There are fairly just a few modifications you may make to consumer accounts on Linux programs: setting them up, deleting or disabling them, including or eradicating customers from secondary teams, altering usernames or UIDs, shifting residence directories, altering customers’ shells, altering account expiration timing, and so forth.
One command that may make practically all of those modifications simpler is usermod. The one actual constraints are 1) that the accounts you propose to vary should exist already on the system (this command received’t set them up from scratch), and a couple of) that the affected customers ought to in all probability not be logged in whenever you make these modifications.
The fundamental syntax for the command is usermod [options] LOGIN however that choices part has much more prospects than you would possibly anticipate. As well as, sudo permissions might be required for this command since superuser entry is required to arrange or change practically all consumer account settings.
Whereas customers can change their very own passwords, choose a special default shell and make modifications to their atmosphere settings (like their search paths), they can not—at the least not with out root privileges—add themselves to teams, change their usernames, modify their descriptive info within the /and so forth/passwd file or make different modifications to their account configuration. In actual fact, neither can they take away their accounts or lock their accounts with out root entry. Sysadmins should make these modifications for them.
With sudo entry, then again, you may make nearly any modifications to consumer accounts and with usermod, you are able to do it simply. As an alternative of enhancing information, you run instructions that modify the information making the wanted modifications for you.
Let’s take a look at the lengthy checklist of the choices obtainable with the usermod command and what they do.
Choices
The usermod command has so many choices that the command virtually run out of letters to specific them. Listed here are some fast explanations of the choices that present the vary of modifications this command could make:
- -a used with -G appends the consumer to the required group
- -b permits names that don’t adjust to requirements
- -c modifications the remark discipline within the /and so forth/passwd file
- -d modifications a consumer’s residence listing; with -m added, the contents of the previous listing are moved into the brand new one
- -e modifications the consumer’s account expiration date (saved within the /and so forth/shadow file)
- -f units the variety of days after a password expires that an account is disabled (saved within the /and so forth/shadow file)
- -g modifications the consumer’s group, offered the group to be assigned already exists
- -G units up the checklist of teams that the consumer might be a member of, eradicating different memberships until -a is added
- -l modifications a consumer’s username
- -L locks an account
- -m strikes the content material of a consumer’s residence to a different location
- -o when used with -u, permits a UID to have a worth which isn’t distinctive
- -p modifications a consumer’s password (not really useful as a result of it would present in ps output and the brand new password should be offered in encrypted kind)
- -P applies modifications to the prefix listing
- -R applies modifications within the CHROOT_DIR listing
- -s modifications the consumer’s login shell
- -u modifications the consumer’s UID
- -U unlocks a consumer’s password (removes the !)
- -v provides subordinate UIDs to a consumer account
- -V removes subordinate UIDs from a consumer account
- -w provides subordinate GIDs to a consumer account
- -W removes subordinate GIDs from a consumer account
- -Z provides an SELinux consumer for an account (requires an SELinux-enabled kernel)
You can clearly make many of those sorts of modifications by enhancing the associated information as root. For instance, you could possibly change a username by changing it within the /and so forth/passwd and /and so forth/shadow information after which change all cases of it within the /and so forth/group file. Nonetheless, a pair usermod instructions might do the identical factor and get the job accomplished rather a lot faster.
Listed here are some instance usermod instructions to point out you the way it works.
So as to add the consumer “dhart” to the group “secteam” on the system, you could possibly do that:
$ sudo usermod -a -G secteam ghart
The group should exist already.
To vary dhart’s username to dbell, you could possibly use the command proven beneath. Discover the order of the arguments; the final argument is the one being modified.
$ sudo usermod -l dbell dhart
^ ^
| |
new present
Notice that this usermod command will replace the /and so forth/passwd and /and so forth/shadow information.
To vary Dory’s description within the /and so forth/passwd file, you are able to do this:
$ sudo usermod -c “Dory Bell” dbell $ grep dbell /and so forth/passwd dbell:x:1002:1002:Dory Bell:/residence/dbell:/bin/bash
Notice that altering Dory’s username is not going to routinely change her group though as of late most customers’ main teams are the identical as their usernames. To rename Dory’s group, you could possibly use a associated groupmod command like this which modifications the identify of Dory’s group from dhart to dbell:
$ sudo groupmod -n dbell dhart
^ |
| |
+——-+
Utilizing a script
Are scripts nonetheless helpful? Sure, in fact they’re! Even with environment friendly instructions, it’s typically difficult to recollect which instructions you’ll want to use, by no means thoughts which order to place its arguments in.
Within the script proven beneath, we would like to make all of the modifications detailed within the instructions above after a workers member returns from trip solely to inform us that she simply received married and, thus, has a brand new surname. The next script will make all of the modifications, accommodating this particular person’s preferences with little effort on our half and ensure that they modifications had been made.
#!/bin/bash echo -n “present username: “ learn oldname echo -n “new username: “ learn newname echo -n “change consumer description discipline? [y/n] “ learn ans if [ $ans =="y" ]; then echo -n “Enter description> “ learn desc sudo usermod -c “$desc” $oldname fi # change the consumer’s username in /and so forth/passwd and /and so forth/shadow information sudo usermod -l $newname $oldname # transfer the consumer’s residence to match the brand new username sudo usermod -d /residence/$newname -m $newname # change the consumer’s group identify sudo groupmod -n $newname $oldnam # confirm the modifications had been made echo /and so forth/passwd: echo -n “ “ grep $newname /and so forth/passwd echo residence listing: echo -n “ “ ls -ld /residence/$newname
Right here’s an instance of the script in motion:
$ update_user present username: dhart new username: dbell change consumer description discipline? [y/n] y Enter description> Dory Bell /and so forth/passwd: dbell:x:1002:1002:Dory Bell:/residence/dbell:/bin/bash residence listing: drwxr-xr-x eight dbell dbell 4096 Oct 6 11:44 /residence/dbell
As soon as you place the wanted instructions right into a script, you received’t should work so onerous at ensuring your instructions are right, and also you’ll nonetheless get the good thing about making the wanted modifications rapidly and totally.
Wrap-Up
Don’t overlook that usermod gives a protracted checklist of choices for making modifications to consumer account settings. A few of them would possibly make your work a bit simpler.
Copyright © 2020 IDG Communications, Inc.
Leave a Reply