,250 --> 00:02:22,590
which I would advise against,

51
00:02:22,590 --> 00:02:23,940
then you can use the vipw.

52
00:02:25,380 --> 00:02:29,070
vipw is opening these files

53
00:02:29,070 --> 00:02:30,870
and it's adding some checks.

54
00:02:30,870 --> 00:02:34,860
So, it's preventing you
from creating bad mistakes

55
00:02:34,860 --> 00:02:36,510
to the configuration files.

56
00:02:36,510 --> 00:02:39,450
Because bad mistakes to
these configuration files

57
00:02:39,450 --> 00:02:43,170
might have the result that
nobody can log in anymore.

58
00:02:43,170 --> 00:02:45,070
Let's have a look at these properties.

59
00:02:46,770 --> 00:02:51,300
We start with sudo getend passwd bill,

60
00:02:51,300 --> 00:02:52,260
which is showing what,

61
00:02:52,260 --> 00:02:54,360
well, this is basically showing the line

62
00:02:54,360 --> 00:02:57,750
from passwd for user bill.

63
00:02:57,750 --> 00:02:59,644
getend is an interesting command.

64
00:02:59,644 --> 00:03:02,670
getend is a command that
will get information

65
00:03:02,670 --> 00:03:04,740
from an administrative database

66
00:03:04,740 --> 00:03:08,790
and the administrative
database here is passwd.

67
00:03:08,790 --> 00:03:10,710
Now, the thing is that behind Linux,

68
00:03:10,710 --> 00:03:12,210
you can also configure the Linux

69
00:03:12,210 --> 00:03:14,850
to get user information
from somewhere else.

70
00:03:14,850 --> 00:03:16,080
And if you have done that,

71
00:03:16,080 --> 00:03:18,390
then getend passwd

72
00:03:18,390 --> 00:03:21,060
will allow you to get the user information

73
00:03:21,060 --> 00:03:23,640
from somewhere else, like an LDAP server.

74
00:03:23,640 --> 00:03:26,340
But in a case of standalone
Linux configuration

75
00:03:26,340 --> 00:03:27,390
like we have done here,

76
00:03:27,390 --> 00:03:30,540
getend is not really adding very much

77
00:03:30,540 --> 00:03:35,540
and you might as well
use grep bill /etc/passwd

78
00:03:35,940 --> 00:03:37,293
for the same results.

79
00:03:38,370 --> 00:03:39,810
So, what do we see?

80
00:03:39,810 --> 00:03:43,860
Username, the x is a reference
to the encrypted password

81
00:03:43,860 --> 00:03:45,420
in /etc/shadow.

82
00:03:45,420 --> 00:03:48,450
The user ID, the group ID,

83
00:03:48,450 --> 00:03:50,160
nothing, which is the GECOS field,

84
00:03:50,160 --> 00:03:51,468
bill has no comment.

85
00:03:51,468 --> 00:03:53,190
/home/bill, which is the home directory

86
00:03:53,190 --> 00:03:55,620
and /bin/bash, which is the shell.

87
00:03:55,620 --> 00:03:59,850
Now, if you use vipw I'm
going to show you vipw anyway

88
00:03:59,850 --> 00:04:03,480
even if I have no intention to edit

89
00:04:03,480 --> 00:04:05,880
then I'm getting an error message.

90
00:04:05,880 --> 00:04:08,940
That makes sense because vipw

91
00:04:08,940 --> 00:04:13,033
needs to be used with escalated privilege.

92
00:04:13,033 --> 00:04:14,370
And what do we see?

93
00:04:14,370 --> 00:04:17,130
We see beautiful colors to start with.

94
00:04:17,130 --> 00:04:22,113
And we see the configuration
for many of these system users.

95
00:04:23,100 --> 00:04:25,770
Let's pick out a random user like geoclue.

96
00:04:25,770 --> 00:04:28,680
What do I need you to see about geoclue?

97
00:04:28,680 --> 00:04:29,730
Well, third field,

98
00:04:29,730 --> 00:04:33,090
the user ID of geoclue
is lower than 1,000.

99
00:04:33,090 --> 00:04:35,790
That's a convention for system user IDs.

100
00:04:35,790 --> 00:04:38,523
They have a user ID lower than 1,000.

101
00:04:39,750 --> 00:04:43,193
Then we have the home
directory /var/lib/geoclue.

