A user‘s primary group (GID) is defined by the fourth field of the /etc/passwd file.

test2:!$6$eWDJHU5C$OLDNPq/Z6Rf4kY7GQUzzwbJpzJ:17473:0:10:3::: based on this structure:

test2: The login name.
!$6$eWDJHU5C$OLDNPq/Z6Rf4kY7GQUzzwbJpzJ: The password field. The ! at the beginning indicates that the user account is locked. This confirms “User login is locked“ is correct.
17473: Number of days since January 1, 1970, that the password was last changed. (This specific date calculation isn‘t part of the options to evaluate, but it‘s the last change date).
0: Minimum number of days between password changes. This means the user can change their password immediately after the previous change (0 days). This makes “The user can only change his password after 3 days of the previous exchange“ incorrect.
10: Maximum number of days the password is valid. This means the user must change their password every 10 days at most. This confirms “The user must change their password every 10 days at the most“ is correct.
3: Number of days before the password expires that the user will be warned. This confirms “User will be alerted 3 days before your password expires“ is correct.
:::: The remaining fields (days for account inactivity after password expires, account expiration date, and a reserved field) are empty or not explicitly set. The option “No description, or full name, has been defined for the user test2“ refers to information typically found in /etc/passwd (the GECOS field), not directly in the /etc/shadow entry provided. While often true in practice if not set in /etc/passwd, this specific shadow entry doesn‘t directly convey that information. The question asks what can be determined from the given entry. Therefore, this statement is not directly derivable from the shadow entry itself.

The chsh command will ask the user which shell it wants to use by default and this setting will be included in the /etc/passwd file, taking effect at the next user login.

Personal environment files run in sequence, .bash_profile, .bash_login, and .profile, so only the first found script will run.

The /etc/profile file runs in the login process of all users but can only be edited by the system administrator (root) user.

The -x option, besides verifying that the file exists, verifies that it has the execute permission, similar function of the -r (read/read) and -w (write/write) options. Other important options for files are -f that checks whether the file exists and whether it is a regular file (not a directory or device) and the -e option that only checks to see if the file exists.

At the moment the script arrives at the “read AGE“ statement, the script will wait for the user entry, which will be assigned to the variable AGE.

After the statement if a command must be informed, it can be either the test command to generate a condition, or a normal command, like a grep for example, the execution of this command will generate an exit code, 0 is considered true, and different from 0 false. The while statement executes the loop while the given condition is true, the until statement executes the loop until the informed statement is true.

Replacing commands can be done by using the command between statements ′command′, or within $(command).

The Display Manager is responsible for controlling the graphic login interface in the graphical environment, the initial screen where the user is informed and the password. As an example we have LightDM, GDM, XDM, LXDM and etc.

xhost is used to list, add and remove IP, Networks, or Host that may or may not have remote access to the X server. xauth allows this control based on hashs, or magic cookies, that are stored in the ~/.Xauthority file .

GNOME, KDE and Xfce are Desktop Environments, besides these we have LXDE, MATE, Cinnamon and several others. XDM is a Display Manager and Mint comes from the Linux Mint distribution, which is different from an DE.

With “Bounce Keys“ enabled, if the user presses the same keys two or more times quickly, the key will be registered only once. The “Sticky Keys“ is used in case the user is not able to press two keys at the same time.

In the /etc/group file you can see both the primary group and the additional groups of each user. /etc/passwd will only show the primary group.

Both usermod and passwd can be used to remove lock from an account.

The –verify option has the function of analyzing the signature entered in a file, and verifying that it is valid based on the keys that the system has.

The main configuration file is /etc/rsyslog.conf but most of the settings are referenced in the files in the /etc/rsyslog.d/ directory.

In the chage command, the -M option sets the maximum number of days that the password can be kept before it is changed.

A job scheduled by at can be removed by the atrm command, however the “at -r“ and “at -d“ options are also supported.

The “crontab -l“ command lists the schedules of the current user. The root user can also use the -u option to view schedules for a specific user.

The 5 fields of a crontab schedule are: minute hour day-of-month month day-of-week. The * indicates all values (in all minutes, all hours, every day of the month). The last field is referring to the day of the week, 0 and 7 indicate Sunday, 1 = Monday, 2 = Tuesday, 3 = Wednesday, 4 = Thursday, 5 = Friday and 6 = Saturday.

The systemd-run command creates a job in systemd-timers according to the options used. The –on-active option is equivalent to OnActiveSec and sets a time from running the timer itself.

A user can manually configure the TZ environment variable, or set it in any of the environment definition files (.profile, .bashrc) so that your session uses a different time zone than the machine default.

The /etc/localtime file can be either a link to one of the /usr/share/zoneinfo/ files, or a copy of one of those files. The tzselect command only shows the timezone corresponding to a region, but does not make any settings. The /etc/localtime file will have a binary content and can be viewed by the command “zdump -v“

Linux systems by default use UTF-8. ISO-8859-1 is normally associated with Windows systems. The iconv command can be used to convert from one format to another.

