≡ Menu

superuser

FreeBSD: Delete User Account Command

How do I remove the tom user under FreeBSD operating system using command line options?
[click to continue…]

How do I make a File "unalterable" (write protect) such as it cannot be changed or deleted even by root or superuser under Apple OS X UNIX operating systems?
[click to continue…]

Q. I’d like to create my root account in Linux. How do I do it?

A. Root user is superuser on a Unix / Linux system. Root user has all rights or permissions. . The root user can do many things an ordinary user cannot do on system such as start / stop services, grant / revoke any permissions, open ports (especially < 1024 ports), user management and much more. The root user is the most privileged user on the system and has absolute power over it. By default almost all Linux distributions and UNIX like operating system creates the root account at the time of installation. You don’t have to create a new root account. Use su or sudo command to run administrative task as the root user. Creating another root user can be a security risk. Root has a UID of zero in /etc/passwd. This means absolute control over the system for the root user. You can set any user id to 0 (zero) to grant unlimited permissions provided that you login as root. However some variants of UNIX provides additional account. For example BSD provides a toor ("root" backwards) account in addition to a root account. It is recommended that you use root only when required and there is no need to create a new root user account.

Q. How do I write protect file under Linux so that no one can modify it?

A. You need to use chattr command, which changes the file attributes on a Linux second extended file system. The chattr command supports various attributes.

A file with the i attribute cannot be modified: it cannot be deleted or renamed, no link can be created to this file and no data can be written to the file. Only the superuser or a process possessing the CAP_LINUX_IMMUTABLE capability can set or clear this attribute in other words you make a file unchangeable or unalterable.

For example if you want file /data/financial.txt unchangeable by anyone on your system, type the following command (login as the root user):
# chattr +i /data/financial.txt
Now no one can delete or modify file /data/financial.txt. To reset back permission, type the following command:
# chattr -i /data/financial.txt
Use lsattr command to lists the file attributes on a second extended file system. It is use to see attributes set by chattr command.
# lsattr financial.txt
Output:

----i------------ financial.txt

See also:

FreeBSD locking an account

The pw utility is a command-line utility for the FreeBSD system user and group files, allowing the superuser an easy to use and standardized way of adding, modifying and removing users and groups. Same utility provides ability to locking or unlocking FreeBSD user accounts.

FreeBSD locking an account command

Syntax:
pw lock {username}

Example

Lock user account named vivek. Login as a root user and type following command:

# pw lock vivek

FreeBSD unlocking an account command

Syntax:
pw unlock {username}

Example

Unlock user account named vivek. Login as the root user and type the following command:

# pw unlock vivek

See also: