Get your username:
user@ubuntu:/$ whoami
user
Get more detailed informations about your username, like your uid
and groups you belong to:
user@ubuntu:/$ id
uid=1000(user) gid=1000(user) groups=1000(user),27(sudo)
user@ubuntu:/$ sudo adduser user2
[sudo] password for user:
Adding user `user2' ...
Adding new group `user2' (1001) ...
Adding new user `user2' (1001) with group `user2' ...
Creating home directory `/home/user2' ...
Copying files from `/etc/skel' ...
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Changing the user information for user2
Enter the new value, or press ENTER for the default
Full Name []: Amine M
Room Number []:
Work Phone []:
Home Phone []:
Other []:
Is the information correct? [Y/n] y
Nothing will be showed while you type the user password, not even *
.
Change your password (the current user password):
user@ubuntu:/$ sudo passwd
[sudo] password for user:
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Change another user password:
user@ubuntu:/$ sudo passwd user2
[sudo] password for user:
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Nothing will be showed while you type the user password, not even *
.
Delete a user:
user@ubuntu:/$ sudo deluser user2
[sudo] password for user:
Removing user `user2' ...
Warning: group `user2' has no more members.
Done.
Delete a user and his home directory:
user@ubuntu:/$ sudo deluser --remove-home user2
[sudo] password for user:
Looking for files to backup/remove ...
Removing files ...
Removing user `user2' ...
Warning: group `user2' has no more members.
Done.
user@ubuntu:/$ sudo addgroup mygroup
[sudo] password for user:
Adding group `mygroup' (GID 1001) ...
Done.
user@ubuntu:/$ sudo delgroup mygroup
[sudo] password for user:
Removing group `mygroup' ...
Done.
Add a user to single group:
user@ubuntu:/$ sudo usermod -aG mygroup user2
user@ubuntu:/$ groups user2
user2 : user2 mygroup
user@ubuntu:/$ grep 'mygroup:' /etc/group
mygroup:x:1001:user,user2
Change a file/directory owner and group:
user@ubuntu:~$ sudo chown user2:user2 Documents/file.txt
user@ubuntu:~$ ls -l Documents/file.txt
-rw-r--r-- 1 user2 user2 5 Jun 4 23:25 Documents/file.txt
Change a a directory owner and group recursively:
user@ubuntu:~$ sudo chown -R user2:user2 Pictures/
user@ubuntu:~$ ls -l Pictures/
total 56
-rw-r--r-- 1 user2 user2 28991 Apr 13 2019 2019-04-13.png
-rw-r--r-- 1 user2 user2 24221 May 19 2019 2019-05-19.png
Give the owner of the file read,write,execute permissions ; the group of the file read,write permissions ; the other users read permission only:
user@ubuntu:~$ chmod u=rwx,g=rw,o=r Documents/file.txt
user@ubuntu:~$ ls -l Documents/file.txt
-rwxrw-r-- 1 user user 5 Jun 4 23:25 Documents/file.txt
Add execute permissions for other users:
user@ubuntu:~$ chmod o+x Documents/file.txt
user@ubuntu:~$ ls -l Documents/file.txt
-rwxrw-r-x 1 user user 5 Jun 4 23:25 Documents/file.txt
Remove write permission from the group of the file:
user@ubuntu:~$ chmod g-w Documents/file.txt
user@ubuntu:~$ ls -l Documents/file.txt
-rwxr--r-x 1 user user 5 Jun 4 23:25 Documents/file.txt
Remove execute permissions from the owner of the file:
user@ubuntu:~$ chmod u-x Documents/file.txt
user@ubuntu:~$ ls -l Documents/file.txt
-rw-r--r-x 1 user user 5 Jun 4 23:25 Documents/file.txt
All previous chmod
examples can be used the same with directories.
A good tutorial about chmod
usage to manipulate files/dirs permissions: https://www.howtogeek.com/437958/how-to-use-the-chmod-command-on-linux/
Some actions needs a superuser (root) access to be performed (like changing system sensitive files, create new user ...).
