RHCSA Practical Lab Series β User & Group Management
π Lab 4: Creating User Accounts and Group Permissions
π Objective
In this lab, you will:
β Create a new user group
β Add users with specific group memberships
β Restrict shell access for a specific user
β Set passwords for all users
π Step 1: Create the User Group
We first need to create a group called sysadmins:
[root@node1 ~]# groupadd sysadmins
π Tip: The groupadd command creates a new group. You can verify its creation using:
[root@node1 ~]# cat /etc/group | grep sysadmins
π Step 2: Create Users and Assign Group Memberships
Now, we will create three users (alice, bob, and charlie) with the following rules:
πΉ alice should be a member of sysadmins
[root@node1 ~]# useradd -G sysadmins alice
πΉ bob should also be a member of sysadmins
[root@node1 ~]# useradd -G sysadmins bob
πΉ charlie should not have shell access and should not be in sysadmins
[root@node1 ~]# useradd -s /bin/false charlie
π Tip:
-G sysadminsβ Adds the user to thesysadminsgroup.-s /bin/falseβ Prevents the user from logging into the shell.
πΉ Verify group membership:
[root@node1 ~]# id alice
[root@node1 ~]# id bob
[root@node1 ~]# id charlie
πΉ Expected Output (example for alice):
uid=1001(alice) gid=1001(alice) groups=1001(alice),1002(sysadmins)
π Step 3: Set User Passwords
The passwords for all users (alice, bob, charlie) should be cloudnetops.
[root@node1 ~]# echo cloudnetops | passwd --stdin alice
[root@node1 ~]# echo cloudnetops | passwd --stdin bob
[root@node1 ~]# echo cloudnetops | passwd --stdin charlie
πΉ Verify the password has been set (prompt for password change should not appear):
[root@node1 ~]# su - alice
Enter cloudnetops as the password and ensure login is successful.
π Tip:
- The
echo cloudnetops | passwd --stdin usernamecommand sets a password in a single step. - If
su - charliefails, it means shell access has been successfully restricted.
π Step 4: Verify User Restrictions
πΉ Test login for alice (should succeed)
[root@node1 ~]# su - alice
πΉ Test login for charlie (should fail due to restricted shell access)
[root@node1 ~]# su - charlie
πΉ Expected Output:
This account is currently not available.
β
If charlie cannot log in, the shell restriction is working correctly.
β Final Summary
In this lab, you successfully:
β Created a new group (sysadmins)
β Created three users (alice, bob, and charlie)
β Added alice and bob to sysadmins
β Restricted shell access for charlie
β Set passwords for all users
π Next Lab: Automating Tasks with Cron Jobs
Objective
π© Subscribe for more RHCSA exam labs and hands-on tutorials! π
