Article
Fire Up your own Linux Server
Managing Users from the Command Line
Creating Users and Groups with useradd and groupadd
To add users and groups from the command line, we use the groupadd and useradd commands.
Using .bashrc
Unfortunately, you can't use groupadd or useradd as easily as you might use ls in the default installation of Fedora Core. The groupadd and useradd tools are located in the directory /usr/sbin, which isn't part of the default PATH. To add this directory to the PATH variable, enter export PATH=$PATH:/usr/sbin at the command prompt, as we discussed in Chapter 3, The Command Line. This will only take effect for the current shell session; as soon as you close the terminal window, this value will disappear.
If you'd rather have this command run automatically every time you start the shell, you can add the command to .bashrc, a hidden file that's automatically executed every time you start up the bash shell. To open this file in gedit, select File > Open…. In the Open File… dialog, right-click in the area in which the files are listed, and click Show Hidden Files, as depicted in Figure 4.10.
Figure 4.10. Opening .bashrc in gedit.
Locate .bashrc and open it. Add the export command to the end of the file, as shown below.
Example 4.1. .bashrc
# .bashrc
# User specific aliases and functions
# Source global definitions
if [ -f /etc/bashrc ]; then
. /etc/bashrc
fi
export PATH=$PATH:/usr/sbin
The next time you open a terminal window, this command will be executed automatically. Note that this won't affect any shells you have open at the moment—you'll need to close and reopen them in order for the command to execute.
Let's look at an example of these commands, which we'll run as root.
[kermit@swinetrek ~]$ su
Password:
[root@swinetrek kermit]# groupadd muppets
[root@swinetrek kermit]# useradd -G muppets -c "Miss Piggy" \
> misspiggy
[root@swinetrek kermit]# passwd misspiggy
Changing password for user misspiggy.
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[root@swinetrek kermit]# exit
exit
[kermit@swinetrek ~]$
In this example, we can see that the groupadd command has been used to create a group called "muppets." Remember that groupadd is located in /usr/sbin, so you might need to enter /usr/sbin/groupadd instead.
Next, we use the useradd command to create a user called "misspiggy," and add her to the "muppets" group (as specified by the -G option) with the full name "Miss Piggy" (as specified by the -c option). When a user is created using useradd, that user's password is locked; we need to change it in order to unlock it. To do so, we use the passwd tool.
Deleting Users and Groups with userdel and groupdel
You can delete users and groups using the userdel and groupdel commands. Note that userdel will leave the users' home directory intact; you might want to delete this directory while you're logged in as root:
[kermit@swinetrek ~]$ su
Password:
[root@swinetrek kermit]# groupdel muppets
[root@swinetrek kermit]# userdel misspiggy
[root@swinetrek kermit]# rm -rf /home/misspiggy/
[root@swinetrek kermit]# exit
exit
[kermit@swinetrek ~]$
Mounting and Filesystems
We briefly touched on the concepts of devices, mount points and filesystems in Chapter 2, Day-to-day Usage. In Linux, when we insert removable media of any kind, we need to mount the filesystem stored on that media device. This concept is fairly unfamiliar to Windows users, but once you get the hang of it, it becomes second nature. In fact, Windows does the same thing; the difference is simply that the Windows operating system automates the mounting process, so users are usually unaware that it takes place. Nautilus largely automates this process, too, but it's still important for system administrators to know how devices are mounted, and how mounting is accomplished from the command line.
Mounting a Filesystem with the mount Command
Let's look at the process of mounting a floppy disk from the command line:
[kermit@swinetrek ~]$ su
Password:
[root@swinetrek kermit]# mount -t vfat /dev/fd0 /media/floppy
[root@swinetrek kermit]# exit
exit
[kermit@swinetrek ~]$
The mount command loads a device's filesystem into our server's filesystem. In this case, the device is the floppy disk drive (/dev/fd0), and that device's filesystem is loaded into /media/floppy—the mount point. We also need to tell Linux what kind of filesystem it can expect to find on the device. In this case, we're using a disk formatted as FAT32, and we've specified this with -t vfat.
Let's take a closer look at what's going on here. We're using a floppy disk from an old Windows machine; a couple of directories are stored on the disk, as shown in Figure 4.11.
Figure 4.11. Viewing the floppy disk's filesystem in Windows.
As we saw in Chapter 2, Day-to-day Usage, there is no A: drive in Linux; removable media devices appear as part of the filesystem within the /media directory. So, when we mount the floppy disk, it appears inside the /media/floppy directory, as depicted in Figure 4.12.
Figure 4.12. The floppy disk's filesystem displaying as part of the Linux filesystem.
Unmounting a Filesystem with the umount Command
Before removing the floppy disk, we should unmount it, thereby removing it from the filesystem. We can do so using the umount command—note the missing "n"—as shown below.
[kermit@swinetrek ~]$ umount /media/floppy
[kermit@swinetrek ~]$
For some devices, the unmounting process is very important. A floppy disk is a good example of this. It can take a long time to save a file to a floppy disk; the unmounting process ensures that any programs that are writing to the disk complete their writes before the device is removed.
