Ch 6 User and Group Management Flashcards
(20 cards)
The root user should ONLY be used for what?
system administration tasks
Why doesn’t modern RHEL have a root account enabled by default?
because you can just make an ordinary user, and make it priviliged by using sudo when needed. Don’t need to make a password for root
What command gives you information about a user account?
id
what is the superuser?
the root user
is the root user on all linux systems?
yes, by default they all have a root user
what is the purpose of the superuser or root user?
for managing Linux with no restrictions
what sorts of tasks require root privileges?
installing software
managing users
creating partitions on disk devices
…or anything else allowing direct access to devices
what is a hazard of always being root user, especially in a graphical environment?
all tasks you do are launched as root, which adds unnecessary risk
what are alternatives to being always the root user?
su
sudo
PolicyKit
what are the distinctions between su and sudo?
su switches the current user’s identity to another user, including root. requires target user’s password.
while sudo allows users to run specific commands with root privileges without changing their identity. sudo requires the current user’s password.
how is PolicyKit different from su and sudo?
PolicyKit, su, and sudo are all mechanisms for granting elevated privileges in Linux, but they differ in their approach and scope.
PolicyKit provides a more fine-grained and application-specific approach, whereas su and sudo primarily handle user-level privileges.
(you can set up graphical utilities to run with administrative privileges)
When using su creates a subshell with a new identity, what is not set?
environment settings, because you’re in a new shell. To get not just the new user but their entire environment as well, use
su -
the hyphen.
su -
starts what kind of shell?
a login shell
which means all scripts that make the user environment are processed
what command will tell you who the currently logged in user is?
whoami
what’s a quick command for creating a user?
useradd [name]
how can an admin user be modified to be added to a group wheel?
usermod -aG wheel user
what does visudo do?
edits the /etc/sudoers file – locks it against simultaneous edits, performs basic validity checks, checks for syntax errors – all before t installs the edited file
opens in nano
say you have the following line in /etc/sudoers:
linda ALL=/usr/bin/useradd,/usr/bin/passwd
what does it mean?
this allows the user linda to ONLY be able to run the commands useradd and passwd with admin privileges (with sudo)
does a command prefixed with sudo allow piping?
no, unless you add the -c flag
e.g.
sudo sh -c
you can run any command containing a pipe as its argument
sudo sh -c “rpm -qa | grep ssh”