Study Guide - Chap 10: Administering Users and Groups Flashcards
(27 cards)
1- Which of the following are fields within an /etc/passwd file record? (Choose all that apply.)
- User account’s username
- Password
- Password change date
- Special flag
- UID
- User account’s username
- Password
- UID
The user account’s username, password (though it typically only contains an x), and UID are all legitimate fields in an /etc/passwd file record. Therefore, options A, B, and E are correct answers. The password change date and special flag are fields in the /etc/shadow file. Thus, options C and D are incorrect choices.
Also has:
* comment
* default shell
2- Which of the following are fields in an /etc/shadow file record? (Choose all that apply.)
- Password expiration date
- Account expiration date
- Password
- Comment
- Default shell
- Password expiration date
- Account expiration date
- Password
The password expiration date, account expiration date, and password are all legitimate fields in a /etc/shadow file record. Therefore, options A, B, and C are correct answers. The comment and default shell are fields in the /etc/passwd file. Thus, options D and E are incorrect choices.
3- Which field contains the same data for both an /etc/passwd and an /etc/shadow file record?
- Password
- Account expiration date
- UID
- GID
- User account’s username
User’s Account Name
The user account’s username is the only field within an /etc/passwd and an /etc/shadow record that contains the same data. Therefore, option E is the correct answer. While both files have a password field, they do not contain the same data. The password can only exist in one of the two files, preferably the /etc/shadow file. Thus, option A is a wrong answer. The account expiration date only exists in the /etc/shadow file, so option B is also a wrong choice. The UID and GID fields only exist in the /etc/passwd file, so options C and D are also incorrect answers.
4- Which of the following commands will allow you to view the NUhura account’s record data in the /etc/passwd file? (Choose all that apply.)
- getent NUhura passwd
- cat /etc/passwd
- passwd NUhura
- grep NUhura /etc/passwd
- getent passwd NUhura
- cat /etc/passwd
- grep NUhura /etc/passwd
- getent passwd NUhura
Though not very efficient, the cat /etc/passwd command would allow you to view the NUhura account’s record within the /etc/passwd file. The grep NUhura /etc/passwd and getent passwd NUhura commands also would allow you to see the NUhura record. So options B, D, and E are correct choices. The getent command in option A has got the username and filename flip‐flopped, so it is an incorrect choice. Also, the passwd NUhura command attempts to change the account’s password instead of display its file record, so option C is also an incorrect answer.
UID
GID
- UserID s a unique numerical identifier assigned to each user account in Linux, used by the system to track user ownership and permissions
- UID ranges typically include 0 for root, 1-999 for system/service accounts, and 1000+ for regular user accounts (though ranges can vary by distribution)
- Found in /etc/passwd file where each user entry contains username, password field, UID, GID, user info, home directory, and shell (format: username:x:UID:GID:info:home:shell)
- GroupID is a unique numerical identifier assigned to each group in Linux, similar to how users have UIDs
- Primary function is to manage file permissions and access control - files and directories are assigned group ownership using GIDs
- Found in /etc/group file where each line contains group name, password field, GID number, and list of group members (format: groupname:x:GID:members)
getent
- getent is a command-line utility that retrieves entries from system databases like passwd, group, hosts, and other NSS (Name Service Switch) sources
- Primary use is to query user and group information from various sources including local files (/etc/passwd, /etc/group) and network services (LDAP, NIS)
- Common syntax includes getent passwd username to get user info, getent group groupname for group details, and getent hosts hostname for host resolution
5- You use the useradd -D command to view account creation configuration directives. What file does this command pull its displayed information from?
- The /etc/passwd file
- The /etc/shadow file
- The /etc/group file
- The /etc/login.defs file
- The /etc/default/useradd file
The /etc/default/useradd file
The useradd -D command allows you to view the account creation configuration directives in the /etc/default/useradd file. Therefore, option E is the correct answer. The /etc/passwd, /etc/shadow, and /etc/group files do not contain account creation configuration directives, so options A, B, and C are wrong answers. While the /etc/login.defs file does contain account creation configuration directives, you cannot display it with the useradd -D command. Therefore, option D is also an incorrect choice.
6- You create an account using the appropriate utility, except for some reason the account’s home directory was not created. Which of the following most likely caused this to occur?
- The HOME directive is set to no.
- You did not employ super user privileges.
- The CREATE_HOME directive is not set.
- The INACTIVE directive is set to -1.
- The EXPIRE date is set and it is before today.
The CREATE_HOME directive is not set.
If the CREATE_HOME directive is not set or it is set to no, when a user account is created no home directory will be created by default. Most likely this caused the problem, so option C is the correct answer. The HOME directive determines what base directory name is used when creating home directories for new accounts, so option A is a wrong answer. If you did not employ super user privileges, you would not have been able to even create the account, so option B is a wrong choice. The INACTIVE directive pertains to when an account will be considered inactive, so option D is also an incorrect answer. The EXPIRE directive is involved with account expiration and not home directory creation. Therefore, option E is also an incorrect choice.
7- Your boss has asked you to remove KSingh’s account and all his home directory files from the system immediately. Which command should you use?
- usermod -r KSingh
- rm -r /home/KSingh
- userdel Ksingh
- userdel -r KSingh
- usermod -d KSingh
userdel -r KSingh
To immediately remove the KSingh account and all his home directory files, using super user privileges you would use the userdel -r KSingh command. Therefore, option D is the correct answer. There is no -r option for the usermod command, so option A is a wrong answer. The rm -r /home/KSingh command would only remove the account’s home directory files and not delete the user account. Therefore, option B is an incorrect answer. The userdel command without any options would only delete the account and not remove any of its home directory files, so option C is a wrong choice. The -d option on the usermod command is for changing an account’s home directory. Therefore, option E is also an incorrect choice.
usermod vs userdel
usermod:
usermod: used to modify existing user account properties and settings after the account has been created; Common modifications include changing username (-l), home directory (-d), default shell (-s), user ID (-u), primary group (-g), and adding/removing supplementary groups (-a -G)
userdel: used to delete user accounts from the Linux system, removing the user entry from /etc/passwd and related system files; Basic syntax is userdel username to remove just the account, or userdel -r username to also delete the user’s home directory and mail spool
8- Which of the following will allow you to change an account’s /etc/shadow file record data? (Choose all that apply.)
- The passwd command
- The usermod command
- The userdel command
- The getent command
- The chage command
- The passwd command
- The usermod command
- The userdel command
- The chage command
The passwd, usermod, userdel, and chage commands can all manipulate (or remove) an account’s /etc/shadow file record data in some way. Therefore, options A, B, C, and E are all correct. While the getent command will allow you to display selected records from the /etc/shadow file, it will not allow you to manipulate data records within the file. Therefore, option D is the only incorrect choice.
chage
- command-line utility used to view and modify user password aging information and account expiration settings
- Primary functions include setting password expiration date (-E), minimum/maximum password age (-m/-M), warning days before expiration (-W), and account inactivity period (-I)
- Common usage includes chage -l username to list current settings, chage username for interactive mode, and chage -E YYYY-MM-DD username to set specific expiration dates
9- Which of the following commands will allow you to switch temporarily from your account’s default group to another group you are a member of?
- The usermod command
- The newgrp command
- The groups command
- The groupadd command
- The groupmod command
The newgrp command
The newgrp command will let you switch temporarily from your account’s default group to another group with whom you have membership. Therefore, option B is the correct answer. The usermod command could make that switch, but it is not best for temporary situations, so it is an incorrect choice. The groups command allows you to display group information, but not change groups, so it also is a wrong answer. The groupadd and groupmod commands deal with group management, but not temporarily switching an account’s default group. Therefore, options D and E are also incorrect choices.
10- Which of the following commands is the best one to add JKirk as a member to a new group called the NCC-1701 group and not remove any of the account’s previous group memberships?
- usermod -g NCC-1701 JKirk
- usermod -G NCC-1701 JKirk
- usermod -aG NCC-1701 JKirk
- groupadd NCC-1701
- groupmod NCC-1701 JKirk
usermod -aG NCC-1701 JKirk
The usermod -aG NCC-1701 JKirk command would add JKirk to the NCC-1701 group as a member and not remove any of the account’s previous group memberships. Therefore, option C is the correct answer. The usermod -g NCC-1701 JKirk command would change the JKirk account’s primary group membership, so option A is a wrong answer. The command in option B would add the JKirk account as a member to the NCC-1701 group, but it would remove any of the account’s previous group memberships. Thus, option B is an incorrect answer. The groupadd NCC-1701 command would only add the NCC-1701 group. Therefore, option D is a wrong answer as well. The groupmod command is for modifying groups, and so the command in option E would have undesirable results. Thus, option E is an incorrect choice.
11- Which of the following commands could be used to view the members of the NCC-1701 group? (Choose all that apply.)
- groups NCC-1701
- getent group NCC-1701
- getent groups NCC-1701
- grep NCC-1701 /etc/group
- grep NCC-1701 /etc/groups
- getent group NCC-1701
- grep NCC-1701 /etc/group
The getent group NCC-1701 and grep NCC-1701 /etc/group commands would both allow you to see the various NCC-1701 group members. Therefore, options B and D are correct answers. The groups command is for viewing an account’s various group memberships. Therefore, option A is a wrong answer. It is always tempting to add an s to the /etc/group filename, because of the groups command. However, it is the group file and not the groups file. Thus, options C and E are incorrect choices.
groups
- command-line utility that displays the group memberships for a specified user or the current user if no username is provided
- Basic syntax is groups to show current user’s groups, or groups username to display groups for a specific user account
- Output format shows the primary group first, followed by all supplementary groups the user belongs to, which is useful for troubleshooting permission issues
12- User environment files typically come from where?
