1 00:00:06,559 --> 00:00:09,759 While creating users and groups, different properties can be managed. 2 00:00:10,599 --> 00:00:15,695 Users and their properties are stored in etcpasswd and common properties that you will 3 00:00:15,695 --> 00:00:20,789 find are the user id. Every user has a unique numeric user id. 4 00:00:21,710 --> 00:00:25,910 The gid in etcpasswd is the ID of the primary group. 5 00:00:26,510 --> 00:00:31,210 In passwd, there is only space to hold one group membership and that's the primary group. 6 00:00:32,329 --> 00:00:37,770 Then there is the GCOS field, which stands for General Electric Common Object subscription. 7 00:00:38,609 --> 00:00:45,280 That's a definition that dates back to the 1970s. Nowadays, mostly we talk about comment field 8 00:00:45,280 --> 00:00:51,950 and that is an optional description field for the user where you can enter additional information. 9 00:00:53,039 --> 00:00:57,769 The home directory refers to the default home directory where the user will land after 10 00:00:57,769 --> 00:01:02,500 logging in. So that will be the default environment where user has write permissions. 11 00:01:03,539 --> 00:01:06,959 And shell is a program that is started after user login. 12 00:01:07,810 --> 00:01:14,064 Now, if you want to list current password properties for a user, you can use grep on 13 00:01:14,064 --> 00:01:20,319 the username on etcpasswd. Alternatively, you can also use getint, which will print these properties as well. 14 00:01:21,599 --> 00:01:28,260 Passwords are not stored in etcpasswd. They are stored in the etc shadow command, which we will cover later. 15 00:01:29,159 --> 00:01:33,993 If you want to change any of the properties for users, you use 16 00:01:33,993 --> 00:01:38,826 usermod and passwd. Usermod is for the generic properties in etc. Passwd and 17 00:01:38,826 --> 00:01:43,659 passwd is for the password which is stored in etc shadow. 18 00:01:44,319 --> 00:01:46,019 Let's have a quick look before moving on. 19 00:01:47,439 --> 00:01:53,336 So just one line from etc passwd last line and this is a line for user Anna. 20 00:01:53,336 --> 00:01:59,233 So first field username, third field user id. Then we get the group id. The GCOS field 21 00:01:59,233 --> 00:02:05,129 is empty, we do refer to home anna and bin bash is the default shell. 22 00:02:05,769 --> 00:02:08,629 So what would happen if we use get and Anna? 23 00:02:09,270 --> 00:02:14,756 Well, get and is giving me an error message, and that is because it doesn't 24 00:02:14,756 --> 00:02:20,243 know about the database. Getent needs us to specify where we want to get the 25 00:02:20,243 --> 00:02:25,729 information from and what do we see? We see the exact same information. 26 00:02:26,509 --> 00:02:32,014 The interesting thing about getent is not to get information out of passwd, but if 27 00:02:32,014 --> 00:02:37,519 ever your users are defined in an external system such as an LDAP server, GetAndPassWD 28 00:02:37,519 --> 00:02:43,024 will also get the user information out of the external system. And that is why 29 00:02:43,025 --> 00:02:48,530 getent in some environments might be useful. Anyway, let's talk about groups a little bit. 30 00:02:49,330 --> 00:02:55,750 So groups are stored in the file etc. Group, and users that are a group member as a secondary 31 00:02:55,750 --> 00:03:02,169 group are also administered in etc group. That's because in etc passwd there's only place for one group membership. 32 00:03:03,050 --> 00:03:09,030 So that means that you need to get your group information out of two different files. 33 00:03:09,580 --> 00:03:15,500 Now, managing group properties is simple. Groups don't have any significant other properties. 34 00:03:16,099 --> 00:03:20,949 So the most important thing is to find the groups that the user is a member of. 35 00:03:21,490 --> 00:03:27,710 And that's what you can do using the ID command that we have already seen a couple of times in this video course.