102
00:04:43,193 --> 00:04:44,880
That is the environment

103
00:04:44,880 --> 00:04:47,940
where this user is allowed to write files.

104
00:04:47,940 --> 00:04:49,440
And lastly, the default shell

105
00:04:49,440 --> 00:04:53,103
which is set to /sbin/nologin.

106
00:04:54,240 --> 00:04:55,830
This is a system user

107
00:04:55,830 --> 00:04:58,200
and no matter what is happening,

108
00:04:58,200 --> 00:05:00,120
if anything is going wrong,

109
00:05:00,120 --> 00:05:02,070
you want it to be completely

110
00:05:02,070 --> 00:05:05,490
impossible for this user to open a shell.

111
00:05:05,490 --> 00:05:07,650
There's another user, the sync user,

112
00:05:07,650 --> 00:05:09,420
and the sync user look at the shell.

113
00:05:09,420 --> 00:05:13,470
It has /bin/sync as a default shell.

114
00:05:13,470 --> 00:05:16,290
Which means that if this
user is going to log in,

115
00:05:16,290 --> 00:05:18,180
there is one thing that's going to happen.

116
00:05:18,180 --> 00:05:20,730
And that is going to
start the sync command.

117
00:05:20,730 --> 00:05:23,760
So know an interactive
shell, like the bash shell,

118
00:05:23,760 --> 00:05:26,700
which we see for the
ordinary users near the end.

119
00:05:26,700 --> 00:05:30,840
Know just a standard command
that is going to be running.

120
00:05:30,840 --> 00:05:35,163
But most of these system users
have nologin as their shell.

121
00:05:37,260 --> 00:05:38,760
Now we also have these groups

122
00:05:38,760 --> 00:05:41,070
and groups can have properties as well.

123
00:05:41,070 --> 00:05:45,060
And the group properties are
stored in the file /etc/group.

124
00:05:45,060 --> 00:05:47,670
Users that are a group
member as a secondary group

125
00:05:47,670 --> 00:05:49,800
are also in /etc/group.

126
00:05:49,800 --> 00:05:51,780
Notice that the primary group membership,

127
00:05:51,780 --> 00:05:53,130
as we have already discussed,

128
00:05:53,130 --> 00:05:56,550
is uniquely administered
through /etc/passwd

129
00:05:56,550 --> 00:06:01,080
So you will see the primary
groups defined in /etc/group

130
00:06:01,080 --> 00:06:04,770
but you won't see group
membership in there.

131
00:06:04,770 --> 00:06:07,980
Groups do not have
significant other properties.

132
00:06:07,980 --> 00:06:10,980
And if you want to have
a look at it or edit it

133
00:06:10,980 --> 00:06:12,780
you can use vigr.

134
00:06:12,780 --> 00:06:14,790
vigr for

135
00:06:14,790 --> 00:06:16,383
vi the group file.

136
00:06:18,060 --> 00:06:20,340
Let's have a quick look /etc/group

137
00:06:20,340 --> 00:06:24,810
and I'm just going to do
that by using sudo vigr.

138
00:06:24,810 --> 00:06:28,200
And there we go, here
are the different groups.

139
00:06:28,200 --> 00:06:29,790
Now here, we have a nice example

140
00:06:29,790 --> 00:06:31,830
of the wheel group which the group ID,

141
00:06:31,830 --> 00:06:33,720
as well as the name of the students

142
00:06:33,720 --> 00:06:35,610
who are a member of this group

143
00:06:35,610 --> 00:06:38,040
by secondary group assignment.

144
00:06:38,040 --> 00:06:39,690
And for the rest of it,

145
00:06:39,690 --> 00:06:41,610
nothing really interesting happening.

146
00:06:41,610 --> 00:06:43,833
It's just the group and the group ID.

147
00:06:44,700 --> 00:06:47,610
The x, by the way, is
for the group password.

148
00:06:47,610 --> 00:06:48,570
Forget about it.

149
00:06:48,570 --> 00:06:51,030
This was used a long time ago.

150
00:06:51,030 --> 00:06:52,770
It's not used anymore.

151
00:06:52,770 --> 00:06:55,320
Sometimes you will see that on Linux

152
00:06:55,320 --> 00:06:58,470
that certain parameters
are still available

153
00:06:58,470 --> 00:07:00,570
for backward compatibility.

154
00:07:00,570 --> 00:07:02,580
But they're not really used anymore.

155
00:07:02,580 --> 00:07:05,133
Like the group password, for instance.