1USERDEL(8) System Management Commands USERDEL(8)
2
6 userdel - delete a user account and related files
7
9 userdel [options] LOGIN
10
12 The userdel command modifies the system account files, deleting all
13 entries that refer to the user name LOGIN. The named user must exist.
14
16 The options which apply to the userdel command are:
17 -f, --force
19 This option forces the removal of the user account, even if the
20 user is still logged in. It also forces userdel to remove the
21 user's home directory and mail spool, even if another user uses the
22 same home directory or if the mail spool is not owned by the
23 specified user. If USERGROUPS_ENAB is defined to yes in
24 /etc/login.defs and if a group exists with the same name as the
25 deleted user, then this group will be removed, even if it is still
26 the primary group of another user.
27 Note: This option is dangerous and may leave your system in an
29 inconsistent state.
30 -h, --help
32 Display help message and exit.
33 -r, --remove
35 Files in the user's home directory will be removed along with the
36 home directory itself and the user's mail spool. Files located in
37 other file systems will have to be searched for and deleted
38 manually.
39 The mail spool is defined by the MAIL_DIR variable in the
41 login.defs file.
42 -R, --root CHROOT_DIR
44 Apply changes in the CHROOT_DIR directory and use the configuration
45 files from the CHROOT_DIR directory. Only absolute paths are
46 supported.
47 -P, --prefix PREFIX_DIR
49 Apply changes in the PREFIX_DIR directory and use the configuration
50 files from the PREFIX_DIR directory. This option does not chroot
51 and is intended for preparing a cross-compilation target. Some
52 limitations: NIS and LDAP users/groups are not verified. PAM
53 authentication is using the host files. No SELINUX support.
54 -Z, --selinux-user
56 Remove any SELinux user mapping for the user's login.
57
59 The following configuration variables in /etc/login.defs change the
60 behavior of this tool:
61 MAIL_DIR (string)
63 The mail spool directory. This is needed to manipulate the mailbox
64 when its corresponding user account is modified or deleted. If not
65 specified, a compile-time default is used. The parameter
66 CREATE_MAIL_SPOOL in /etc/default/useradd determines whether the
67 mail spool should be created.
68 MAIL_FILE (string)
70 Defines the location of the users mail spool files relatively to
71 their home directory.
72 The MAIL_DIR and MAIL_FILE variables are used by useradd, usermod, and
74 userdel to create, move, or delete the user's mail spool.
75 If MAIL_CHECK_ENAB is set to yes, they are also used to define the MAIL
77 environment variable.
78 MAX_MEMBERS_PER_GROUP (number)
80 Maximum members per group entry. When the maximum is reached, a new
81 group entry (line) is started in /etc/group (with the same name,
82 same password, and same GID).
83 The default value is 0, meaning that there are no limits in the
85 number of members in a group.
86 This feature (split group) permits to limit the length of lines in
88 the group file. This is useful to make sure that lines for NIS
89 groups are not larger than 1024 characters.
90 If you need to enforce such limit, you can use 25.
92 Note: split groups may not be supported by all tools (even in the
94 Shadow toolsuite). You should not use this variable unless you
95 really need it.
96 USERDEL_CMD (string)
98 If defined, this command is run when removing a user. It should
99 remove any at/cron/print jobs etc. owned by the user to be removed
100 (passed as the first argument).
101 The return code of the script is not taken into account.
103 Here is an example script, which removes the user's cron, at and
105 print jobs:
106 #! /bin/sh
108 # Check for the required argument.
110 if [ $# != 1 ]; then
111 echo "Usage: $0 username"
112 exit 1
113 fi
114 # Remove cron jobs.
116 crontab -r -u $1
117 # Remove at jobs.
119 # Note that it will remove any jobs owned by the same UID,
120 # even if it was shared by a different username.
121 AT_SPOOL_DIR=/var/spool/cron/atjobs
122 find $AT_SPOOL_DIR -name "[^.]*" -type f -user $1 -delete \;
123 # Remove print jobs.
125 lprm $1
126 # All done.
128 exit 0
129 USERGROUPS_ENAB (boolean)
133 Enable setting of the umask group bits to be the same as owner bits
134 (examples: 022 -> 002, 077 -> 007) for non-root users, if the uid
135 is the same as gid, and username is the same as the primary group
136 name.
137 If set to yes, userdel will remove the user's group if it contains
139 no more members, and useradd will create by default a group with
140 the name of the user.
141
143 /etc/group
144 Group account information.
145 /etc/login.defs
147 Shadow password suite configuration.
148 /etc/passwd
150 User account information.
151 /etc/shadow
153 Secure user account information.
154 /etc/shadow-maint/userdel-pre.d/*, /etc/shadow-maint/userdel-post.d/*
156 Run-part files to execute during user deletion. The environment
157 variable ACTION will be populated with userdel and SUBJECT with the
158 username. userdel-pre.d will be executed prior to any user
159 deletion. userdel-post.d will execute after user deletion. If a
160 script exits non-zero then execution will terminate.
161 /etc/subgid
163 Per user subordinate group IDs.
164 /etc/subuid
166 Per user subordinate user IDs.
167
169 The userdel command exits with the following values:
170 0
172 success
173 1
175 can't update password file
176 2
178 invalid command syntax
179 6
181 specified user doesn't exist
182 8
184 user currently logged in
185 10
187 can't update group file
188 12
190 can't remove home directory
191
193 userdel will not allow you to remove an account if there are running
194 processes which belong to this account. In that case, you may have to
195 kill those processes or lock the user's password or account and remove
196 the account later. The -f option can force the deletion of this
197 account.
198 You should manually check all file systems to ensure that no files
200 remain owned by this user.
201 You may not remove any NIS attributes on a NIS client. This must be
203 performed on the NIS server.
204 If USERGROUPS_ENAB is defined to yes in /etc/login.defs, userdel will
206 delete the group with the same name as the user. To avoid
207 inconsistencies in the passwd and group databases, userdel will check
208 that this group is not used as a primary group for another user, and
209 will just warn without deleting the group otherwise. The -f option can
210 force the deletion of this group.
211
213 chfn(1), chsh(1), passwd(1), login.defs(5), gpasswd(8), groupadd(8),
214 groupdel(8), groupmod(8), subgid(5), subuid(5), useradd(8), usermod(8).
215shadow-utils 4.12.3 11/29/2022 USERDEL(8)