A User Account Can Be Locked With the Usermod Command Using What Option?
In Unix/Linux distributions, the control 'usermod' is used to alter or modify any attributes of a already created user account via control line. The command 'usermod' is similar to that 'useradd' or 'adduser' just the login granted to an existing user.
The control 'useradd' or 'adduser' is used for creating user accounts in Linux systems. To know more about on how to create system users, read our complete guide at:
- A Consummate Guide to "useradd" Command in Linux
Later creating user accounts, in some scenarios where we need to change the attributes of an existing user such equally, change user's dwelling directory, login proper noun, login trounce, password expiry engagement, etc, where in such example 'usermod' control is used.
When we execute 'usermod' command in terminal, the following files are used and affected.
- /etc/passwd – User account information.
- /etc/shadow – Secure account data.
- /etc/grouping – Grouping account information.
- /etc/gshadow – Secure group account data.
- /etc/login.defs – Shadow password suite configuration..
Bones syntax of control is:
usermod [options] username
Requirements
- We must take existing user accounts to execute usermod command.
- Only superuser (root) is allowed to execute usermod command.
- The usermod control tin can exist executed on any Linux distribution.
- Must have bones cognition of usermod command with options
Options of Usermod
The 'usermod' control is simple to use with lots of options to brand changes to an existing user. Let us see how to use usermod command by modifying some existing users in Linux box with the assistance of post-obit options.
- -c = We can add together comment field for the useraccount.
- -d = To modify the directory for any existing user business relationship.
- -due east = Using this option nosotros can make the account expiry in specific menstruum.
- -g = Alter the primary group for a User.
- -G = To add a supplementary groups.
- -a = To add anyone of the group to a secondary group.
- -l = To modify the login name from tecmint to tecmint_admin.
- -Fifty = To lock the user business relationship. This volition lock the countersign so we can't employ the account.
- -m = moving the contents of the home directory from existing home dir to new dir.
- -p = To Use un-encrypted password for the new countersign. (NOT Secured).
- -s = Create a Specified beat out for new accounts.
- -u = Used to Assigned UID for the user account between 0 to 999.
- -U = To unlock the user accounts. This will remove the password lock and allow us to employ the user business relationship.
In this commodity we will come across '15 usermod commands' with their practical examples and usage in Linux, which will help you lot to acquire and heighten your control-line skills using these options.
1. Calculation Data to User Account
The '-c' option is used to gear up a brief comment (information) nearly the user account. For case, permit'southward add data on 'tecmint' user, using the following command.
# usermod -c "This is Tecmint" tecmint
After adding data on user, the same comment can exist viewed in /etc/passwd file.
# grep -E --color 'tecmint' /etc/passwd tecmint:10:500:500:This is Tecmint:/dwelling/tecmint:/bin/sh
2. Change User Home Directory
In the above step we tin encounter that our dwelling house directory is nether /home/tecmint/, If nosotros need to change it to another directory we can change it using -d choice with usermod command.
For example, I want to alter our dwelling directory to /var/www/, simply before changing, let'southward cheque the current abode directory of a user, using the post-obit control.
# grep -E --color '/abode/tecmint' /etc/passwd tecmint:10:500:500:This is Tecmint:/abode/tecmint:/bin/sh
Now, alter home directory from /home/tecmint to /var/www/ and confirm the domicile director after changing.
# usermod -d /var/www/ tecmint # grep -E --color '/var/www/' /etc/passwd tecmint:x:500:500:This is Tecmint:/var/www:/bin/sh
3. Set User Account Decease Date
The option '-e' is used to set up expiry date on a user account with the date format YYYY-MM-DD. Before, setting upwardly an expiry appointment on a user, let's first check the current account death status using the 'chage' (change user password expiry data) command.
# chage -l tecmint Last password change : Nov 02, 2014 Countersign expires : never Countersign inactive : never Account expires : Dec 01, 2014 Minimum number of days between password change : 0 Maximum number of days betwixt password change : 99999 Number of days of warning before countersign expires : seven
The expiry status of a 'tecmint' user is Dec one 2014, let'southward modify it to November ane 2014 using 'usermod -e' selection and ostend the expiry appointment with 'chage' command.
# usermod -due east 2014-11-01 tecmint # chage -l tecmint Last password change : Nov 02, 2014 Password expires : never Password inactive : never Business relationship expires : Nov 01, 2014 Minimum number of days between password change : 0 Maximum number of days between password change : 99999 Number of days of alarm before password expires : 7
4. Change User Primary Grouping
To set or change a user primary grouping, we utilise pick '-g' with usermod command. Before, changing user primary grouping, first make sure to check the current group for the user tecmint_test.
# id tecmint_test uid=501(tecmint_test) gid=502(tecmint_test) groups=502(tecmint_test)
At present, fix the babin group equally a principal group to user tecmint_test and confirm the changes.
# usermod -g babin tecmint_test # id tecmint_test uid=501(tecmint_test) gid=502(babin) groups=502(tecmint_test)
5. Adding Group to an Existing User
If you want to add a new group chosen 'tecmint_test0' to 'tecmint' user, y'all can use choice '-G' with usermod command equally shown beneath.
# usermod -G tecmint_test0 tecmint # id tecmint
Annotation: Exist careful, while adding a new groups to an existing user with '-G' option solitary, will remove all existing groups that user belongs. So, always add the '-a' (suspend) with '-G' option to add together or append new groups.
six. Adding Supplementary and Primary Group to User
If you demand to add together a user to whatsoever one of the supplementary group, you lot can apply the options '-a' and '-G'. For example, here we going to add a user account tecmint_test0 with the wheel user.