- /etc/skel
- /home/userid
- $HOME
- ~
- /etc/
/etc/skel
The skeleton directory, /etc/skel, typically contains the user environment files that are copied to the account’s home directory when it is created. Therefore, option A is the correct answer. Options B, C, and D all contain references to home (or potential home) directories. That is where the user environment files end up, but not where they come from. Thus options B, C, and D are wrong answers. The /etc/ directory is where the global environment files reside. Therefore, option E is also an incorrect choice.
13- A user has logged into the tty3 terminal. Which of the following user environment files is executed first if found in the user’s home directory?
- The .bash_login file
- The .bashrc file
- The .profile file
- The .bash.bashrc file
- The .bash_profile file
The .bash_profile file
The .bash_profile user environment file is run first if it is found in the user account’s home directory. Therefore, option E is the right answer. The .bash_login and .profile user environment files would be ignored if they existed alongside the .bash_profile file within the user’s home directory. Thus, options A and C are wrong answers. The .bashrc file is typically called to execute from one of the other user environment files for an interactive login session. Thus, option B is also an incorrect answer. The .bash.bashrc file, though similar in name to a global environment file, does not exist. Therefore, option D is an incorrect choice.
- .bash_login file
- .bashrc file
- .profile file
- .bash_profile file
- .bash_login file - Executed by bash for login shells only when .bash_profile doesn’t exist, containing commands run once at login
- .bashrc file - Executed by bash for non-login interactive shells, containing aliases, functions, and settings used for each new terminal session
- .profile file - Executed by any POSIX-compatible shell for login shells, containing shell-independent environment variables and startup commands
- .bash_profile file - Executed by bash for login shells only, typically containing environment variables and often sources .bashrc for interactive login sessions
14- Which of the following files and directories may be involved in setting up the environment for all system users? (Choose all that apply.)
- /etc/bash_profile/
- /etc/profile
- /etc/profile.d/
- /etc/bashrc
- /etc/bash.bashrc
- /etc/profile
- /etc/profile.d/
- /etc/bashrc
- /etc/bash.bashrc
Depending on the Linux distribution currently in use, the files (and directory) in options B, C, D, and E may be involved in setting up the global environment. The directory in option A, while similar to a user environment filename, is made up. Therefore, option A is the only incorrect choice.
15- Which of the following commands displays information about the account issuing the command? (Choose all that apply.)
- whoami
- who am i
- cat $HOME/.bashrc
- cat $HOME/.profile
- id
- whoami
- who am i
- id
The whoami, who am i, and id commands will all display information about the current account that is issuing the commands. Therefore, options A, B, and E are correct answers. While the cat commands may display user environment files in the account’s home directory, they do not display information concerning the account. Thus, options C and D are incorrect choices.
16- Which of the following commands will display CPU load data along with information concerning users who are currently logged into the system?
- The who command
- The id command
- The whoami command
- The w command
- The last command
The w command
The w command displays CPU load information for the last 1, 5, and 15 minutes as well as data about users who are currently accessing the system. Therefore, option D is the correct answer. The who command will display information concerning users who are currently logged into the system, but not CPU load data. Thus, option A is a wrong answer. The id command displays user account information, not CPU load data or active user info. Therefore, option B is also a wrong choice. The whoami command only displays the username of the current user issuing the command. Thus, option C is an incorrect answer. The last command displays past and present system access information for user accounts but nothing concerning CPU load data. Thus, option E is an incorrect choice.
17- The last command, by default, pulls its data from what file?
The /var/run/utmp file
The /var/log/wtmp file
The /var/log/wtmp.1 file
The /etc/shadow file
The /etc/passwd file
The /var/log/wtmp file
The last command by default pulls its data from the /var/log/wtmp file. Therefore, option B is the correct answer. The w command uses data from the /var/run/utmp file, so option A is a wrong choice. The last command can pull information from an older saved wtmp file, such as /var/log/wtmp.1, but it does not do so by default. Thus, option C is a wrong choice. The /etc/shadow and /etc/passwd files do not contain any data that can be used with the last command. Therefore, options D and E are incorrect answers.
last
- command-line utility that displays a history of user logins and system reboots by reading from the /var/log/wtmp file
- Basic syntax includes last to show all recent logins, last username to show specific user’s login history, and last reboot to display system reboot times
- Output information includes username, terminal/pts, source IP/hostname, login time, logout time, and session duration for each entry
