How to Use a ‘usermod’ command in Linux
In this aricle we are learning about the command used for modification for existing user in the home directory. We are using command called ‘usermod’ . The command ‘usermod‘ is used to modify or change any attributes of a already created user account via command line.
After creating user accounts, in some scenarios where we need to change the attributes of an existing user such as, change user’s home directory, login name, login shell, password expiry date, etc. Where in such case ‘usermod’ command is used.
When we execute ‘usermod’ command in terminal, the following files are used and affected
- /etc/passwd – User account information.
- /etc/shadow – Secure account information.
- /etc/group – Group account information.
- /etc/gshadow – Secure group account information.
- /etc/login.defs – Shadow password suite configuration.
Basic syntax for command
usermod [options] username
- We must have existing user accounts to execute usermod command.
- Only superuser (root) is allowed to execute usermod command.
- The usermod command can be executed on any Linux distribution.
- Must have basic knowledge of usermod command with options.
Options for Usermod
The ‘usermod’ command is simple to use with lots of options to make changes to an existing user. Let us see how to use ‘usermod‘ command by modifying some existing users in Linux box with the help of following options.
- – c = We can add comment field for the useraccount.
- – d = To modify the directory for any existing user account.
- – e = Using this option we can make the account expiry in specific period.
- – g = Change the primary group for a User.
- – G = To add a supplementary groups.
- – a = To add anyone of the group to a secondary group.
- – l = To change the login name from technofission to technofission_admin.
- – L = To lock the user account. This will lock the password so we can’t use the account.
- – m = moving the contents of the home directory from existing home dir to new dir.
- – p = To Use un-encrypted password for the new password. (NOT Secured).
- – s = Create a Specified shell for new accounts.
- – u = Used to Assigned UID for the user account between 0 to 999.
- – U = To unlock the user accounts. This will remove the password lock and allow us to use the user account.
1. Adding Information to User Account
The ‘-c’ option is used to set a brief comment (information) about the user account.
For example, let’s add information on ‘humor’ user, using the following command.
2. Change User Home Directory
In the above step we can see that our home directory is under /home/humor/, If we need to change it to some other directory we can change it using -d option with usermod command.
For example, I want to change our home directory to /var/www/, but before changing, let’s check the current home directory of a user, using the following command.
Now, change home directory from /home/humor to /var/www/ and confirm the home director after changing.
3. Set User Account Expiry Date
The option ‘-e’ is used to set expiry date on a user account with the date format YYYY-MM-DD. Before, setting up an expiry date on a user, let’s first check the current account expiry status using the ‘chage’ (change user password expiry information) command.
The expiry status of a ‘humor’ user is Never, let’s change it to Mar 25 2017 using ‘usermod -e’ option and confirm the expiry date with ‘chage’ command.
4. Change User Primary Group
To set or change a user primary group, we use option ‘-g’ with usermod command. Before, changing user primary group, first make sure to check the current group for the user ‘tap’.
Now, set the ‘pat’ group as a primary group to user ‘tap’ and confirm the changes
5. Adding Supplementary and Primary Group to User
If you need to add a user to any one of the supplementary group, you can use the options ‘-a‘ and ‘-G’.
For example, here we going to add a user account ‘tap’ with the wheel user.
So, user ‘tap’ remains in its primary group and also in secondary group (wheel). This will make my normal user account to execute any root privileged commands in Linux box.
6. Change User Login Name
To change any existing user login name, we can use ‘-l‘ (new login) option. In the example below, we changing login name tap to ‘tap_admin’. So the username ‘tap’ has been renamed with the new name ‘tap_admin’.
Now check for the tap user, It will not be present because we have changed it to ‘tap_admin’.
7. Lock User Account
To Lock any system user account, we can use ‘-L‘ (lock) option, After the account is locked we can’t login by using the password and you will see a ! added before the encrypted password in /etc/shadow file, means password disabled.
8. Unlock User Account
The ‘-U’ option is used to unlock any locked user, this will remove the ‘!‘ before the encrypted password.
Verify the user after unlock
9. Create Un-encrypted Password for User
To create an un-encrypted password, we use option ‘-p’(password). For demonstration purpose, I’m setting a new password say ‘linux’ on a user ‘pat’
10. Change User ID (UID)
In the example below, you can see that my user account ‘PID’ holds the UID of 1002, now I want to change it to 888 as my UID. We can assign UID between 0 to 999.
Now, let’s change the UID for user babin using ‘-u‘ (uid) option and verify the changes.
With the help of all these commands we are doing modification in pre created user and privileges of users.