LFS101x: Chapter 12 - User Environment

User Environment

Accounts, Users and Groups

Identifying the current user
  • whoami (Identifies who the current user is)
  • who (Lists the currently logged-on users)   * who -a (Lists the currently logged-on users with more detailed information)
User Startup Files

In Linux, the command shell program (generally bash) uses one or more startup files to configure the user environment

  • Files in the /etc directory define global settings for all users, while initialization files in the user's home directory can include and/or override the global settings

\

  • The startup files can do anything the user would like to do in every command shell, such as Customizing the prompt Defining command line shortcuts and aliases Setting the default text editor Setting the path for where to find executable programs

\

  • The order of the Startup Files standard prescription is that when you first log in to Linux, /etc/profile is read and evaluated, after which the following files are searched (if they exist) in the listed order ~/.bash_profile ~/.bash_login ~/.profile ~/. denotes the user's home directory

  \

  • The Linux login shell evaluates whatever startup file that it comes across first and ignores the rest   * This means that if it finds ~/.bash_profile, it ignores ~/.bash_login and ~/.profile

    \

  • Different distributions may use different startup files   * However, every time you create a new shell, terminal window, etc., you don't perform a full system login

    \   * Only a file named ~/.bashrc file is read and evaluated     * Although this file isn't read and evaluated along with the login shell, most distribution and/or users include the ~/.bashrc file from within one of the three user-owned startup files

      \   * Most commonly, users only fiddle with ~/.bashrc, as it's invoked every time a new command line shell initiates, or another program is launched from a terminal window, while the other files are read and executed only when the user first logs onto the system     * Recent distributions sometimes don't even have .bash_profile and/or .bash_login, and some just do little more than include .bashrc

Creating Aliases

You can create customized commands or modify the behavior of already existing ones by creating aliases

  • Most often, these aliases are placed in your ~/,bashrc file so they're available to any command shells you create

  \

  • Typing alias with no arguments will list currently defined aliases   * Please note there should not be any spaces on either side of the equal sign and the alias definition needs to be placed within either single or double quotes if it contains any spaces

    \   * Ex: alias cdtmp='cd /tmp' is used to create an alias cdtmp for cd /tmp Typing unalias removes an alias

Basics of Users and Groups

All Linux users are assigned a unique UID (User ID), which is just an integer

  • Normal users start with a UID of 1000 or greater

  \

Linux uses groups for organizing users Groups are collections of accounts with certain shared permissions

  • Control of group membership is administered through the /etc/group file, which shows a list of groups and their members

   

  • By default, every user belongs to a default group   * When a user logs in, the group membership is set for their primary group and all the members enjoy the same level of access and privilege

    \

  • Permissions on various files and directories can be modified at the group level

  \

  • Users can also have one or more GID (Groupd IDs), including a default one which is the same as the user ID   * These numbers are associated with names through the files /etc/passwd and /etc/group

    \

  • Groups are used to establish a set of users who have common interests for the purposes of access rights, privileges, and security considerations   * Access rights to files and devices are granted on the basis of the user and the group they belong to

    \   * ex: /etc/passwd might contain George:x:1002:1002:George Metesky:/home/george:/bin/bash and /etc/group might contain George:x:1002

Adding and Removing Users

Distributions have straightforward graphical interfaces for creating and removing users and groups and manipulating group membership

  • However, it's often useful to do it from the command line or from within shell scripts

  \

  • Only the root user/superuser can add and remove users and groups Adding a new user is done with useradd   * ex: $ sudo useradd userX

    \

  • Removing an existing user is done with userdel   * ex: $ sudo userdel userX

    \   * ex: An account for the new user bjmoose would be done with sudo useradd bjmoose which, by default, sets the home directory to /home/bjmoose, populates it with some basic files (copied from /etc/skel) and adds a line to /etc/passwd such as bjmoose:x:1002:1002::/home/bjmoose:/bin/bash and sets the default shell to /bin/bash

    \   * Removing a user account is as easy as typing userdel bjmoose     * However, this will leave the /home/bjmoose directory intact

      \     * This might be useful if it is a temporary inactivation

      \

  • To remove the home directory while removing the account one needs to use the -r option to userdel

  \

  • Typing id with no arguments gives information about the current user   * If given the name of another user as an argument, id will report information about that other user

