LPI Linux Certification in a Nutshell (51 page)

Read LPI Linux Certification in a Nutshell Online

Authors: Adam Haeder; Stephen Addison Schneiter; Bruno Gomes Pessanha; James Stanger

Tags: #Reference:Computers

BOOK: LPI Linux Certification in a Nutshell
9.7Mb size Format: txt, pdf, ePub
Name

useradd

Syntax
useradd [
options
]
user
Description

Create the account
user
on
the system. Both system defaults and specified
options
define how the account is
configured. All system account files are updated as required. An
initial password must subsequently be set for new users using the
passwd
command. It is the user’s responsibility
to go back and change that password when he first logs into the
system.

Frequently used options
-c
comment

Define the comment field, probably the user’s
name.

-d
homedir

Use
homedir
as the user’s
home directory.

-m

Create and populate the home directory.

-s
shell

Use
shell
as the default for
the account.

-D

List (and optionally change) system default
values.

Example

Add a new user,
bsmith
, with all default
settings:

#
useradd bsmith

Add a new user,
jdoe
, with a name,
default home directory, and the
tcsh
shell:

#
useradd -mc "Jane Doe" -s /bin/tcsh jdoe
Name

usermod

Syntax
usermod [
options
]
user
Description

Modify an existing user account. The
usermod
command accepts many of the same
options
useradd
does.

Frequently used options
-L

Lock the password, disabling the account.

-U

Unlock the user’s password, enabling the user to once
again log in to the system.

Examples

Change
jdoe
’s name in the comment
field:

#
usermod -c "Jane Deer-Doe" jdoe

Lock the password for
bsmith
:

#
usermod -L bsmith
Name

userdel

Syntax
userdel [-r]
user
Description

Delete an existing user account. When combined with
the
-r
option, the user’s home directory is
deleted. Note that completely deleting accounts may lead to
confusion when files owned by the deleted user remain in other
system directories. For this reason, it is common to disable an
account rather than delete it. Accounts can be disabled using the
chage
,
usermod
, and
passwd
commands.

Example

Delete the user
bsmith
, including the
home directory:

#
userdel -r bsmith
Name

groupadd

Syntax
groupadd
group
Description

Add
group
to the system. In
the rare case that a group password is desired on
group
, it must be added using the
gpasswd
command after the group is
created.

Name

groupmod

Syntax
groupmod [
option
]
group
Description

Modify the parameters of
group
.

Option
-n
name

Change the name of the group to
name
.

Name

groupdel

Syntax
groupdel
group
Description

Delete
group
from the
system. Deleting groups can lead to the same confusion in the
filesystem as described previously for deleting a user (see
userdel
).

Name

passwd

Syntax
passwd [
options
]
username
Description

Interactively set the password for
username
. The password
cannot be entered on the command line.

Option
-l

Available only to the superuser, this option locks the
password for the account.

Name

gpasswd

Syntax
gpasswd
groupname
Description

Interactively set the group password for
groupname
. The password cannot be entered
on the command line.

Objective 2: Automate System Administration Tasks by Scheduling
Jobs

There is a surprising amount of housekeeping that must be
done to keep a complex operating system such as Linux running smoothly.
Logfile rotation, cleanup of temporary files and directories, system
database rebuilds, backups, and other tasks should be done routinely.
Clearly such mundane things should be automated by the system, freeing
weary system administrators for more interesting work. Fortunately, any
system task that can be accomplished without real-time human intervention
can be automated on Linux using the
cron
and
at
facilities. Both have the ability to
execute system commands, which may start any executable program or script,
at selectable times. Further,
cron
and
at
can execute these commands on behalf of any
authorized system user.
cron
is intended mainly for
regularly scheduled recurring activities, and
at
is
most useful for scheduling single commands for execution in the
future.

Using cron

The
cron
facility consists of two
programs. (There is no individual program called
cron
, which is the overall name given to the
facility. If you execute
man cron
, however, you
will see the manpage for
crond
.)

crond

This is the
cron
daemon, which
is the process that executes your instructions. It starts at
system initialization time and runs in the background
thereafter.

crontab

This is the
cron
table
manipulation program. This program gives you access to your
cron
table or
crontab
file. Each authorized user may have his own
crontab
file to run commands and processes on
a regular basis.

The
cron
daemon wakes up every minute and
examines all
crontab
files, executing any commands
scheduled for that time.

User crontab files

To use the
cron
facility, users do not need
to interact directly with the
crond
daemon.
Instead, each system user has access to the
cron
facility through her
crontab
file. These files
are stored together in a single directory (usually
/var/spool/cron
) and are created and maintained
using the
crontab
utility.