# usermod -a -G wheel tecmint_test0 # id tecmint_test0
So, user tecmint_test0 remains in its primary group and also in secondary group (wheel). This will make my normal user account to execute any root privileged commands in Linux box.
eg : sudo service httpd restart
7. Change User Login Name
To change whatever existing user login name, we can apply '-l' (new login) selection. In the example below, nosotros changing login proper name tecmint to tecmint_admin. And so the username tecmint has been renamed with the new name tecmint_admin.
# usermod -50 tecmint_admin tecmint
Now bank check for the tecmint user, Information technology will non be present because we take inverse information technology to tecmint_admin.
# id tecmint
Cheque for the tecmint_admin account it volition be there with same UID and with existing group what nosotros have added before.
# id tecmint_admin
viii. Lock User Business relationship
To Lock any system user business relationship, nosotros tin can utilise '-Fifty' (lock) option, After the account is locked we can't login by using the countersign and you will see a ! added before the encrypted password in /etc/shadow file, means password disabled.
# usermod -L babin
Check for the locked account.
# grep -E --color 'babin' cat /etc/shadow
9. Unlock User Account
The '-U' option is used to unlock any locked user, this volition remove the ! earlier the encrypted password.
# grep -East --color 'babin' /etc/shadow # usermod -U babin
Verify the user subsequently unlock.
# grep -E --color 'babin' /etc/shadow
ten. Motility User Home Directory to New location
Allow's say y'all've a user account as 'pinky' with dwelling directory '/dwelling house/pinky', y'all want to move to new location say '/var/pinky'. You can use the options '-d' and '-m' to movement the existing user files from current home directory to a new home directory.
Check for the account and information technology's electric current home directory.
# grep -Due east --color 'pinky' /etc/passwd
Then list the files which is endemic by user pinky.
# ls -l /home/pinky/
Now we accept to motion the home directory from /dwelling/pinky to /var/pinky.
# usermod -d /var/pinky/ -1000 pinky
Next, verify the directory modify.
# grep -E --color 'pinky' /etc/passwd
Check for the files nether '/dwelling/pinky'. Here nosotros have moved the files using -m option so there will be no files. The pinky user files will be at present nether /var/pinky.
# ls -l /home/pinky/ # ls -fifty /var/pinky/
11. Create Un-encrypted Password for User
To create an un-encrypted password, nosotros apply pick '-p' (countersign). For demonstration purpose, I'm setting a new password say 'redhat' on a user pinky.
# usermod -p redhat pinky
After setting password, at present bank check the shadow file to meet whether its in encrypted format or un-encrypted.
# grep -East --colour 'pinky' /etc/shadow
Note: Did you encounter in the to a higher place image, the countersign is clearly visible to everyone. So, this choice is not recommended to use, because the countersign will exist visible to all users.
12. Change User Beat
The user login vanquish can exist changed or defined during user creation with useradd control or inverse with 'usermod' command using option '-due south' (beat). For example, the user 'babin' has the /bin/bash shell by default, now I want to alter it to /bin/sh.
# grep -E --colour 'babin' /etc/passwd # usermod -s /bin/sh babin
Afterwards changing user beat out, verify the user trounce using the post-obit command.
# grep -E --color 'babin' /etc/passwd
xiii. Modify User ID (UID)
In the example below, y'all can see that my user account 'babin' holds the UID of 502, now I want to change it to 888 as my UID. We can assign UID between 0 to 999.
# grep -E --color 'babin' /etc/passwd OR # id babin
Now, let'southward alter the UID for user babin using '-u' (uid) option and verify the changes.
# usermod -u 888 babin # id babin
14. Modifying User Account with Multiple Options
Here we have a user jack and now I want to modify his habitation directory, shell, expiry appointment, label, UID and group at once using one single command with all options as we discussed above.
The user Jack has the default home directory /dwelling/jack, At present I desire to change it to /var/www/html and assign his beat as bash, set expiry engagement as December 10th 2014, add new label as This is jack, change UID to 555 and he volition be fellow member of apple group.
Let we see how to alter the jack account using multiple selection now.
# usermod -d /var/www/html/ -due south /bin/bash -east 2014-12-10 -c "This is Jack" -u 555 -aG apple jack
Then bank check for the UID & dwelling directory changes.
# grep -E --colour 'jack' /etc/passwd
Account expire check.
# chage -l jack
Check for the group which all jack accept been fellow member.
# grep -E --color 'jack' /etc/group
15. Change UID and GID of a User
We can alter UID and GID of a current user. For irresolute to a New GID we need an existing grouping. Here already there is an account named equally orange with GID of 777.
Now my jack user account want to exist assigned with UID of 666 and GID of Orange (777).
Check for the electric current UID and GID before modifying.
# id jack
Modify the UID and GID.
# usermod -u 666 -g 777 jack
Check for the changes.
# id jack
Decision
Here we accept seen how to use usermod control with its options in very detailed manner, Earlier knowing about usermod command, one should must know 'useradd' command and its options to use the usermod. If I've missed whatever point in the article exercise let me know via comments and don't forget to add together your valuable comments.
Source: https://www.tecmint.com/usermod-command-examples/
Post a Comment for "A User Account Can Be Locked With the Usermod Command Using What Option?"