Today I bought you another tutorial on Linux. Hear we are going to discus about basic user management in Linux. You know that Linux shell is more powerful. So it's easy to manage users and their privileges in a terminal than do it with GUI. Generally there are normal users in Linux for do normal and everyday tasks like word processing , web surfing , programming etc. Also there is a special group of users called super users. They can administrate the system and change system settings. In Linux root user is the most powerful user. Root can do anything in the system. Yes anything. Even he can delete entire system with one command. In following snippet I have show you some commands. First one is normal directory listing command. You can see that when the beginning there is a normal user. He can use ls command without a restriction. [Actually a normal user cant use ls command in every directory.A administrator can restrict it.We'll talk more about in future tutorials. For now just think any user can use ls.] But what happen when I try to use ifconfig command? Bash shell tel the command is unknown :-( . Why? It's a command that cannot be used by normal user. We have two options . first one is use it with root user. If not we can use that command with sudo command. Let me quickly explain what is sudo. It is a binary and it allow a normal user to use root privileges . But the normal user should have to be in sudo group. Wait. Why there is such a thing? If normal user can use super user privileges why we create a normal user? We can directly use the root user for everyday tasks. yes . But for some security reasons it's good to use a normal user for everyday tasks. When you want to use root accesses you may switch into root or use sudo. What's the security we get hear? If you are the root user you can run any command without a restriction. So if you are new to Linux you may damage your system. You can accidentally delete or change an important file. Using a non privileged account will prevent those . When you have some experience in Linux environment it's OK to use Root as default.
Now I'm going to introduce another couple of commands to you. First one is whoami . Read it carefully . It stands for Who am I. :-) . Yes it'll tell your username. This is one of my favorite command. It's awesome to type whoami and see the word root when you play a CTF and do a privilege escalation. :-)
thilan@bt:~$ ls Desktop index.html music new Pictures Videos Documents master.zip Music new.c Public Downloads master.zip.1 nano.save peda Templates thilan@bt:~$ ifconfig bash: ifconfig: command not found thilan@bt:~$ sudo ifconfig [sudo] password for thilan: eth0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 ether 00:00:f0:96:6a:0d txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
Second command is su. It stands for Switch User. If you don't give an argument to it it'll switch you into root. If you want to switch into a specific account you want to give it to the binary. In above example when I started I'm a normal user and after I use su I'm the root. You must provide the root password to do that. Hear we have another command called id. It'll give our user id and some other information about our user account.Note that root's user id and group id are 0.
thilan@bt:~$ whoami thilan thilan@bt:~$ su Password: root@bt:?[/home/thilan]~# whoami root
There is another user managing binary called passwd. It'll allow us to change our UNIX password.
root@bt:?[/home/thilan]~#id uid=0(root) gid=0(root) groups=0(root)
In following example I switched back into normal user account. I explained about this in above paragraph.
root@bt:?[/home/thilan]~#passwd Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully
Now I'm going to tell you how we can add a new user in Linux. We have another handy command for this .It's adduser. You need to give a user name as argument. Also you want to be root or using sudo.
root@bt:?[/home/thilan]~#su thilan thilan@bt:~$
It asked many details about the user. I think most of them are unwanted. :-) anyway that's the way normally we add a new UNIX user. Next we have to see about chown command. It will change the owner of a file. If you create a file as root .It'll run as root Even a normal user use it. Also that binary always have root power. But program's logic prevent giving that power to normal user. This is why we search a uid 0 file for exploit. :-) I'm planing to write a separate tutorial about chown and chmod too. Till then try to understand it.
root@bt:?[/home/thilan]~#adduser temp Adding user `temp' ... Adding new group `temp' (1001) ... Adding new user `temp' (1001) with group `temp' ... Creating home directory `/home/temp' ... Copying files from `/etc/skel' ... Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully Changing the user information for temp Enter the new value, or press ENTER for the default Full Name : tempory Room Number : 1 Work Phone : 11 Home Phone : 11 Other : 11 Is the information correct? [Y/n] y
I created a empty file with touch command. When I creating that I'm a normal user. So when I use ls - l command , we can see that owner is normal user. After that I used chown and change the owner to root. Then owner is displayed as root. I think you got understand the tutorial Leave a comment if anything is unclear or wrong. Thank you for reading.
thilan@bt:~$ touch temp thilan@bt:~$ ls -l temp -rw-r--r-- 1 thilan thilan 0 Jun 28 17:23 temp thilan@bt:~$ sudo chown root temp thilan@bt:~$ ls -l temp -rw-r--r-- 1 root thilan 0 Jun 28 17:23 temp