Technical Analysys of Linux Distributions System Activities

Logging System
Applications can log in two ways: according to their autonomous logic or via the system's log daemon: syslog
The syslog daemon has /etc/syslog.conf configuration file: analyze it in order to know where logs are stored.
Usually the directory /var/log/ is used for the system logs

Task Scheduling
The are two common ways to schedule the unattended execution of programs: at and cron.
Usually at is installed without any default rule, cron, instead is installed and required for the execution of various system event (Read: NEVER disable cron).
Cron's system config file is /etc/crontab, users can store their own cron jobs in /var/spool/cron
Many distro provide (or require) anacron in order to execute "missed" cron jobs (planned at an hour when the system was off).

Users management
Linux/Unix is a full multiuser operating system, with a privileged user (root), system users used to launch system commands and daemons (lp, nobody, mail, news, uucp ...) and normal human interactive users.
The users database is /etc/passwd (its logic and syntax is the same for every Linux)
Every Linux stores users' passwords (and data) in /etc/shadow
Users can be placed in groups, defined in /etc/group
Systems's settings for UID/GID policy, password and login management are usually sotred in /etc/login.defs.
The standard user files (copied in its home directory, when a user is created) are in /etc/skel/
The commands useradd, userdel, usermod are the basic ones that can be used to handle users.
The command passwd is used to change password.
Every Linux distro provides its own text or graphical frontends for user management (sometimes more than one).