Special accounts

Step 2
Type the following commands on your terminal to delete the usersgroups listed below:
[root@deep /]# groupdel adm
[root@deep /]# groupdel Ip
[root@deep /]# groupdel news
[root@deep /]# groupdel uucp
[root@deep /]# groupdel games (delete this group if you don’t use X Window Server).
[root@deep /]# groupdel dip
[root@deep /]# groupdel pppusers
[root@deep /]# groupdel popusers (delete this group if you don’t use pop server for email).
[root@deep /]# groupdel slipusers

Step 3
Add the necessary user to the system:
• To add a new user on your system, use the command:
[root@deep /]# useradd username
• To add or change password for user on your system, use the command:
[root@deep /]# passwd username
For example:
[root@deep /]# useradd admin
[root@deep /]# passwd admin
The output should look something like this.
Changing password for user admin
New UNIX password: somepasswd
passwd: all authentication tokens updated successfully
Step 4
The immutable bit can be used to prevent accidentally deleting or overwriting a file that must be protected. It also prevents someone from creating a symbolic link to this file, which has been the source of attacks involving the deletion of 7etc/passwd”, “/etc/shadow”, “/etc/group” or
7etc/gshadow”.
• To set the immutable bit on the passwords and groups files, use the command:
[root@deep /]# chattr +i /etc/passwd [root@deep /]# chattr +i /etc/shadow [root@deep /]# chattr +i /etc/group [root@deep /]# chattr +i /etc/gshadow
NOTE: In the future, if you intend to add or delete users, passwords, usergroups, or group files, you must unset the immutable bit on all those files or you will not be able to make your changes. Also if you intend to install an RPM program that will automatically add a new user to the different immunized passwd and group files, then you will receive an error message during the install if you have not unset the immutable bit from those files.

Страниц: 1 2