System crontab files

In addition to
crontab
files owned by
individual users,
crond
also looks for the system
crontab
files
/etc/crontab
and files in the directory
/etc/cron.d
. The
format for these system
crontabs
differs slightly
from user
crontabs
. System
crontabs
have an additional field for a username
between the time specifications and the command. For example:

# /etc/crontab
# run myprogram at 6:15am as root
15 6 * * *   root   myprogram

In this example,
myprogram
will be executed by
cron
as the
root
user.

System
crontab
files located in
/etc/cron.d
are of the same form as
/etc/crontab
, including the extra user field.
These files are usually associated with some package or service that
includes a system
crontab
. Allowing a collection
of files in
/etc/cron.d
allows software
installation and upgrade procedures to keep the
cron
configuration up-to-date on an individual
package basis. In most cases, however, you won’t need to change the
crontab
files in
/etc/cron.d
.

On the Exam

Memorize the sequence of time/date fields used in
crontab
files.

On most Linux distributions,
/etc/crontab
contains some standard content to enable the execution of programs and
scripts on the minute, hour, week, and month. These arrangements allow
you to simply drop executable files into the appropriate directory
(such as
/etc/cron.hourly
), where they are
executed automatically. This eliminates
cron
configuration altogether for many tasks and avoids cluttering the root
crontab
file with common commands.

Using at

The
cron
system is intended for the
execution of commands on a regular, periodic schedule. When you need to
simply delay execution of a command or a group of commands to some other
time in the future, you should use
at
. The
at
facility accepts commands from standard input or
from a file.

Controlling User Access to cron and at

In most cases, it is safe to allow users to use the
cron
and
at
facilities.
However, if your circumstances dictate that one or more users should be
prohibited from using these services, two simple authorization files
exist for each:

  • cron.allow
    ,
    cron.deny

  • at.allow
    ,
    at.deny

These files are simply lists of account names. If the
allow
file exists, only those users listed in the
allow
file may use the service. If the
allow
file does not exist but the
deny
file does, only those users not listed in the
deny
file may use the service. For
cron
, if neither file exists, all users have access
to
cron
. For
at
, if neither
file exists, only
root
has access to
at
. An empty
at.deny
file
allows access to all users and is the default.

Name

crontab

Syntax
crontab [
options
]
Description

View or edit
crontab
files.

Frequently used options
-e

Interactively edit the
crontab
file. Unless otherwise specified in either the
EDITOR
or
VISUAL
environment
variables, the editor is
vi
.

-l

Display the contents of the
crontab
file.

-r

Remove the
crontab
file.

-u
user

Operate on
user
’s
crontab
file instead of your own. Only
root
can edit or delete the
crontab
files of other users.

Example

Display the
crontab
file for user
jdoe
:

#
crontab -l -u jdoe

Edit your own
crontab
file:

$
crontab -e

crontab
files use a flexible format to
specify times for command execution. Each line contains six
fields:

minute hour day month dayofweek command

These fields are specified as follows:

  • Minute (0 through 59)

  • Hour (0 through 23)

  • Day of the month (1 through 31)

  • Month (1 through 12 or jan through dec)

  • Day of the week (0 through 7—where 0 or 7 is Sunday—or
    sun through sat)

  • Command (any valid command, including spaces and
    standard Bourne shell syntax)

For example, to execute
myprogram
once
per day at 6:15 a.m., use this
crontab
entry:

# run myprogram at 6:15am
15 6 * * *   myprogram

Lines that begin with the pound sign (
#
) are comment lines and are ignored by
crond
. Comments must begin on a new line and
may not appear within commands. The asterisks in this
crontab
are placeholders and match any date
or time for the field where they’re found. Here, they indicate
that
myprogram
should execute at 6:15 a.m. on
all days of the month, every month, all days of the week.

Each of the time specifications may be single, list
(
1,3,5
), or range (
1-5
or
wed-fri
) entries or combinations
thereof. To modify the previous example to execute at 6:15 and
18:15 on the 1st and 15th of the month, use:

# run myprogram at 6:15am and 6:15pm on the 1st and 15th
15 6,18 1,15 * *   myprogram

As you can see, the time specifications are very
flexible.

Because the
cron
daemon evaluates each
crontab
entry when it wakes up each minute,
it is not necessary to restart or reinitialize
crond
when
crontab
entries are changed or new files are
created
.

Other books

Unbreakable by Amie Nichols
To Reach the Clouds by Philippe Petit
Miss Marple and Mystery by Agatha Christie
Guerra Mundial Z by Max Brooks
The Specimen by Martha Lea
Sewing in Circles by Chloe Taylor
Upgunned by David J. Schow