date --set='Sat Jun 2 11:50:25 2012' ## set date. date -r /etc/passwd ## display the last modification time of /etc/passwd.

(s imilar to: ls -lh /etc/passwd). tzselect ## select Time-Zone. cat << STRING > /temp/tempcat.txt ## create /temp/tempcat.txt using cat, E nd of file defined by STRING in a single line. spell /tmp/1.txt > /tmp/2.txt ## spelling checker tool, can run like c at i.e, spell << EOF. grep '^root' /etc/passwd ## display only lines starts with the word root. note: grep by default is case sensitive. use -i to ignore case distinctions. grep '[Aa]pples' fruits.txt ## lines starts with capital or small letter 'a' followed by 'pples' grep -n '/sbin/nologin$' /etc/passwd ## search for system accounts which don' t not have a login shell. display line number of the output. grep -v '/sbin/nologin$' /etc/passwd ## the opposite of the previous command. show accounts don't have /sbin/nologin as a default login shell. sed 's/string1/string2/' sourcefile.txt ## to substitute string1 with st ring2 in sourcefile.txt. note: sed is not set to edit the source file. you've to redirect output to a new file. man 7 regex ## more information about regular expression. useradd -s /bin/tcsh -d "/home/accounting/Hamdi" hamdi ## /home/accounting/ mus t exist. usrmod -c "Hamdi fawzi" hamdi ## usermod uses options like useradd. -c used to edit user account comment (full name). useradd -p <Encrypted-password> username ## note: using useradd without p, the user will be disabled untill setting a user password. passwd -l hamdi ## lock hamdi account. passwd -u hamdi ## unlock hamdi account. chage ## set a password policy for user(s). Examples: chage -M 30 hamdi ## set maximum password age as 30 days for hamdi. hamdi must change his password before 30 days to continue using his account. chage -E 2012-9-01 hamdi ## set expiration date for hamdi chage -l hamdi ## show the password policy for hamdi. use this command to know why user can not access his account even he's entering his password prop erly. ## Administrator can extend the password expiration by one more day to give the user a chance to change his password chage -W 2 hamdi ## to keep a user from being surprised that his password is about to expire we can set number of days prior to password expirati on for a user to recieve warning that his password is about to expire with -W op tion groupadd GROUPNAME usermod -G GROUPNAME hamdi ## add hamdi to GROUPNAME as a supplementary gro up. hamdi must re-login to activate changes or run the command newgroup like so: (check source command if it can activate changes without re-login) newgrp GROUPNAME groups ## show groups of a current user. to display groups of a user, run group s followed by username useradd -G EXISTINGGROUP newuser ## create a new user as a member of a su pplementary group EXISTINGGROUP groupmod -n NEWNAME OLDNAME ## change group name groupmod -g 1000 GROUPNAME ## change group-id to 1000 of a certain group. id USERNAME ## show user-id as well as his groups' names and ids gpasswd -A GROUPADMIN GROUPNAME ## set a user to be a Group Administrato r, so he can add/remove users to/from his group. note: only root can use '-A' op tion. $ gpasswd -a USERNAME GROUPNAME ## the Group Administrator can add users to his group. groupdel GROUPNAME ## delete a group. Members won't be deleted from the sys tem.

/etc/passwd ## world readable file; is a database file contains system users information broken into different fields separated by columns ':'. fields are: username:password:user_id:primary_group_id:comment:user_home_directory:default_l ogin_shell password=x means the password is encrypted and stored in /etc/shadow ; comment is usually the user full name "useradd -c argument" ; /etc/shadow ## secure users database file, fields are: username:encrypted_password: encrypted_password=!! indicates that there is no password for this account encrypted_password=* ???????????? is no. of days since Jan 1, 1970 'known as Unix time' that the password was las t changed. minimum password age in no. of days before the user can change his password, 0 means there is no minimum pasowrd age is the number of days after which the user needs to change his password, 99999 means infinity the password warning period, if there is nothing in this field there will be no warning period password inactivity period, is the maximum no. of days a password could be stil l acceptable by the system after it has been expired, no value means there is no inactivity period in place. account expiration date shown as a no. of days since Jan 1, 1970 , if this time is elapsed a user won't be able to login to the system whether his password is vailed or not . empty field means the account never expires. /etc/group ## file containning information about groups group_name:group_password:group_id:group_members group_password=x means the password is located in /etc/gshadow group_members is a comma separated list of members belong to the group. /etc/gshadow ## only root can view this file group_name:encrypted_password:group_administrator:group_members encrypted_password=!! ## Default permissions comes from umask value stored in /etc/profile ## only owner and root can chown files ?? chown to change user ownship; chgrp to change group ownership. ## emutable bit: can be very useful if you want to save a file from accidental r emove. chattr +i filenamew ## no one can edit/delete the file. lsattr filename ## list file attributes ## Group Directories - collaborative directory for a group of users : mkdir /home/research chown nobody:research /home/research chmod 2070 /home/research ## 2: SGID bit- flag to force group ownership of directory contents to the directory group NOT the user who create the file, the execute bit of the group permission will shows 's' instead of 'x'. 7: grant ful l permission for Group members usermod -e 2012-06-30 username ## set expiration date for a user usermod -g GROUP username (or) usermod --gid GROUP username ## change user's primary group. GROUP must be existing GROUPNAME or GROUPID. usermod -G GROUP1,GROUP2,GROUP3,....,GROUPx username ## GROUP(s): list of sup plementary groups, no intervening whitespace. If the user is currently a member of a group which is not listed, the user will be removed from the group, This be haviour can be changed via -a option. usermod -l NEWLOGIN LOGIN ## change username from LOGIN to NEWLOGIN usermod -L username ## Lock user password. this will put '!' in front of the password field in /etc/shadow. usermod -u UID username ## change user id. positive and unique value (un less you use -o option "usermod -u 502 -o blue", thus you can use existing user id). this will change user's files within $HOME to the new id, Files outside of the user's home directory must be altered manually. usermod -U username ## Unlock user's password.

## usermod won't allow you to change the name of a user who is logged in. You mu st make certain that the user is not executing any processes when this command i s being executed. If the user's numerical user ID is changed, you must change th e owner of any 'crontab' files and the owner of any 'at' jobs manually. You must make any changes involving NIS on the NIS server. ##