Day 8 of my #1HourADayJourney. Today, I shifted roles from a "Fortress Guardian" to a System Administrator. A huge part of securing any database or server environment is managing the human elementβonboarding new talent and securing the accounts of those who leave.
π οΈ The System Admin's Toolkit
Todayβs focus was the full lifecycle of a user account. Here is what I practiced:
1. Onboarding a New Developer
To add a new team member, I learned how to create an account with a pre-configured home directory (essential for workspace persistence):
# -m ensures the home directory /home/b.smith is created
sudo useradd -m b.smith
sudo passwd b.smith
2. Group Membership (The 'Append' Rule)
When adding users to groups, never forget the -a flag. If you run usermod -G without it, the user will be removed from all their previous groups.
# -a (append) -G (groups)
sudo usermod -aG developers b.smith
3. Securing Departing Employees (The 'Lock' Protocol)
In a security audit scenario, you rarely want to userdel (delete) an account immediately, as you need their data preserved for legal reasons. Instead, we "lock" the account:
# This adds an '!' to the password field in /etc/shadow, disabling login
sudo passwd -l j.doe
Follow my journey: #1HourADayJourney
Top comments (0)