1
00:00:03,250 --> 00:00:09,080
In this lesson you'll learn how to disable delete and archive users on a Linux system.

2
00:00:09,080 --> 00:00:13,910
Now I've already booted up our local user's virtual machine here and I've logged into it.

3
00:00:14,120 --> 00:00:18,470
I'm still in vagrants home directory because I haven't changed into the shared directory of forward

4
00:00:18,470 --> 00:00:21,550
slash vagrant just yet and will do that later in the lesson.

5
00:00:21,560 --> 00:00:25,090
I just want to work in my home directory here for now.

6
00:00:25,340 --> 00:00:31,700
So far we've been using the example of creating users as an excuse to learn all kinds of shell scripting

7
00:00:31,700 --> 00:00:33,740
concepts and techniques.

8
00:00:33,800 --> 00:00:39,230
The last few lessons I've actually been preparing to write a script around deleting users.

9
00:00:39,290 --> 00:00:42,580
The main point isn't to have scripts that can create daily users.

10
00:00:42,590 --> 00:00:46,100
It's to learn techniques that you can use in any shellscript.

11
00:00:46,100 --> 00:00:51,380
Having said that you are going to write a script in the next assignment that will have you deleting

12
00:00:51,380 --> 00:00:54,500
users so you need to know how to delete users.

13
00:00:54,530 --> 00:00:55,870
So let's go ahead and cover that.

14
00:00:55,870 --> 00:01:01,140
Now the command to delete a user from the system is user Del.

15
00:01:01,160 --> 00:01:07,300
Now if you use our normal type command as a regular user you're probably going to get an error.

16
00:01:07,310 --> 00:01:12,170
So if I do this type a user DL says user.

17
00:01:12,170 --> 00:01:13,620
DLL not found.

18
00:01:13,730 --> 00:01:18,520
And let's see what happens with the which command which user DL.

19
00:01:18,580 --> 00:01:25,030
And it says there is no user DL and then it gives our path there which tells us that there's no user

20
00:01:25,030 --> 00:01:28,950
DL and user local bad news or bad news or local Hispanic cetera.

21
00:01:28,960 --> 00:01:34,720
It is our path and it's displaying there so just as the which command tells us the user DEL command

22
00:01:34,750 --> 00:01:37,060
is not in our path.

23
00:01:37,060 --> 00:01:39,780
We talked about paths earlier in the course.

24
00:01:39,880 --> 00:01:42,950
At this point there really is two options.

25
00:01:42,970 --> 00:01:47,840
One the user DEL command really doesn't exist it does not exist.

26
00:01:47,920 --> 00:01:54,030
Or two it in fact does exist but it just exists outside of our current path.

27
00:01:54,160 --> 00:01:58,690
So I quickly want to cover how to find a command that is not in your path because you may run into this

28
00:01:58,690 --> 00:01:59,950
from time to time.

29
00:01:59,950 --> 00:02:06,640
Now most Linux systems have locate installed and configured the locate command searches an index that

30
00:02:06,640 --> 00:02:14,200
is created by the update divi command the update command is typically scheduled to run once a day.

31
00:02:14,200 --> 00:02:20,470
This means that locate doesn't have up to the minute information but on the other hand it's a very fast

32
00:02:20,470 --> 00:02:26,260
it finds things in that pre-created or pre-populated database or index very fast.

33
00:02:26,260 --> 00:02:33,040
So if we do this when we type in the locate user Dell will get some results here and if we look at the

34
00:02:33,040 --> 00:02:40,210
top of our command we can actually see that the command resides in Fort Sless user for Espen forward

35
00:02:40,210 --> 00:02:43,600
slash user Dalle that's actually where the command lives.

36
00:02:43,750 --> 00:02:47,020
Now just to prove that locate isn't using real time data.

37
00:02:47,040 --> 00:02:51,100
Let's create a file called user Del and then try to find it with locate.

38
00:02:51,100 --> 00:02:55,670
So I'm just going to touch user Dell right here in my home directory.

39
00:02:55,720 --> 00:03:01,090
Again the touch command creates a file if it doesn't exists or if the file exists it touches it and

40
00:03:01,090 --> 00:03:03,550
updates its time stamp.

41
00:03:03,550 --> 00:03:11,200
So sure enough user DL is on our system and if we type locate user DL We don't see anything about vagrants

42
00:03:11,200 --> 00:03:12,350
home directory.

43
00:03:12,640 --> 00:03:18,070
So if we force an index update we should be able to find that user Idel file that we placed into vagrants

44
00:03:18,070 --> 00:03:20,390
home directory by using the touch command.

45
00:03:20,560 --> 00:03:26,770
And by the way to run update D-B you need root privileges because what it does is search is the entire

46
00:03:26,770 --> 00:03:33,010
file system and you don't have permissions to every single file as a regular user such that vagrant

47
00:03:33,070 --> 00:03:40,570
is there will do this sudo update DBI and let that run for a second here and once that is done now we

48
00:03:40,570 --> 00:03:48,400
can do locate a user Dell and now at the very top of the output you see Ford slash home vagrant user

49
00:03:48,450 --> 00:03:50,300
Dell that file we just created.

50
00:03:50,560 --> 00:03:57,100
Let me take a step back so I would first use the locate command and actually since I'm looking for a

51
00:03:57,100 --> 00:03:59,380
binary or an executable file.

52
00:03:59,470 --> 00:04:03,730
I would limit my search to only include things in the bin directory.

53
00:04:03,730 --> 00:04:10,390
Let's now take the standard output of the locate command and send it as standard input to the grip command

54
00:04:10,840 --> 00:04:16,040
the grip command displays matches to a pattern and discard everything else.

55
00:04:16,240 --> 00:04:23,590
So if we do locate a user Del pipe that into grap in our search pattern is simply going to be the characters

56
00:04:23,590 --> 00:04:26,260
be in and hit enter.

57
00:04:26,590 --> 00:04:29,500
So this really really narrows it down for us.

58
00:04:29,500 --> 00:04:35,110
We see two possible options and obviously the one at the bottom there user ESPNews or Del is what we're

59
00:04:35,110 --> 00:04:36,170
looking for.

60
00:04:36,190 --> 00:04:41,420
Sometimes the file you're looking for is not in a place where you have read permissions.

61
00:04:41,440 --> 00:04:44,700
The locate command honors those permissions.

62
00:04:44,860 --> 00:04:50,050
So if we do something like this locate dot bash RC and hit enter.

63
00:04:50,050 --> 00:04:55,650
We only see SC scaled up bash RC and then the bash RC in our home directory.

64
00:04:55,780 --> 00:04:58,590
Now let's run that same command with root privileges.

65
00:05:00,730 --> 00:05:07,600
Now we see all the dot bash RC files on the system as the vagrant user we don't have permission to look

66
00:05:07,600 --> 00:05:10,020
inside root's home directory for example.

67
00:05:10,180 --> 00:05:15,310
So if we do this LS Tesch l root bash R C we get an error.

68
00:05:15,310 --> 00:05:16,210
Permission denied.

69
00:05:16,210 --> 00:05:19,160
We can't look at anything in root's home directory by default.

70
00:05:19,450 --> 00:05:23,140
So if we use root permissions we can now see the file.

71
00:05:23,290 --> 00:05:29,980
By the way the quick little thing I did there the double exclamation marks or Bang Bang actually represents

72
00:05:29,980 --> 00:05:32,410
the most recently executed command.

73
00:05:32,440 --> 00:05:36,200
So if you want to execute the most recent command with root privileges.

74
00:05:36,250 --> 00:05:38,490
Use the shortcut Sea-Doo space.

75
00:05:38,500 --> 00:05:39,850
Bang bang.

76
00:05:39,880 --> 00:05:45,760
The command that will be executed actually gets displayed to the screen first and then any output generated

77
00:05:45,760 --> 00:05:48,100
by that command is displayed.

78
00:05:48,100 --> 00:05:55,990
So here we can see that sudo bing bang expands to Sea-Doo space LS shell or slash root for Slash dash

79
00:05:55,990 --> 00:06:00,470
bash RC and then the output of that command follows.

80
00:06:00,550 --> 00:06:03,430
So that's just another quick shell tip for you right there.

81
00:06:03,430 --> 00:06:05,970
Thone in the middle of this lesson.

82
00:06:05,980 --> 00:06:12,100
Anyway my point here is that sometimes you need to use root privileges to find a file because you do

83
00:06:12,100 --> 00:06:16,930
not have permissions to view that file as your own normal regular user.

84
00:06:17,230 --> 00:06:23,170
Let's say locate isn't installed are configured so what would you try next.

85
00:06:23,170 --> 00:06:29,170
Well I would use my knowledge of the Linux file system hierarchy and then start looking in places where

86
00:06:29,170 --> 00:06:30,450
the file might live.

87
00:06:30,610 --> 00:06:36,730
For example if I'm looking for a configuration file I would start looking and forward slash ETSI or

88
00:06:36,730 --> 00:06:38,590
forward slash ATC.

89
00:06:38,770 --> 00:06:43,930
But since we're looking for an executable also called a binary I would look in bin directory.

90
00:06:43,930 --> 00:06:52,820
So let's do this here it looks like Ford slash bin is a symlink to user bin and S-band is actually a

91
00:06:52,820 --> 00:06:59,540
symlink to user Esben and most modern Linux systems this will be the case but on some older Linux distros

92
00:06:59,540 --> 00:07:05,210
or on some Unix systems you might find that they are actually different directories with different contents.

93
00:07:05,210 --> 00:07:11,530
So let's go ahead and look in user bin and see if user data is there.

94
00:07:11,540 --> 00:07:13,600
No no such file or directory.

95
00:07:13,610 --> 00:07:16,880
And by the way when you see no such file a directory please believe it.

96
00:07:16,880 --> 00:07:22,350
It's telling you that the file doesn't exist or the file that you specified does not exist.

97
00:07:22,360 --> 00:07:23,480
Anyway let's try it.

98
00:07:23,480 --> 00:07:25,930
End user Espen user.

99
00:07:26,450 --> 00:07:27,740
Here we don't get an error.

100
00:07:27,740 --> 00:07:32,660
We get some valid LS output that shows us that the file does exist.

101
00:07:32,660 --> 00:07:38,090
Actually I probably could have shortened up my search just a little bit here because user Dell is a

102
00:07:38,090 --> 00:07:44,980
system administration type of command Now system and then commands are usually found in s bin directories.

103
00:07:45,050 --> 00:07:50,720
Normal commands that all users can run are found in bin directories for example LS is a command that

104
00:07:50,810 --> 00:07:51,620
everyone needs.

105
00:07:51,620 --> 00:07:53,570
Not just a system administrator.

106
00:07:53,570 --> 00:07:57,180
So it's found in user bin.

107
00:07:57,270 --> 00:08:03,960
There is another way to find files and that is where the find to command unlike locate find looks at

108
00:08:03,960 --> 00:08:10,710
files in real time which makes it slower than locate but yet up to date there are a lot of options to

109
00:08:10,710 --> 00:08:14,360
the find command and I'm not going to go through each and every one of them.

110
00:08:14,460 --> 00:08:19,290
But here's just a very quick crash course and how to use the find command.

111
00:08:19,320 --> 00:08:25,560
Now the format of the line command is find followed by the path to search in followed by any options

112
00:08:25,560 --> 00:08:27,930
expressions or search patterns.

113
00:08:27,930 --> 00:08:32,170
If you don't get find a path it starts searching in your current directory.

114
00:08:32,370 --> 00:08:35,960
So let's look in the user bin directory Sophies find.

115
00:08:36,030 --> 00:08:39,210
Follow that with a path and then hit enter.

