Operating Systems/Linux/Ubuntu/Ubuntu 16.04 LTS/User Account Management

From Vista Ridge Cyberpatriot
Jump to navigation Jump to search

User Account Management (Ubuntu 16.04 LTS)

What Are We Doing?

User account management is about ensuring that our users and their permissions are appropriate. Your virtual machine will have a README file located on the desktop when you first boot it up. This README will specify which users should exist on the system and which permissions those users should have. You will need to perform the following audits on the users of the system:

  1. Verify that all users in the README exist on the system. If you see a user noted in the README that does not exist on the system, they will need to be added.
  2. Verify that no users exist on the system who are not in the README. If there are users on the system who are not in the README, they should be removed.
  3. Verify that all users who are listed as Administrators have Administrator privileges. If there are users on the system who should have Administrator privileges, but do not, they should have their permissions modified to add it.
  4. Verify that no users who are not listed as Administrators have Administrator privileges. If there are users on the system who have Administrator privileges, but are not supposed to, they should have their permissions modified to remove it.

Audit #1: Find and Add Missing Users

Graphical User Interface (GUI):

  1. Click on the "System Settings" icon (The gear and wrench icon) from the menu on the left.
  2. Double click on "User Accounts".
  3. Click on the "Unlock" button in the top right corner if it is locked and enter the current user's password to authenticate.
  4. Go through each of the users in the README file and verify that they are in the list of accounts on the left.
  5. If you notice a user in the README that is not listed, click the "+" icon underneath the list of users.
  6. Select the appropriate Account Type of "Standard" or "Administrator".
  7. Ensure that the username matches what is listed in the README.
  8. Click "Add"

Command Line Interface (CLI):

  1. Click on the "Search your computer" icon (The Ubuntu logo) from the menu on the left.
  2. Search for the "Terminal" application and click on it when it appears.
  3. Run the command sudo bash and enter the password for your user account when prompted.
  4. Go through each of the users in the README file and verify that they exist on the system:
    • Run the command awk -F: '{ print $1 }' /etc/passwd to get the list of all users on the system.
    • Run the command awk -F: '{ print $1 }' /etc/passwd | grep <username> to see if a specific username exists on the system.
  5. If you notice a user in the README that is not listed, use the appropriate command to add the new user:
    • Account Type: Standard: useradd <username>
    • Account Type: Administrator: useradd <username> -G sudo

Audit #2: Find and Remove Extra Users

Graphical User Interface (GUI):

1. Open the Activities overview and start typing Users.

2. Click Users to open the panel.

3. Press Unlock in the top right corner and type in your password when prompted.

4. Click on the user account that you want to delete under Other Users.

5. Press the Remove User... button to delete that user account.

Each user has their own home folder for their files and settings. You can choose to keep or delete the user’s home folder. Click Delete Files if you are sure they will not be used anymore and you need to free up disk space. These files are permanently deleted. They cannot be recovered. You may want to back up the files to an external storage device before deleting them.

Command Line Interface (CLI):

1. List users registered in the system using: cat /etc/passwd

2.If not in the root use this command to delete the user: sudo deluser <username>

3. Check to see if the user has been successfully deleted using: cat /etc/passwd

Audit #3: Find and Promote Non-Admin Users to Administrator

Graphical User Interface (GUI):

  1. Click on the "System Settings" icon (The gear and wrench icon) from the menu on the left.
  2. Double click on "User Accounts".
  3. Click on the "Unlock" button in the top right corner if it is locked and enter the current user's password to authenticate.
  4. Go through each of the users in the README file and verify that they have the correct permissions
  5. If you notice a user in the README that does not have the correct permissions
  6. select the username of the user you want to change permissions for
  7. select the correct permission for the user, then exit

Command Line Interface (CLI):

  1. Click on the "Search your computer" icon (The Ubuntu logo) from the menu on the left.
  2. Search for the "Terminal" application and click on it when it appears.
  3. Run the command sudo bash and enter the password for your user account when prompted.
  4. Go through each of the users in the README file and verify that they have the correct permissions:
    • Run the command $ sudo nano visudo to get the list of all sudoers
  5. If you notice a user in the README that has incorrect permissions, use the appropriate command change their permissions:
    • Use these two commands to[username] ALL=(ALL) ALL and User_Alias ADMINS = [username] Cmnd_Alias HTTPD = /etc/init.d/httpd ADMINS ALL = HTTPD to make a user a admin
    • To remove a admin, delete the previous commands with their usernames
  6. Exit the file through Ctrl+X and press Y to save

Audit #4: Find and Remove Additional Administrator Users

Retrieved from "https://cypat.rainbowunicorn.org/index.php?title=Operating_Systems/Linux/Ubuntu/Ubuntu_16.04_LTS/User_Account_Management&oldid=179"