    \

Adding and Removing Groups
  • Adding a new group is done with groupadd: sudo /usr/sbin/groupadd GROUP-NAME

  \

  • Removing a group can be done with groupdel: sudo /usr/sbin/groupdel GROUP-NAME

  \

  • Adding a user to an already existing group can be done with usermod   * Ex: First you would look at what groups the user already belongs to: groups USER-ID And then add the new group: sudo /usr/sbin/usermod -a -G GROUP-NAME USER-ID -a for append -G must give a complete list of groups groupmod can be used to change group properties, such as the gid (Group ID), with the -g option or its name with then -n option

    \

The root/superuser/administrator Account

You can use sudo to assign more limited privileges to user accounts: Only on a temporary basis Only for a specific subset of commands

  • Using sudo is less dangerous and is preferred

  \

  • By default, sudo must be enabled on a per-user basis   * However, some distributions, such as Ubuntu, enable it by default for at least one main user, or give this as an installation option

    \

When assigning elevated privileges, you can use the command su (switch or substitute user) to launch a new shell running as another user

  • You must type the password of the user you're becoming

  \

  • Most often, this other user is root, and the new shell allows the use of elevated privileges until it's exited   * It's almost always a bad (dangerous for both security and stability) practice to use su to become root, since resulting errors can include deletion of vital files from the system and security breaches

    \

Elevating to root Account
  • To temporarily become the superuser for a series of commands, you can type su and then be prompted for the root password

  \

  • To execute just one command with root privilege type sudo   * When the command is complete, you'll return to being a normal unprivileged user

    \

  • sudo configuration files are stored in the /etc/sudoers file and in the /etc/sudoers.d/ directory   * By default, the sudoers.d directory is empty

\

Environmental Variables

Environment variables are quantities that have specific values which may be utilized by the command shell, such as bash, or other utilities and applications

  • Some environment variables are given preset values by the system (which can be overridden), while others are set directly by the user, either at the command line or within the startup and other scripts

  \

  • An environment variable is actually just a character string that contains information used by one or more applications   * There are a number of ways to view the values of currently set environment variables: You can either type set, env, or export     * Depending on the state of your system, set may print out many more line than the other two methods

      \     * export PS1='\w$ ' will set your bash prompt to include the current working directory

Setting Environment Variables

By default, variables created within a script are only available to the current shell

  • Child processes (sub-shells) will not have access to values that have been set or modified   * Allowing child processes to see the values requires the use of the export command

    \

  • echo $SHELL (Shows the value of a specific variable)

  \

  • export VARIABLE=value or VARIABLE=value; export VARIABLE (Exports a new variable value)

  \

  • Edit ~/.bashrc and add the line export VARIABLE=value (Adds a variable permanently)

\

  • You can also set environment variables to be def as a one-shot to a command as in: SDIRS=s_0* KROOT=/lib/modules/$(uname -r) /build make modules_install, which feeds the values of the SDIRS and KROOT environment variables to the command make modules_install
The HOME Variable

HOME is an environment variable that represents the home (or login) directory of the user

  • cd without arguments will change the current working directory to the value of HOME

  \   * cd $HOME and cd ~ are completely equivalent statements

    $ echo $HOME

    /home/me

    $ cd /bin

    Show the value of the HOME environment variable, then change the directory (cd) to /bin.

    $ pwd /bin

    Where are we? Use print (or present) working directory (pwd) to find out

    As expected, /bin. $ cd

    Change the directory without an argument…

    $ pwd /home/me …takes us back to HOME, as you can now see.

The PATH Variable

PATH is an ordered list of directories (the path) which is scanned when a command is given to find the appropriate program or script to run

  • Each directory in the path is separated by colons (:)

  \

  • A null (empty) directory name (or ./) indicates the current directory at any given time   * ex: :path1:path2 (There's a null directory before the first colon)

    \   * ex: path1: :path2 (There's a null directory between path1 and path2)

    \

  • To prefix a private bin directory to your path:   * $ export PATH=$HOME/bin:$PATH

    $ echo $PATH

    /home/student/bin:/usr/local/bin:/usr/bin:/bin/usr

The SHELL Variable

The environment variable SHELL points to the user's default command shell (the program that's handling whatever you type in a command window, usually bash) and contains the full pathname to the shell:

  • $ echo $SHELL

  /bin/bash $

The PS1 Variable and the Command Line Prompt

PS (Prompt Statement) is used to customize your prompt string in your terminal windows to display the information you want

  • PS1 is the primary prompt variable which controls what your command line prompt looks like

Recalling Previous Commands

Recalling Previous Commands

bash keeps track of previously entered commands and statements in a history buffer

  • You can recall previously used commands by using the Up and Down cursor keys   * To view the list of previously executed commands, type history at the command line

    \

  • The list of commands is displayed with the most recent command appearing last in the list   * This information is stored in ~/.bash_history and if you have multiple terminals open, the commands typed in each session aren't saved until the session terminates
Using History Environment Variables

Several associated environment variables can be used to get information about the history file

  • HISTFILE (The location of the history file)

  \

  • HISTFILESIZE (The maximum number of lines in the history file (default 500)

  \

  • HISTSIZE (The maximum number of commands in the history file)

  \

  • HISTCONTROL (How commands are stored)

  \

  • HISTIGNORE (Which command lines can be saved)

  \

  • etc. (Type man bash for a complete description)
Finding and Using Previous Commands

There are specific keys that are used to perform specific tasks

  • Up/Down arrow keys (Browse through the list of commands previously executed)

  \

  • !! (Pronounced as bang-bang, executes the previous command)

  \

  • CTRL-R (Search previously used commands) If you want to recall a command in the history list, but don't want to press the arrow key repeatedly, you can press

   

  • CTRL-R to do a reverse intelligent search   * As you start typing, the search goes back in reverse order to the first command that matches the letters you have typed and by typing more successive letters, you make the match more and more specific
Executing Previous Commands
  • ! (Starts a history substitution) !$ (Refers to the last argument in a line)   
  • !n (Refers to the nth command line)   
  • !string (Refers to the most recent command starting with the specified string)   
  • etc.
Keyboard Shortcuts
  • CTRL-L (Clears the screen)

  \

  • CTRL-D (Exits the current shell)

  \

  • CTRL-Z (Puts the current process into the suspended background)

  \

  • CTRL-C (Kills the current process)

   

  • CTRL-H (Works the same as backspace)

  \

  • CTRL-A (Goes to the beginning of the line)

  \

  • CTRL-W (Deletes the word before the cursor)

  \

  • CTRL-U (Deletes from the beginning of the line to the current cursor position)

  \

  • CTRL-E (Goes to the end of the line)

  \

  • Tab (Auto-completes files, directories, and binaries) etc.

File Permissions

File Ownership

In Linux and other UNIX-based OSes, every file is associated with a user who is the owner

  • Every file is also associated with a group (a subset of all users) which has an interest in the file and certain rights, or permissions: read, write and execute   * Examples of utility programs that involve user and group ownership and permission setting:

    \     * chown (Used to change user ownership of a file or directory)

      \     * chgrp (Used to change group ownership)

      \     * chmod (Used to change the permissions on the file, which can be done separately for owner, group and the rest of the world (often named as other))

File Permission Modes and chmod

Files have three kinds of permissions: read (r), write (w) and execute (x), which are generally represented as in rwx These permissions affect three groups of owners:

  • user/owner (u)
  • group (g)
  • others (o)

  \

  • As a result, you have three groups of three permissions rwx: u rwx: g rwx: o

  \

There are many different ways to use chmod

  • Ex: Give the owner and others execute permission and remove the group write permission   * $ ls -l somefile -rw-rw-r-- l student student 1601 Mar 9 15:04 somefile

    $ chmod uo+z, g-w somefile

    $ ls -l somefile -rwxr--r-x l student student 1601 Mar 9 15:04 somefile

    \

There's a shorthand often used that lets you set all the permissions in one step

  • This is done with a simple algorithm, and a single digit suffices to specify all three permission bits for each entity   * 4 if read permission is desired   * 2 if write permission is desired   * 1 if execute permission is desired

    \   * ex: 7 means rwx, 6 means rw- and 5 means r-x   * When you apply this to the chmod command, you have to give three digits for each degree of freedom (ex: chmod 755 somefile)

Changing file ownership using chown

First, we create two empty files using touch

  • Second, use chown to change the owner of the file to root   * Third, the second chown command changes both owner and group at the same time     * Finally, only the superuser can remove the files

\