Linux user management

HacksLand | The computer science playground

Posted by Thilan Dissanayaka on Aug 18, 2019
Today I bought you another tutorial on Linux. Hear we are going to discus about basic user management in Linux. You know that Linux shell is more powerful. So it's easy to manage users and their privileges in a terminal than do it with GUI. Generally there are normal users in Linux for do normal and everyday tasks like word processing , web surfing , programming etc. Also there is a special group of users called super users. They can administrate the system and change system settings. In Linux root user is the most powerful user. Root can do anything in the system. Yes anything. Even he can delete entire system with one command. In following snippet I have show you some commands. First one is normal directory listing command. You can see that when the beginning there is a normal user. He can use ls command without a restriction. [Actually a normal user cant use ls command in every directory.A administrator can restrict it.We'll talk more about in future tutorials. For now just think any user can use ls.] But what happen when I try to use ifconfig command? Bash shell tel the command is unknown :-( . Why? It's a command that cannot be used by normal user. We have two options . first one is use it with root user. If not we can use that command with sudo command. Let me quickly explain what is sudo. It is a binary and it allow a normal user to use root privileges . But the normal user should have to be in sudo group. Wait. Why there is such a thing? If normal user can use super user privileges why we create a normal user? We can directly use the root user for everyday tasks. yes . But for some security reasons it's good to use a normal user for everyday tasks. When you want to use root accesses you may switch into root or use sudo. What's the security we get hear? If you are the root user you can run any command without a restriction. So if you are new to Linux you may damage your system. You can accidentally delete or change an important file. Using a non privileged account will prevent those . When you have some experience in Linux environment it's OK to use Root as default.
[email protected]:~$ ls
Desktop    index.html    music      new    Pictures   Videos
Documents    Music      new.c  Public
Downloads  peda   Templates
[email protected]:~$ ifconfig
bash: ifconfig: command not found
[email protected]:~$ sudo ifconfig
[sudo] password for thilan: 
eth0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        ether 00:00:f0:96:6a:0d  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
Now I'm going to introduce another couple of commands to you. First one is whoami . Read it carefully . It stands for Who am I. :-) . Yes it'll tell your username. This is one of my favorite command. It's awesome to type whoami and see the word root when you play a CTF and do a privilege escalation. :-)
[email protected]:~$ whoami

[email protected]:~$ su

[email protected]:?[/home/thilan]~# whoami
Second command is su. It stands for Switch User. If you don't give an argument to it it'll switch you into root. If you want to switch into a specific account you want to give it to the binary.  In above example when I started I'm a normal user and after I use su I'm the root. You must provide the root password to do that. Hear we have another command called id. It'll give our user id and some other information about our user account.Note that root's user id and group id are 0.
[email protected]:?[/home/thilan]~# id 
uid=0(root) gid=0(root) groups=0(root)
There is another user managing binary called passwd. It'll allow us to change our UNIX password.
[email protected]:?[/home/thilan]~# passwd 
Enter new UNIX password: 
Retype new UNIX password: 
passwd: password updated successfully
In following example I  switched back into normal user account. I explained about this in above paragraph.
[email protected]:?[/home/thilan]~# su thilan

 [email protected]:~$
Now I'm going to tell you how we can add a new user in Linux. We have another handy command for this .It's adduser. You need to give a user name as argument. Also you want to be root or using sudo.
[email protected]:?[/home/thilan]~# adduser temp 
Adding user `temp' ... 
Adding new group `temp' (1001) ... 
Adding new user `temp' (1001) with group `temp' ... 
Creating home directory `/home/temp' ... 
Copying files from `/etc/skel' ... 
Enter new UNIX password: 
Retype new UNIX password: 
passwd: password updated successfully 
Changing the user information for temp Enter the new value, or press ENTER for the default 
Full Name []: 
tempory Room Number []: 1 
Work Phone []: 11 
Home Phone []: 11 
Other []: 11 
Is the information correct? [Y/n] y
It asked many details about the user. I think most of them are unwanted. :-) anyway that's the way normally we add a new UNIX user. Next we have to see about chown command. It will change the owner of a file. If you create a file as root .It'll run as root Even a normal user use it. Also that binary always have root power. But program's logic prevent giving that power to normal user. This is why we search a uid 0 file for exploit. :-) I'm planing to write a separate tutorial about chown and chmod too. Till then try to understand it.
[email protected]:~$ touch temp
[email protected]:~$ ls -l temp
-rw-r--r-- 1 thilan thilan 0 Jun 28 17:23 temp

[email protected]:~$ sudo chown root temp
[email protected]:~$ ls -l temp
-rw-r--r-- 1 root thilan 0 Jun 28 17:23 temp
I created a empty file with touch command. When I creating that I'm a normal user. So when I use ls - l command  , we can see that owner is normal user. After that I used chown and change the owner to root. Then owner is displayed as root. I think you got understand the tutorial Leave a comment if anything is unclear or wrong. Thank you for reading.

Hi, I'm Thilan. An engineering student from SriLanka. I love to code with Python, JavaScript PHP and C.

Also read

Sep 08
Build A Simple Web shell

A web shell is a piece of code that written to get control over a web server. It is helpful for....

Sep 06
PHP sessions tutorial

A session variable is a special kind of global variable in php programming. We can use sessions for....

Sep 06
PHP Secure fie uploading

Hear I'm going to share a easy and secure way to upload your images and other files. You have to be....