System administrations User profiles su sudo Shell operations – Part 3

In our last two assignments you have learnt about user managements. You discover that

  • Files those are responsible for user and group managements
  • How to create a normal user
  • How to create user without password
  • How to create bulk users and groups
  • How to delete bulk user and groups

In this assignment we will discuss about user variables and profiles. User’s session starting from his login to till exit is controlled by some profile files. These files are located in /etc/skel. When you create a new user script files from this directory are copied in user’s home directory. There is only exceptions when user is created with –M switch or user home directoy is already exist.

linux useradd

In such a situations you need to copy these file manually. These file are hidden and can be seen by –a switch with ls commands.

 $ls –a

linux user login



This script file instructs user session to check .bashrc file for user aliases and functions. Further its set user command path . if you want add your own directory to your command path. Edit this file. For example user vinita wants her home directory should be check while excuting commands she can add this line in her .bash_profile files.

$vi .bash_profile



This file is used to controls user variable and other profile during his login session. If you want to execute any command automatically on user logon set that command in this file. For example if user vinita wants to clear screen immediately after her login. She need to add clear command at end of this file.

 $vi .bashrc
 # add your command only in the end of file

With this file you can play a funny trick with your friends. Create a user and set exit command in his .bashrc files. Now ask your friends to login with this user. exit command will logout the user as soon as user will login and user will never will be able to login.



This file is used to clear the terminals after the exit of current user.


The alias command is used to create another name for a command. The alias does not exactly replace the name of the command; it simply gives another name to that command. An alias command begins with the keyword alias and the new name for the command, followed by an equal sign and the command the alias will reference. No spaces can be around the equal sign used in the alias command. In the next example, list becomes another name for the ls command:

$ alias list=ls
$ ls
Report vickey nikki
$ list
Report vickey nikki

You can also use an alias to alternate for a command and its option, but you need to enclose both the command and the option within single quotes. Any command you alias that contains spaces must be enclosed in single quotes as well. In the next example, the alias longlist is set for command ls -l

$ alias longlist='ls -l'

linux alias commands

Controlling some important Shell Operations

The BASH shell has several features that enable you to control the way different shell operations work. You need not know all these options for exam. But some hand operations you should always try in exam.

To stop logout form CTRL+D

Several commands in Linux are completed with CTRL+D. for example if you are making file form cat command the CTRL+D is used to save the files. And if you are using calculator on command prompt then CTRL+D is used to exit form calculators. But what if you pressed accidently CTRL+D two times, it will logout you from current session and you have login again.

 $set –o ignoreeof

Now press CTRL+D and you will get a message “Use “logout” to leave the shell.

linux shell

To stop overwriting of files

Other important shell operations are overwriting. How many times you have overwritten files. For example

$cat > test
Testing file
$ls test

now run this command once again

$cat > test
Old matter will overwrite without any message
$ls $cat test
Old matter will overwrite without any message

Notice how easily Linux can overwrite file. To turnoff this shell feature

 $set –o noclobber

Now whenever you will try to overwrite it will stop you with error message.

linux shell

Whatever you set with –o option can be correct with + sign.

$set +o ignoreeof
Now again you can logout with CTRL+D.

Changing shell prompt

By default shell prompt show user name hostname and current working directory. You can change this prompt to following variable.

change command prompt

The following table lists the codes for configuring your prompt:

 Prompt Codes Description 
\!         Current history number
\$         Use $ as prompt for all users except
           the root user, which has the # as its prompt
\d         Current date
\#         History command number for just the current shell
\h         Hostname
\s         Shell type currently active
\t         Time of day in hours, minutes, and seconds
\u         Username
\v         Shell version
\w         Full pathname of the current working directory
\W         Name of the current working directory
\\         Displays a backslash character
\n         Inserts a newline
\[ \]      Allows entry of terminal-specific display characters
           for features like color or bold font
\nnn       Character specified in octal format

Granting root privilege to normal user

Generally in Linux, a system administrator does everything possible as a normal user. It’s a good practice to use superuser privileges only when absolutely necessary. But one time when it’s appropriate is during the Red Hat exams. Good administrators will return to being normal users when they’re done with their tasks. Mistakes as the root user can disable your Linux system. There are two basic ways to make this work:

The superuser command, su, prompts you for the root password before logging you in with root privileges.

linux su commands

su command without any arguments will ask for root password. By giving root password you will get root privilege. To execute any command you should know the exact path of command otherwise you get command not found error. Because you will not get root’s command path. To get root’s environments and command paths and home directory use – hyphen sign with su commands

Limiting Access to su

First, you will need to add the users who you want to allow access to the su command. Make them a part of the wheel group. By default, this line in /etc/group looks like:


You can add the users of your choice to the end of this line directly, with the usermod -G wheel [username] command, or with the Red Hat User Manager.

 #usermod –G wheel vinita

Next, you will need to make your Pluggable Authentication Modules (PAM) look for this group. You can do so by activating the following command in your /etc/pam.d/su file:

 # auth required use_uid

The sudo command allows users listed in /etc/sudoers to run administrative commands. You can configure /etc/sudoers to set limits on the root privileges granted to a specific user.

linux sudo commands

To use sudo commands you don’t need to give root password. A user with appropriate right from /etc/sudoers can execute root privilege command form his own passwords.

Red Hat Enterprise Linux provides some features that make working as root somewhat safer. For example, logins using the ftp and telnet commands to remote computers are disabled by default.

Limiting Access to sudo

You can limit access to the sudo command. Regular users who are authorized in /etc/sudoers can access administrative commands with their own password. You don’t need to give out the administrative password to everyone who thinks they know as much as you do about Linux. To access /etc/sudoers in the vi editor, run the visudo command.

linux vi /etc/sudoers

From the following directive, the root user is allowed full access to administrative commands:

linux sudoers files

For example, if you want to allow user vinita full administrative access, add the following directive to /etc/sudoers:

 root ALL=(ALL) ALL vinita ALL=(ALL) ALL

In this case, all vinita needs to do to run an administrative command such as starting the network service from her regular account is to run the following command, entering her own user password (note the regular user prompt, $):

 $ sudo /sbin/service network restart Password:

linux sudo commands

You can even allow special users administrative access without a password. As suggested by the comments, the following directive in /etc/sudoers would allow all users in the wheel group to run administrative commands without a password:


But you don’t have to allow full administrative access. For example, if you want to allow those in the %users group to shut down the local system, you can activate the following directive:

 %users localhost=/sbin/shutdown -h now

Changing Owner and Group chown chgrp commands Linux System Administration Guide – Part 4

Posted in Linux

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: