SUSE Linux Enterprise Server Administration (Course 3037) 2-1 SUSE Linux Enterprise Server Administration (Course 3037) 1-4188-3731-8 Chapter 2 Answers Review Questions 1. What command could you use to view your primary UID and GID? _____ ANSWER: id 2. Which of the following field are stored in the /etc/passwd file? (Choose all that apply.) a. UID b. Comments c. Home directory d. Standard shell ANSWER: a,b,c,d 3. What is the default group scheme used in SLES? _____ ANSWER: Public scheme 4. Which UIDs are used for special system users? a. 0-99 b. 100-499 c. 500-999 d. 1000-4999 ANSWER: b 5. You have added information to the /etc/passwd file. What command can be used to create the appropriate lines in /etc/shadow? _____ ANSWER: pwconv 6. Which of the following files could you edit to create groups and add members to those groups? a. /etc/passwd b. /etc/shadow c. /etc/groups d. /etc/group ANSWER: c SUSE Linux Enterprise Server Administration (Course 3037) 2-2 7. Which of the following files are used to obtain default user account settings when you create a user with the useradd command? (Choose all that apply.) a. /etc/default/useradd b. /etc/skel c. /etc/login.defs d. /etc/useradd.default ANSWER: a,c 8. Which command can be used to change the UID of the user dgrant to 1601? _____ ANSWER: usermod –u 1601 dgrant 9. What two commands below can be used to create the group research and add the user dgrant to it? a. groupmod –A dgrant research b. groupadd –p research c. groupadd research d. groupmod –A research dgrant ANSWER: a,c 10. Which of the following files contain login messages? (Choose all that apply). a. /etc/issue b. /etc/login.defs c. /etc/login d. /etc/motd ANSWER: a,d 11. Which of the following lines in /etc/sudoers will give the user bob the right to run the useradd command on all computers? a. bob /sbin/useradd = all b. /sbin/useradd all = bob c. bob all = /sbin/useradd d. /sbin/useradd bob = all ANSWER: c 12. Which YaST security level is recommended for a network server? a. Level 1 b. Level 2 c. Level 3 d. Level 4 ANSWER: c 13. What would you type at a command prompt to execute a program called prog1 in your current directory if the current directory is not in your path statement? _____ SUSE Linux Enterprise Server Administration (Course 3037) 2-3 ANSWER: ./prog1 14. Which of the following directory permissions gives the owner the ability to list the contents of the directory? (Choose all that apply). a. rw-r-x-r-x b. rw-r--r-x c. r--rw-r-x d. -w-rw-r-x ANSWER: a,b,c 15. What command could you use change the owner to dgrant and the group owner to research for the file /etc/config? _____ ANSWER: chown dgrant.research /etc/config 16. What command could you use change the permissions on the file /etc/config to rw-rw-r-using octal notation? _____ ANSWER: chmod 664 /etc/config 17. What permissions does the system give to new files and directories by default prior to applying the umask? a. Files receive 666 and directories receive 666 b. Files receive 666 and directories receive 777 c. Files receive 777 and directories receive 666 d. Files receive 777 and directories receive 777 ANSWER: b 18. What will the permission be on a new directory if the umask is set to 027? _____ ANSWER: 640 (rw-r-----) 19. Which of the following commands will set the Sticky bit special permission on the directory /public? a. chmod 1777 /public b. chmod 2777 /public c. chmod 4777 /public d. chmod 7777 /public ANSWER: a 20. What command will set the immutable attribute on the file /etc/config? _____ ANSWER: chattr +i /etc/config 21. What the four possible fields in a PAM configuration file? SUSE Linux Enterprise Server Administration (Course 3037) 2-4 a. Session type, Control flag, Debug mode, Arguments b. PAM control, Module, Arguments, Restrictions c. Password, Module, Restrictions, Arguments d. Module type, Control flag, Module, Arguments ANSWER: d 22. Which of the following are good security practices? (Choose all that apply.) a. Assigning only necessary filesystem permissions b. Using passwords that are 4 characters long or longer c. Disabling unused network services d. Updating network software ANSWER: a,c,d 23. What command can you use to display failed logins _____ ANSWER: faillog Discovery Exercises Using the Skeleton Directory The contents of /etc/skel and /home/bozo should be identical. Deleting Users When a user is delete, the UID becomes the owner of any files or directories on the hard disk. When a new user is added with the same UID, they inherit the ownership of these files and directories. This can be useful when a new user replaces a user that has left the organization. If the new user is given the same UID as the old user, the new user can manage all the data files in the old user’s home directory, copy what they need to their own home directory and remove what they don’t need. Setting File Ownership and Permissions a. umask 222 b. mkdir /public chmod 1777 /public c. touch /public/test chown geeko.sys /public/test chmod 640 /public/test d. chattr +a /public/test SUSE Linux Enterprise Server Administration (Course 3037) Researching PAM Modules Not available – answers may vary. 2-5