To execute a command as superuser (root), we need to precede the command with sudo
:
user@ubuntu:~$ sudo id
[sudo] password for user:
uid=0(root) gid=0(root) groups=0(root)
To switch to a superuser (root) shell:
user@ubuntu:/$ sudo -s
[sudo] password for user:
root@ubuntu:/# id
uid=0(root) gid=0(root) groups=0(root)
root@ubuntu:/# whoami
root
To go back to normal user, we use the command exit
:
root@ubuntu:/# exit
exit
user@ubuntu:/$
Nothing will be showed while you type your password, not even *
.
Not all users can execute commands as superuser. When a user doesn't have the right, try to use sudo, he will face the following message:
user2@ubuntu:/$ sudo id
[sudo] password for user2:
user2 is not in the sudoers file. This incident will be reported.
To allow a user to execute commands as superuser using sudo, we need to add that user to the group sudo
in Ubuntu :
user@ubuntu:~$ sudo usermod -aG sudo user2
[sudo] password for user:
If you're using a RedHat based distribution (like Fedora or CentOS), you need to add that user to the group wheel
instead of the group sudo
.
To execute commands as user2 :
user@ubuntu:/$ sudo -u user2 id
[sudo] password for user:
uid=1001(user2) gid=1002(user2) groups=1002(user2),27(sudo),1001(mygroup)
user@ubuntu:/$ sudo -u user2 whoami
user2
The password you need to provide here is your password, not user2 password.
To login as user user2 :
user@ubuntu:~$ su --login user2
Password:
To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.
user2@ubuntu:~$
The password you need to provide here is user2 password.
The file /etc/passwd
is an important Linux file that contains a list of users in the system, plus some users attributes
(like user id, user home, login shell ...).
user@ubuntu:~$ cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/usr/sbin/nologin
man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
_apt:x:100:65534::/nonexistent:/usr/sbin/nologin
user:x:1000:1000:,,,:/home/user:/bin/bash
user2:x:1001:1002:,,,:/home/user2:/bin/bash
A good tutorial to understand /etc/passwd
file format : https://www.cyberciti.biz/faq/understanding-etcpasswd-file-format/
The file /etc/group
contains a list of groups, and the members of these groups.
user@ubuntu:~$ cat /etc/group
root:x:0:
daemon:x:1:
bin:x:2:
...[SNIP]...
sudo:x:27:user,user2
...[SNIP]...
nogroup:x:65534:
user:x:1000:
mygroup:x:1001:user,user2
user2:x:1002:
We can manipulate this file directly to add users to groups.
A good tutorial to understand /etc/group
file format : https://www.cyberciti.biz/faq/understanding-etcgroup-file/
The file /etc/shadow
contains hashed users' passwords:
user@ubuntu:~$ sudo cat /etc/shadow
[sudo] password for user:
root:$6$Qn39Fj4O$12vYOMOs4Qjr8YsTZHBaukdFmFyFHNGUeuUGFq.wpIjYaUY0OwqDaHRnA0uR8xAEXXyt/Hedc1PrXokdvlKsQ1:18415:0:99999:7:::
daemon:*:18355:0:99999:7:::
bin:*:18355:0:99999:7:::
sys:*:18355:0:99999:7:::
sync:*:18355:0:99999:7:::
games:*:18355:0:99999:7:::
man:*:18355:0:99999:7:::
lp:*:18355:0:99999:7:::
mail:*:18355:0:99999:7:::
news:*:18355:0:99999:7:::
uucp:*:18355:0:99999:7:::
proxy:*:18355:0:99999:7:::
www-data:*:18355:0:99999:7:::
backup:*:18355:0:99999:7:::
list:*:18355:0:99999:7:::
irc:*:18355:0:99999:7:::
gnats:*:18355:0:99999:7:::
nobody:*:18355:0:99999:7:::
_apt:*:18355:0:99999:7:::
user:$6$1Ia1asvI$ltEXnJBxJS1lZ0.Z/hema0GxbsGUQIW8sdKvBpA/SbYdO.bPbjecAHvCSHNWKXiD2tgYddD45jBiZ000I7SqP0:18407:0:99999:7:::
user2:$6$pACc3L9I$9lXHUUaBzLBPFq.QMlErQhqI4V5/TmdHs/rw146KoNylmInOuiIMj9OQMMzQzw1kWVtgmFM6TZqxfZ5T/Fe5f1:18499:0:99999:7:::
If you try to bruteforce my hashed password, you will find it's haha, so don't loose your time lol.