11.Invokes setpwnam() to update appropriate database files with the new shell.
12.Exits.
5.13.2User management
5.13.2.1useradd
The useradd program allows an authorized user to create new user accounts on the system. Refer to the useradd man page for more information. useradd generally follows these steps:
1.Sets language.
2.Invokes getpwuid (getuid()) to obtain the application user’s passwd structure.
3.Invokes pam_start() to initialize the PAM library, and to identify the application with a particular service name.
4.Invokes pam_authenticate() to authenticate the application user. Generates an audit record to log the authentication attempt and its outcome.
5.Invokes pam_acct_mgmt() to perform
6.Gets the default parameters for a new user account from /etc/default/useradd.
7.Processes
8.Ensures that the user account being created doesn’t already exist.
9.Invokes open_files() to lock and open authentication database files.
10.Invokes usr_update() to update authentication database files with new account information.
11.Generates audit records to log actions of the useradd command. Actions such as addition of new user, addition of user to a group, update of default user parameters, and creation of a user’s home directory.
12.Invokes close_files() to close authentication database files.
13.Creates a home directory for the new user.
14.Invokes pam_chauthok() to rejuvenate the user’s authentication tokens.
15.Exits.
5.13.2.2usermod
The usermod allows an administrator to modify an existing user account. Refer to the usermod man page for more detailed information on the usage of the command. usermod generally follows these steps:
1.Sets language.
2.Invokes getpwuid (getuid()) to obtain application user’s passwd structure.
3.Invokes pam_start() to initialize the PAM library, and to identify the application with a particular service name.
4.Invokes pam_authenticate() to authenticate the application user. Generates audit record to log the authentication attempt and its outcome.
5.Invokes pam_acct_mgmt() to perform
198