4,348
edits
m
→Set a directory writable by a certain group
iwu |
Tag: visualeditor |
||
| (11 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
= | [[Category:System administration]] | ||
= Groups = | |||
== | == Add a new group == | ||
=== Add a | <syntaxhighlight lang="bash"> | ||
$ sudo addgroup webdev | |||
or | |||
$ sudo groupadd webdev | |||
</syntaxhighlight> | |||
== Delete a group == | |||
<syntaxhighlight lang="bash"> | |||
$ sudo delgroup webdev | |||
or | |||
$ sudo groupdel webdev | |||
</syntaxhighlight> | |||
== Add a user to a group == | |||
<source lang="bash"> | <source lang="bash"> | ||
$ sudo | $ sudo adduser username groupname | ||
or | |||
$ sudo useradd -G groupname username // for a new user | |||
or | |||
$ sudo usermod -a -G groupname username // for an existing user | |||
</source> | </source> | ||
== | == Remove a user from a group == | ||
<source lang="bash"> | <source lang="bash"> | ||
$ sudo | $ sudo gpasswd -d username groupname | ||
</source> | </source> | ||
=== | == List a user's groups == | ||
<syntaxhighlight lang="bash"> | |||
$ id -Gn username | |||
</syntaxhighlight> | |||
== Check a user's primary group == | |||
<syntaxhighlight lang="bash"> | |||
$ getent group username | |||
</syntaxhighlight> | |||
== Change a user's primary group == | |||
<syntaxhighlight lang="bash"> | |||
$ sudo usermod -g groupname username | |||
</syntaxhighlight> | |||
== Check user's group assignments == | |||
<syntaxhighlight lang="bash"> | |||
$ id username | |||
or | |||
$ groups username | |||
or | |||
$ id -Gn username | |||
</syntaxhighlight> | |||
== Set a directory writable by a certain group == | |||
Turn on the SGID bit for the root folder | |||
<source lang="bash"> | <source lang="bash"> | ||
$ sudo | $ sudo chmod g+s www | ||
</source> | </source> | ||
Make /srv/www folder readable/writable/executable by dev group | Make /srv/www folder readable/writable/executable by dev group | ||
| Line 29: | Line 76: | ||
</source> | </source> | ||
= Add a user account = | |||
<source lang="bash"> | <source lang="bash"> | ||
| Line 36: | Line 83: | ||
</source> | </source> | ||
= Delete a user account = | |||
Force removal and delete files | Force removal and delete files | ||
| Line 50: | Line 97: | ||
</source> | </source> | ||
= Lock or unlock a user account = | |||
<source lang="bash"> | <source lang="bash"> | ||
| Line 57: | Line 104: | ||
</source> | </source> | ||
= Adding sudoers = | |||
A file can be added for groups of users or specific users to /etc/sudoers.d/ directory. This line would make someone a sudoer with no password requirement. | A file can be added for groups of users or specific users to /etc/sudoers.d/ directory. This line would make someone a sudoer with no password requirement. | ||
| Line 70: | Line 117: | ||
jsmith ALL=(ALL:ALL) ALL | jsmith ALL=(ALL:ALL) ALL | ||
</source> | </source> | ||
== Updating sudoers file safely == | |||
* ''Last checked on Ubuntu 16.04.01 LTS (xenial)'' | |||
The command <code>visudo</code> checks the validity of the sudoers file before making the actual update to the file, and this is the recommended way of editing the file because one can potentially lose sudo privileges unintentionally. | |||
<syntaxhighlight lang="bash"> | |||
$ sudo visudo | |||
</syntaxhighlight> | |||
Instead editing <span class="shell">/etc/sudoers</span> file I usually create a file at <span class="shell">/etc/sudoers.d/localusers</span> so I edit that instead. | |||
<syntaxhighlight lang="bash"> | |||
$ sudo visudo -f /etc/sudoers.d/localusers | |||
</syntaxhighlight> | |||
=== Changing the default editor used for visudo === | |||
I'm a VIM user, but many of the distros default to nano for newcomers to Linux systems. You can use the following command to change the default editor that is loaded for visudo and for many other apps. | |||
<syntaxhighlight lang="bash"> | |||
$ sudo update-alternatives --config editor | |||
</syntaxhighlight> | |||