This tutorial explains how to use the usermod command in Linux step by step with 15+ practical examples. Learn how the usermod command is used to add user to group, change username, remove user from group, change shell, lock and unlock user account, change group and change home directory.
The usermod command in Linux is used to manage user properties at command line. The syntax of the usermod command is following: –
#usermod [option] [argument] username
Following table lists important options with description.
|Short option||Long option||Description|
|-g||–gid||Used to change user’s primary group|
|-G||–groups||Used to change user’s secondary groups. If used individually, will replace user’s existing groups with supplied groups. If you want to add user in supplied groups without removing him from existing group, use -a option along with this option.|
|-a||–append||Used with –G option to add user in supplied group or groups.|
|-c||–comment||Used to update description field.|
|-d||–home||Used to change home directory.|
|-m||–move-home||Used to create a new home directory and move all the contents from current directory to new directory.|
|-s||–shell||Used to update the login shell|
|-l||–login||Used to change the login name|
|-L||–lock||Used to lock the account|
|-U||–unlock||Used to unlock the account|
In order to understand these options in detail with example, let’s create a user named rhcestudent with default properties.
#useradd rhcestudent #passwd rhcestudent #grep rhcestudent /etc/passwd #grep rhcestudent /etc/group #grep rhcestudent /etc/gshadow #grep rhcestudent /etc/shadow #ls –dl /home/rhcestudent
Following figure shows above commands with output and description.
The useradd command without any options adds a new user account with default setting.
The passwd command sets and updates password for user. The grep command search specified pattern in supplied source.
We used grep command, to search and view the user’s default properties. To learn how to use grep command in detail, see this tutorial.
It explains the grep command and its usages with practical examples.
To understand how the user database files are formatted and how users are created, please see the previous parts of this tutorial.
This tutorial is the fifth part of the tutorial “Linux user and group management step by step explained with practical examples”. The other parts of this tutorial are following: –
This tutorial is the first part of the article. It explains what a user account is and how it is managed in the Linux system.
This tutorial is the second part of article. It explains the /etc/passwd file and how it is formatted in detail.
This tutorial is the third part of article. It explains the /etc/shadow file and how it is formatted in detail.
This tutorial is the fourth part of the article. It explains how to create users in Linux at command prompt step by step.
The usermod command practical examples
Above, we have added a test user account named rhcestudent with default properties.
Now let’s update or change his properties with the usermod command.
Updating comments or descriptions
By default, when we create a user from the useradd command, it is created without any description or comment.
While creating the user account, we can force the useradd command to add the supplied description with -c option or we
can add it with the usermod command later.
In previous part of this tutorial, we have seen the example of adding comment while creating the user account.
In this part, let’s learn how to add or update it once the user account is created.
To add or update description, use -c option. Use quote sign,
if description contains white space. For example, to add the description \’Neil Patel\’ for the user rhcestudent, use following command.
#usermod -c \'Neil Patel\' rhcestudent
To update the existing description, use the same command again with the new description.
For example, following command updates description to \’Neil Barbar\’ for the user rhcestudent.
#usermod -c \'Neil Barbar\' rhcestudent
Following figure shows both commands with output.
Basically, this option replaces the existing description with the supplied description.
Since first time there was no description, so the supplied description was added. In other words,
there was a blank description which was replaced by the supplied description. Second time, there was a description,
so it was replaced with the supplied description.
Changing user’s login shell
By default, user gets the /bin/bash shell. To change it, supply the absolute path of new shell with -s option.
For example following command changes the default shell to tcsh for the user rhcestudent
#usermod -s /bin/tcsh rhcestudent
Locking user account
To temporary lock a user account, use -L option. This option adds an exclamation sign before the
user’s encrypted password stored in the file /etc/shadow. During authentication, when login process sees this sign,
it does not allow user to login even user has supplied correct password. Let’s understand it with example.
Switch to any CLI terminal and login from your test user account.
Now lock your test user’s account with –L option. For example, use following command to lock the account of user rhcestudent.
