The usermod
command is the most robust command of all the user account modification utilities provided by Linux systems. It provides a space for the user to make any modifications to the existing user accounts.
Usermod helps in changing the properties of existing users on a Linux system. These properties may include parameters like password, login-name, login-directory, expiry date, change user ID, and many more.
Managing all the user account details from the command line is a fairly easy task, but not everybody knows the commands to do so. We’ll walk you through all the possible scenarios with usermod
in the Linux environment.
Note: To execute usermod
command you need to be a root user or you need to have sudo
access.
Files With User Details
As you are about to use usermod
command, it is very important for you to know the files with which you may require to work. These files contain all the information related to the user accounts present on the system.
File | Description |
---|---|
/etc/passwd | Contains several pieces of information about the user |
/etc/group | Contains information about each group used on the system |
/etc/gshadow | Contains secure group account Information |
/etc/login.defs | Defines the site-specific configuration for the shadow password suite. |
/etc/shadow | Contains the encrypted password as well as other information such as account or password expiration values |
Basic Syntax of Usermod Command
The syntax to use usermod
command is pretty basic in nature. The important thing is to know the options with which this command should be executed.
Syntax:
usermod [options] username
Options:
Options | Usage |
---|---|
-l | Change the name of the user |
-d | Modify the home directory of the existing user account |
-L | Lock the user account by disabling the password |
-U | Unlock the password lock |
-m | Move the contents from the existing home directory of the user to any new directory location |
-u | Change the user id of the existing user |
-g | Change the group of the user |
-G | A list of supplementary groups which the user is also a member of. |
-s | Create shell for new accounts |
-e | Changes the expiry date of the user account |
Applications of the Usermod Command
As stated in the above table, usermod
command is used with different options to manipulate the attributes related to the user account information.
Follow the examples given below to use the usermod
command for your tasks involving user account and the manipulation of its attributes.
Changing the username
The name of the user is a personal choice and can be changed whenever a user feels to do so. You can change the user login name of the existing users in the Linux Systems through the command line as well as the GUI from the Settings. You can follow the below-given commands to do so via the command line using the usermod
command.
Syntax:
usermod -l [new username] [existing username]
Example:
sudo usermod -l batman temporary
Output:
You can confirm the username change by running the id [user]
command command.
gaurav@ubuntu:~$ id batman
uid=1002(batman) gid=1002(temporary) groups=1002(temporary)
gaurav@ubuntu:~$ id temporary
id: ‘temporary’: no such user
gaurav@ubuntu:~$
In the above output, it is clear that the username ‘temporary’ is changed to the new username ‘batman’.
Changing the primary group of an existing user
In the Linux ecosystem, the collection of the computer system users is called a ‘Group’. The main purpose of having ‘Groups’ is to define certain privileges ( Read, Write, Execute) with respect to the shared resources within the users of the group. Usually, the primary group of a user has the same name as that of the username.
With usermod
, you can change the primary group of a user and add the user to another group.
You can check the groups on your system using the groups
command.
gaurav@ubuntu:~$ groups
gaurav adm cdrom sudo dip plugdev lpadmin sambashare
gaurav@ubuntu:~$
For changing the primary group of a user, you will need the group name of the primary group to which the user is currently added. Use the id [username]
command to get the group name and group id of the current primary group of the user.
gaurav@ubuntu:~$ id batman
uid=1000(batman) gid=1000(batman) groups=1000(batman),128(sambashare),4(adm),24(cdrom),27(sudo)
gaurav@ubuntu:~$
Here the primary group is ‘batman‘. Now, use the usermod
command to change the primary group of the user. I am changing the user’s primary group to ‘sambashare’. Check the following command.
Syntax:
sudo usermod -g [group name] [user name]
Example:
sudo usermod -g sambashare batman
Output:
gaurav@ubuntu:~$ sudo usermod -g sambashare batman
gaurav@ubuntu:~$ id batman
uid=1000(batman) gid=128(sambashare) groups=128(sambashare),1000(batman),4(adm),24(cdrom),27(sudo)
gaurav@ubuntu:~$
Using the above operation the primary group of the user batman is now changed to ‘sambashare’.
Adding New Group To An Existing User
The user account can belong to more than one group in the Linux system. Every user has a primary group. And Linux allows adding secondary groups to users as well.
Synatx:
sudo usermod -G [new group] [username]
Example:
sudo usermod -G dip batman
Output:
gaurav@ubuntu:~$ sudo usermod -G dip batman
gaurav@ubuntu:~$ id batman
uid=1000(batman) gid=128(sambashare) groups=128(sambashare), 30(dip)
gaurav@ubuntu:~$
Here new group named ‘dip’ is added to the user ‘batman’.
Note: To add the new group as a ‘Secondary Group’ you should use -a
parameter.-a
means append
. Using -a
before -G
will add the group as a ‘Secondary Group’ without changing the ‘Primary Group’ of the user.
Use following command to keep the primary group of the user unchanged.
sudo usermod -a -G [group to add] [User]
Changing The Home Directory Of The User
When you log in to your system, your session starts in your home directory which is unique to your user account. The system assigns this unique directory when the user account is created. Linux offers you an option to change your ‘Home Directory’. Most of the time, the name of the ‘Home Directory’ is the same as the username and is placed under the /home
directory.
Use the following command to change the ‘Home Directory’ of the user.