To set the date and time display format of the date command, there are several options that must be included after the + prompt. Among them we have %H = hour in the format 0-23, %M = minutes, %m = month, %I = time in the formed 01-12, among several others.

The ntpq command can be used in interactive mode or together with several options. As an example, the “ntpq -p“ command displays the status and statistics of each server queried by the service.

The timedatectl command displays among other information whether the system is in sync via NTP or another related service.

The “daily“ option causes the file to be rotated daily. “Rotate 7“ indicates that 7-turn logs will be kept, in the case 7 days. The “compress“ option indicates that the files will be compressed, and by default gzip is used.

The order of priority, from the most critical is: emerg, alert, crit, err, warning, notice, info, debug, none

The -l option on netcat (or nc) causes it to go into listen mode and the -p option indicates the port to be activated.

These are specific versions for testing hosts with IPs in IPV6 format. Ping uses ICMP, traceroute can use ICMP or UDP, and tracepath uses UDP.

The configuration included in the /etc/aliases file of the statement says that messages sent to the email [email protected] will be forwarded to the users mary and paul, which really must exist in the system.

Every user can create and configure the .forward file to perform this redirection. Only the root user can configure the /etc/aliases file.

The /var/mail/ directory contains a file with the name of each user that has received messages. Another directory that may have the same function is /var/spool/mail, but in general it is a link to the /var/mail/

The lpq command, without arguments shows the jobs of the default print queue, with the -P option you can see a specific print queue and with -a the print queues of all printers are displayed.

Without arguments the lprm removes only the last job sent to the queue. Using – all that user‘s jobs are removed from the queue.

CIDR /28 is equivalent to the mask 255.255.255.240, which divides a network into 16 subnets, each with 14 hosts. An example is the subnet with network address 192.168.1.0 and broadcast 192.168.1.15, with 0 and 15 not usable by hosts, with 14 addresses remaining. One tip is that it will always be an even number.

Port 110 is the port used by POP3, a protocol used to transfer messages from an e-mail server to a local machine through an e-mail client.

The /etc/services file contains a list of all known ports and which service or protocol each is associated with.

The main difference between the TCP and UDP protocols is that TCP controls the transmission of data, which means that applications that use UDP need to perform the necessary controls themselves. Another consequence is that transmissions that use UDP tend to be faster because there are no internal control processes to be followed.

The /etc/hostname file simply contains the machine name information. The same information is returned by the command “hostname“.

In general, the operations related to wireless networks are made with the “device wifi“ options, in which case the list option displays the SSIDs visible to the network card. The rescan option can be used to search for new SSIDs.

The namserver parameter is used to indicate one or more DNS servers.

The ifup and ifdown commands can be used to enable or disable an interface based on the /etc/network/interfaces (Debian Standard) or /etc/sysconfig/network-scripts/ (RedHat Standard) settings.

The .inputrc file can be used in configuring shortcut keys and how the shell responds to the keys.

Records are persistently stored in the /var/log/journal/ directory. When using volatile storage, the directory used is /run/log/journal/.

The gateway, or also called the “default route,“ is essential for the system to have external access to your network, usually the Internet. The command “ip route add default via IP“ adds this route, you can also inform the interface at the end of the command as “dev iface“.

By default ping will send packets until the command is canceled, with a Ctrl C for example. The -c option specifies how many packets to send, for example: ping -c4 destination

The getent command can be used to get various information referenced in the /etc/nsswitch.conf file, including host, user, group, and so on configurations.

The systemd-resolved service uses the DNS servers configured to do name resolution for local applications, including implementing features such as caching and security validations.

In this case attention to the difference between account expiration and password. The usermod -e command sets the account expiration date. Chage -I sets account inactivation and passwd -e forces account expiration.

lsof is used to list the files opened by processes and with this it is possible to obtain the desired information. The netstat command can also be used but the syntax shown is not correct.

The last command displays the last logins on the machine. Lastlog shows only the last login of each user on the system. Who displays the logged in users and lastb the last occurrences of login failures.

In the file /etc/hosts.allow or hosts.deny, the service will come at the beginning of the line or ALL is used for all, after the : (colon) are listed the IPs or Networks that can or can not use the resource.

In the settings of a service in the xinetd.conf file, the “disable = yes“ parameter will make the service unavailable even though it is configured.

The pwconv command creates the /etc/shadow file from the /etc/passwd file, leaving the passwords in the default shadow, which is the current Linux standard.

The keys are located in the $HOME/.ssh/directory. In the case of a key that uses the RSA algorithm, the id_rsa file contains the private key and the id_rsa.pub file the public key. Other algorithms (DSA, ECDSA, ED25519 and etc) will follow the same pattern of names.

The keys used by gpg are located in the $HOME/.gnupg/ directory and the pubring.gpg file contains public keys already received by the user.

The X11Fordwarding option enables the SSH server to receive connections that will access applications in the X Window System.