#usermod -L rhcestudent
Following figure shows above command along with the user’s password entry.
Once account is locked, try to login again. This time login request will be rejected with a generic message \”Login is incorrect\”.
Unlocking user account
To unlock the locked account, use –U option. For example, to unlock the account of user rhcestudent, uses following command.
#usermod -U rhcestudent
Following figure shows user’s password entry before and after this command.
Since this option only removes the exclamation sign placed in front of the encrypted password,
it can be used only to unlock the account which is locked by placing an exclamation sing in front of the password.
Once account is unlocked, login process allows user to use his password for login. Let’s login with our test user account again.
This time, not only we are allowed to login but also are informed about the unsuccessful
login attempts which we made while account was locked.
Changing home directory
Home directory is the directory where user is placed just after the login by login process.
By default it is created in /home directory with the same name as login name. To change it, -d option is used.
For example, following command will configure the directory /userdata/rhcestudent as new home directory for the user rhcestudent.
#usermod -d /userdata/rhcestudent rhcestudent
While using this option, we should remember two important points.
Home directory can be changed only when user is not logged in. If user is logged in, this command will not work.
This command does not create the specified directory. It only replaces the currently
configured directory with the new specified directory in user database file (/etc/passwd). We must have to create the specified directory on our own.
Moving user’s home directory
To move user’s home directory, -m option is used. This option creates a new home directory,
if not exist, at specified location and moves all contents from current home directory to it.
But this option does not update the user database file. To update the user database file, use -d option with this option.
In order to perform all three tasks together; creating of new directory, moving of data from
old directory new directory and updating of database file, always use –m option with –d option.
Before we use this option, let’s create a dummy file and folder in current home directory.
Now create a test directory named /userdata and run following command.
#usermod –md /userdata/rhcestudent rhcestudent #ls –ld /userdata/rhcestudent #ls –a /userdata/rhcestudent/
Replace the username rhcestudent with the username of your test account.
Second and third commands have been respectively used to verify that new home directory have been created
at new location and all data from current home directory has been moved to new home directory.
Following figure illustrates above practice.
Changing primary group
To change a user’s primary group, –g option is used. For example, following command changes the user rhcestundent’s primary group to labuser.
#usermod -g labuser rhcestudent
Since this option only updates the user database file, new group must be created manually. Create new primary group,
if not already exist, before executing above command.
Following figure shows this exercise step by step.
Changing secondary group
User is added in secondary group as per requirement. There are two ways to update secondary group information;
replace and append. To completely replace existing group information with new group information, -G option is used.
To add new group information with existing group information, -a option is used along with –G option.
Let’s create five dummy groups, to understand both options in detail.
Add user in first three groups. Use –G option to add user in groups.
#usermod –G dummygroup1,dummygroup2,dummygroup3 rhcestudent
Verify that user is added in supplied group.
#grep rhcestudent /etc/group
Now add user in remaining two groups.
#usermod –G dummygroup4,dummygroup5 rhcestudent
Check user’s secondary groups again.
#grep rhcestudent /etc/group
Following figure shows above exercise with output.
As we can see in above figure, when we used this command again to add user in remaining groups,
user was added in new groups but at the same time it was removed from all existing groups.
Now let’s add user again in remaining groups, but this time use –a option along with –G option.
#usermod –aG dummygroup1,dummygroup2,dummygroup3 rhcestudent
As we can see in above figure, this time, user was added in new groups along with the existing groups.
Changing login name
Usually changing login name is not recommended, but if require, it can be done with -l option.
For example, to replace the login name rhcestudent with saracorner, following command will be used.
#usermod -l saracorner rhcestudent
Following figure shows this example in detail.
This option only changes the login name, nothing else. In order to reflect this change, if require, we have to rename other properties such as home directory and mail spool manually.
That’s all for this part. In next part, we will learn user password management in detail. For any comment, suggestion or feedback about this tutorial, please mail me. If you like this tutorial, please don’t forget to share it with friends through you favorite social platform.
Full Version EX300 Dumps
Try EX300 Dumps Demo