Syntax:
sudo usermod -d [new_directory_path] [username]
To verify if the Home Directory has changed, use the grep
command. I have displayed information about the user ‘batman’ from the /etc/passwd
file.
gaurav@ubuntu:~$ sudo usermod -d /var/hpq/ batman
gaurav@ubuntu:~$ grep 'var/hpq/' /etc/passwd
batman:x:1001:4::/var/hpq/:/bin/false
gaurav@ubuntu:~$
Note: To move the contents from the old home directory to the new directory you have to use -m
. Use the syntax as shown below.
sudo usermod -m -d [new_directory_path] [username]
Changing the Uid (User Identifier) of a User
Uid (User Identifier) is the unique numerical value assigned to every user by Linux. The system identifies the user with a unique uid
assigned to it. UID zero is assigned to the root user.
You can change the UID of a user using the command below.
Syntax:
sudo usermod -u [new_UID] user
Example:
Checking the current uid for the user batman using the id [user]
command.
gaurav@ubuntu:~$ id batman
uid=1000(batman) gid=4(adm) groups=4(adm),30(dip)
The uid of the batman is now 1000. Let’s change it to 536 using the usermod
-u
command.
gaurav@ubuntu:~$ sudo usermod -u 536 batman
[sudo] password for gaurav:
gaurav@ubuntu:~$
Now, lets again check the uid of the user batman using the id [user]
command
gaurav@ubuntu:~$ id batman
uid=536(batman) gid=4(adm) groups=4(adm),30(dip)
gaurav@ubuntu:~$
Here we can see that the uid of the user batman is changed from 1000 to 536 using the usermod -u
command.
Adding Personal Comments With The User Account
Let’s take an example of the user ‘batman’. This user is working in a big office and he has recently changed his work phone number and desk number. So he can add these modified details to his user account by using the usermod -c
command.
Syntax:
sudo usermod -c "Your comment" User
Output:
gaurav@ubuntu:~$ sudo usermod -c "Tony Stark, 405, 95985475" batman
gaurav@ubuntu:~$ sudo grep 'batman' /etc/passwd
batman:x:536:4:Tony Stark, 405, 95985475:/var/hpq/:/bin/false
gaurav@ubuntu:~$
The changes will be reflected in the /etc/passwd
file.
Locking/Disabling the Users
If you wish to restrict access to the system for a certain user you can do so by locking the password of that particular user. So even if the user tries to log in with the password he will not be granted access to the system. !
symbol will be added in front of the encrypted password of the user in the /etc/shadow
file, meaning the password is disabled.
Syntax:
sudo usermod -L [user]
Output:
gaurav@ubuntu:~$ sudo usermod -L batman
gaurav@ubuntu:~$ sudo grep batman /etc/shadow
batman:!:17612:0:99999:7:::
gaurav@ubuntu:~$
Unlocking/Enabling the Users
You can easily unlock/enable the password of a user who was previously disabled. You can check the /etc/shadow
file for the change. !
symbol will be removed from the user’s encrypted password.
Syntax:
sudo usermod -U [user]
gaurav@ubuntu:~$ sudo usermod -U batman
gaurav@ubuntu:~$ sudo grep batman /etc/shadow
batman:t:18511:0:99999:7:::
gaurav@ubuntu:~$
Changing the User Shell
The GNU/Linux shell is a special interactive utility. It provides a way for users to start programs, manage files on the filesystem, and manage processes running on the Linux system. The shell contains a set of internal commands that you use to control things such as copying files, moving files, renaming files, displaying the programs currently running on the system, and stopping programs running on the system.
You can change the user of the shell using usermod -s
command. Use the below-given syntax.
Syntax:
sudo usermod -s /bin/sh [user]
gaurav@ubuntu:~$ sudo usermod -s /bin/sh batman
[sudo] password for gaurav:
gaurav@ubuntu:~$ grep batman /etc/passwd
batman:x:536:4:This is my demo account:/var/www/:/bin/sh
You can verify the change using grep
command as shown in the output above.
Set User Expiry Date
If you want a certain user account to be used for only a specific period of time then you can set an expiry date on that user account. The expiry date is put in the format of YYYY-MM-DD
.
Syntax:
usermod -e [YYYY-MM-DD] [User]
To check the current expiry date of the account, use the chage -l [user]
command.
gaurav@ubuntu:~$ sudo chage -l batman
[sudo] password for gaurav:
Last password change : Sep 06, 2020
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7
gaurav@ubuntu:~$
In the above output, we can see that currently the expiry date of the user batman is not set. Now we will use the usermod -e
command to set the expiry date for the user batman.
Example:
sudo usermod -e 2022-06-19 batman
Now we will check the status of the user expiry date again using the chage -l [user]
command.
gaurav@ubuntu:~$ sudo chage -l batman
[sudo] password for gaurav:
Last password change : Sep 06, 2020
Password expires : never
Password inactive : never
Account expires : Jun 19, 2022
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7
gaurav@ubuntu:~$
In this way, we have set an expiry date to the user account ‘batman’ as Jun 19, 2022.
Conclusion
In this tutorial, we have seen the applications of the usermod
command to modify the basic user account data in a comprehensive way. Feel free to reach out to us in case we missed something.
Check out our other articles below to learn more about Tech. Happy Learning !
Member discussion