116
00:08:39,210 --> 00:08:43,990
Here it just lists all the files in that directory because we haven't narrowed down our search.

117
00:08:44,010 --> 00:08:49,170
And by the way it not only list the files in that directory it would list any files of any subdirectories

118
00:08:49,170 --> 00:08:51,480
and any files within those subdirectories and so on.

119
00:08:51,510 --> 00:08:55,080
To say it another way find searches recursively.

120
00:08:55,080 --> 00:09:00,650
Now let's tell it the name of the file We're looking for so we can do this find user Espin and there

121
00:09:00,650 --> 00:09:05,250
is an option called Dasch name and then we supply that with the name of the file We're looking for.

122
00:09:05,250 --> 00:09:12,010
We're looking for user Del OK admittedly that was too easy because we already knew where to find the

123
00:09:12,020 --> 00:09:14,540
user command and I was teaching a little bit there.

124
00:09:14,700 --> 00:09:20,730
But if you have no idea where the file exists you can search the entire file system starting at the

125
00:09:20,730 --> 00:09:21,620
root.

126
00:09:21,630 --> 00:09:26,490
I don't necessarily always recommend this approach especially if you're working on a system that has

127
00:09:26,490 --> 00:09:29,990
a lot of files on it but it will work.

128
00:09:30,030 --> 00:09:36,460
So let's do find slacks with a dash name of user Del here.

129
00:09:36,460 --> 00:09:39,470
We're seeing a lot of permission denied errors.

130
00:09:39,580 --> 00:09:45,110
There are two ways around this one is just to send all those error messages to dev null.

131
00:09:45,190 --> 00:09:48,310
So we don't have to look at them and let's try that here now.

132
00:09:48,310 --> 00:09:53,980
So we know that error messages are displayed on standard error and standard error is represented by

133
00:09:53,980 --> 00:09:55,510
a file descriptor too.

134
00:09:55,530 --> 00:10:02,200
So we'll use file descriptor to and redirect that to the bitbucket also called forward slash def afford

135
00:10:02,260 --> 00:10:04,780
slash null and hit enter.

136
00:10:04,780 --> 00:10:09,730
Now we don't get any of those air messages to our screen because they were redirected into dev know

137
00:10:09,730 --> 00:10:16,260
which does nothing with them it just Those them away and we're left with all the matches to the user

138
00:10:16,270 --> 00:10:19,140
Dell name without any of the errors.

139
00:10:19,150 --> 00:10:22,370
So in this particular case we find the file that we're looking for.

140
00:10:22,420 --> 00:10:28,300
But what if the file we were looking for is really somewhere where we need root permissions or a place

141
00:10:28,300 --> 00:10:33,520
where our particular user does not have permissions to view in that particular case you want to run

142
00:10:33,520 --> 00:10:34,790
the command as a route.

143
00:10:34,930 --> 00:10:35,840
So we can do this.

144
00:10:35,860 --> 00:10:39,900
So you do find slash and the name of use of Dell.

145
00:10:40,030 --> 00:10:44,390
There is so much more to the find command and there's so much more you can do.

146
00:10:44,490 --> 00:10:49,020
But this little crash course will really get you started and pointed in the right direction.

147
00:10:49,300 --> 00:10:54,820
So at this point we've proven that user Dell exists even if the type in which commands do not provide

148
00:10:54,820 --> 00:10:59,050
any information on those commands due to the settings of our path.

149
00:10:59,110 --> 00:11:02,180
However user Dell will be and root's path.

150
00:11:02,350 --> 00:11:04,300
So I'm going to switch to the root user.

151
00:11:04,360 --> 00:11:10,350
You're on the vaguer system by the way the root password is also vagrant V.A g r E.A. and hit enter

152
00:11:10,360 --> 00:11:17,520
now the root user and if I type type cache user or Del I'm going to see where the user del command resides.

153
00:11:17,650 --> 00:11:20,520
All right I'm going to get out of the root account here and back to vagrant.