The Filesystem Table (fstab) File
Many of the configuration options for your server's filesystem are contained in a single text file, /etc/fstab. As this file is critical to the operation of your system, the file is owned by root and only root can write to the file. That ownership and permissions structure prevents any potentially catastrophic alteration to, or deletion of the file by non-root users. It's strongly advised that you refrain from adjusting these permissions, and treat the file with the respect it deserves when logged in as root.
Editing Read-only Files
There are numerous ways to edit a text file as root. Perhaps the easiest is to launch your preferred text editor from the command line after switching to the root user. The text editor will run as if you were logged in as root, but GNOME will insist on returning to the terminal an ugly looking warning message:
[kermit@swinetrek ~]$ su
Password:
[root@swinetrek kermit]# gedit /etc/fstab
(gedit:2066): GnomeUI-WARNING **: While connecting to
session manager:
Authentication Rejected, reason : None of the
authentication protocols specified are supported and
host-based authentication failed.
There's absolutely no problem with using this approach to edit files. Kate, gedit, or the text editor of your choice will run without a problem. However, if you'd prefer to get rid of this warning, Bruce Wolk suggested the following script as a solution in the newsgroup linux.redhat.
Example 4.2. ~/bin/xroot.sh
#!/bin/sh
if [ $# -lt 1 ]
then echo "usage: `basename $0` command" >&2
exit 2
fi
su - -c "exec env DISPLAY='$DISPLAY' \
XAUTHORITY='${XAUTHORITY-$HOME/.Xauthority}' \
"'"$SHELL"'" -c '$*'"
Save this file as xroot.sh in a directory named bin inside your home directory. You'll probably need to create this directory yourself, and you'll also need to give yourself execute permissions on this file. You can do so by running chmod u+x ~/bin/xroot.sh, or by changing the file's permissions in Nautilus.
Because /home/username/bin is automatically included in the PATH environment variable, you should be able to run this from the command line simply by typing xroot.sh.
[kermit@swinetrek ~]$ xroot.sh gedit
Password:
fstab, which is an abbreviation of "filesystem table," provides instructions to the operating system as to where devices should be mounted.
The /etc/fstab file will appear similar to the following:
Example 4.3. /etc/fstab
# This file is edited by fstab-sync - see 'man fstab-sync' for
# details
/dev/VolGroup00/LogVol00 / ext3 defaults 1 1
LABEL=/boot /boot ext3 defaults 1 2
/dev/devpts /dev/pts devpts gid=5,mode=620 0 0
/dev/shm /dev/shm tmpfs defaults 0 0
/dev/proc /proc proc defaults 0 0
/dev/sys /sys sysfs defaults 0 0
/dev/VolGroup00/LogVol01 swap swap defaults 0 0
/dev/fd0 /media/floppy auto pamconsole,exec,
noauto,managed 0 0
/dev/hdc /media/cdrom auto pamconsole,exec,
noauto,managed 0 0
Comments
In most Linux configuration files, lines that start with # are comment lines, and are ignored by the operating system.
Each line of /etc/fstab contains five fields which, together, specify the configuration of a single device. Let's look at what each field means.
- The first element specifies the device. The second line, which starts with
LABEL=/boot, is a special case—the label/bootis defined elsewhere in the system. You can treat this as a synonym for/dev/hda1. - The second item identifies the mount point for the device. The last two lines—
/media/floppyand/media/cdrom—define the mount points for/dev/fd0(the floppy disk drive) and/dev/hdc(the CD-ROM drive). The first line, which deals with the device/dev/VolGroup00/LogVol00(this is the first partition on the first hard disk), tells the system to mount this disk as the root of the filesystem. - The third element defines the type of filesystem Linux should expect. Here we can see that
/dev/VolGroup00/LogVol00has an ext3 filesystem. - The fourth element lists mounting options for the device and the filesystem. Available options include:
auto: This device should be mounted automatically when the system is started.noauto: This device should not be mounted automatically when the system is started.owner: The device and filesystem may only be mounted by the owner of the device file.kudzu: The device will be checked for changes by the Red Hat kudzu system.rw: The filesystem will provide read and write access.ro: The filesystem will provide read only access.
There are several other options for mounting devices and filesystems, as you can see in the default
fstabfile, but these are the ones in which we're interested. In our example, many of the options are set todefaults. In a Fedora Core system, this is equivalent toauto,owner,kudzu,rw. - The fifth column is used by the dump backup utility to determine if this filesystem should be included in its backups—the 0 value tells dump to ignore this filesystem for backup purposes.
- The final column indicates whether the filesystem should be checked with the
fsck(filesystem check) utility. ext3 filesystems very rarely benefit from such a check. If you do want to perform such checks, you should number the filesystems in the order in which you'd like them checked—1for the first,2for the second, and so on.
With a correctly formatted fstab file, using the mount command becomes much easier:
[kermit@swinetrek ~]$ su
Password:
[root@swinetrek kermit]# mount /media/floppy
[root@swinetrek kermit]# exit
exit
[kermit@swinetrek ~]$
Here, we've specified only the mount point. mount is able to look in fstab to identify the device to which this mount point relates.
Whether or not you will be able to mount the device as a normal user depends upon the options noted in fstab, and the permissions on the device file. If the mount point is owned by root, and you attempt to mount a device on it as a normal user, you'll be presented with a Permission denied error.