1USERMOD(8) System Management Commands USERMOD(8)
2
3
4
6 usermod - modify a user account
7
9 usermod [options] LOGIN
10
12 The usermod command modifies the system account files to reflect the
13 changes that are specified on the command line.
14
16 The options which apply to the usermod command are:
17
18 -a, --append
19 Add the user to the supplementary group(s). Use only with the -G
20 option.
21
22 -c, --comment COMMENT
23 The new value of the user´s password file comment field. It is
24 normally modified using the chfn(1) utility.
25
26 -d, --home HOME_DIR
27 The user´s new login directory.
28
29 If the -m option is given, the contents of the current home
30 directory will be moved to the new home directory, which is created
31 if it does not already exist.
32
33 -e, --expiredate EXPIRE_DATE
34 The date on which the user account will be disabled. The date is
35 specified in the format YYYY-MM-DD.
36
37 -f, --inactive INACTIVE
38 The number of days after a password expires until the account is
39 permanently disabled.
40
41 A value of 0 disables the account as soon as the password has
42 expired, and a value of -1 disables the feature.
43
44 -g, --gid GROUP
45 The group name or number of the user´s new initial login group. The
46 group must exist.
47
48 -G, --groups GROUP1[,GROUP2,...[,GROUPN]]]
49 A list of supplementary groups which the user is also a member of.
50 Each group is separated from the next by a comma, with no
51 intervening whitespace. The groups are subject to the same
52 restrictions as the group given with the -g option.
53
54 If the user is currently a member of a group which is not listed,
55 the user will be removed from the group. This behaviour can be
56 changed via the -a option, which appends the user to the current
57 supplementary group list.
58
59 -l, --login NEW_LOGIN
60 The name of the user will be changed from LOGIN to NEW_LOGIN.
61 Nothing else is changed. In particular, the user´s home directory
62 name should probably be changed manually to reflect the new login
63 name.
64
65 -L, --lock
66 Lock a user´s password. This puts a ´!´ in front of the encrypted
67 password, effectively disabling the password. You can´t use this
68 option with -p or -U.
69
70 Note: if you wish to lock the account (not only access with a
71 password), you should also set the EXPIRE_DATE to 1.
72
73 -m, --move-home
74 Move the content of the user´s home directory to the new location.
75
76 This option is only valid in combination with the -d (or --home)
77 option.
78
79 -o, --non-unique
80 When used with the -u option, this option allows to change the user
81 ID to a non-unique value.
82
83 -p, --password PASSWORD
84 The encrypted password, as returned by crypt(3).
85
86
87 Note: This option is not recommended because the password (or
88 encrypted password) will be visible by users listing the processes.
89
90 You should make sure the password respects the system´s password
91 policy.
92
93 -s, --shell SHELL
94 The name of the user´s new login shell. Setting this field to blank
95 causes the system to select the default login shell.
96
97 -u, --uid UID
98 The new numerical value of the user´s ID.
99
100 This value must be unique, unless the -o option is used. The value
101 must be non-negative. Values between 0 and 999 are typically
102 reserved for system accounts.
103
104 The user´s mailbox, and any files which the user owns and which are
105 located in the user´s home directory will have the file user ID
106 changed automatically.
107
108 The ownership of files outside of the user´s home directory must be
109 fixed manually.
110
111 -U, --unlock
112 Unlock a user´s password. This removes the ´!´ in front of the
113 encrypted password. You can´t use this option with -p or -L.
114
115 Note: if you wish to unlock the account (not only access with a
116 password), you should also set the EXPIRE_DATE (for example to
117 99999, or to the EXPIRE value from /etc/default/useradd).
118
119 -Z, --selinux-user SEUSER
120 The SELinux user for the user´s login. The default is to leave this
121 field the blank, which causes the system to select the default
122 SELinux user.
123
125 You must make certain that the named user is not executing any
126 processes when this command is being executed if the user´s numerical
127 user ID, the user´s name, or the user´s home directory is being
128 changed. usermod checks this on Linux, but only check if the user is
129 logged in according to utmp on other architectures.
130
131 You must change the owner of any crontab files or at jobs manually.
132
133 You must make any changes involving NIS on the NIS server.
134
136 The following configuration variables in /etc/login.defs change the
137 behavior of this tool:
138
139 MAIL_DIR (string)
140 The mail spool directory. This is needed to manipulate the mailbox
141 when its corresponding user account is modified or deleted. If not
142 specified, a compile-time default is used.
143
144 MAIL_FILE (string)
145 Defines the location of the users mail spool files relatively to
146 their home directory.
147
148 The MAIL_DIR and MAIL_FILE variables are used by useradd, usermod, and
149 userdel to create, move, or delete the user´s mail spool.
150
151 If MAIL_CHECK_ENAB is set to yes, they are also used to define the MAIL
152 environment variable.
153
154 MAX_MEMBERS_PER_GROUP (number)
155 Maximum members per group entry. When the maximum is reached, a new
156 group entry (line) is started in /etc/group (with the same name,
157 same password, and same GID).
158
159 The default value is 0, meaning that there are no limits in the
160 number of members in a group.
161
162 This feature (split group) permits to limit the length of lines in
163 the group file. This is useful to make sure that lines for NIS
164 groups are not larger than 1024 characters.
165
166 If you need to enforce such limit, you can use 25.
167
168 Note: split groups may not be supported by all tools (even in the
169 Shadow toolsuite). You should not use this variable unless you
170 really need it.
171
173 /etc/group
174 Group account information.
175
176 /etc/gshadow
177 Secure group account information.
178
179 /etc/passwd
180 User account information.
181
182 /etc/shadow
183 Secure user account information.
184
186 chfn(1), chsh(1), passwd(1), crypt(3), gpasswd(8), groupadd(8),
187 groupdel(8), groupmod(8), login.defs(5), useradd(8), userdel(8).
188
189
190
191System Management Commands 07/24/2009 USERMOD(8)