usermod command is the most robust command of all the user account modification utilities provided by Linux systems. It provides a space for the user to make any modifications to the existing user accounts.
Usermod helps in changing the properties of existing users on a Linux system. These properties may include parameters like password, login-name, login-directory, expiry date, change user ID, and many more.
Managing all the user account details from the command line is a fairly easy task, but not everybody knows the commands to do so. We’ll walk you through all the possible scenarios with
usermod in the Linux environment.
Note: To execute
usermod command you need to be a root user or you need to have
Files With User Details
As you are about to use
usermod command, it is very important for you to know the files with which you may require to work. These files contain all the information related to the user accounts present on the system.
|/etc/passwd||Contains several pieces of information about the user|
|/etc/group||Contains information about each group used on the system|
|/etc/gshadow||Contains secure group account Information|
|/etc/login.defs||Defines the site-specific configuration for the shadow password suite.|
|/etc/shadow||Contains the encrypted password as well as other information such as account or password expiration values|
Basic Syntax of Usermod Command
The syntax to use
usermod command is pretty basic in nature. The important thing is to know the options with which this command should be executed.
usermod [options] username
|Change the name of the user|
|Modify the home directory of the existing user account|
|Lock the user account by disabling the password|
|Unlock the password lock|
|Move the contents from the existing home directory of the user to any new directory location|
|Change the user id of the existing user|
|Change the group of the user|
|A list of supplementary groups which the user is also a member of.|
|Create shell for new accounts|
|Changes the expiry date of the user account|
Applications of the Usermod Command
As stated in the above table,
usermod command is used with different options to manipulate the attributes related to the user account information.
Follow the examples given below to use the
usermod command for your tasks involving user account and the manipulation of its attributes.
Changing the username
The name of the user is a personal choice and can be changed whenever a user feels to do so. You can change the user login name of the existing users in the Linux Systems through the command line as well as the GUI from the Settings. You can follow the below-given commands to do so via the command line using the
usermod -l [new username] [existing username]
sudo usermod -l batman temporary
You can confirm the username change by running the
id [user] command command.
gaurav@ubuntu:~$ id batman uid=1002(batman) gid=1002(temporary) groups=1002(temporary) gaurav@ubuntu:~$ id temporary id: ‘temporary’: no such user gaurav@ubuntu:~$
In the above output, it is clear that the username ‘temporary’ is changed to the new username ‘batman’.
Changing the primary group of an existing user
In the Linux ecosystem, the collection of the computer system users is called a ‘Group’. The main purpose of having ‘Groups’ is to define certain privileges ( Read, Write, Execute) with respect to the shared resources within the users of the group. Usually, the primary group of a user has the same name as that of the username.
usermod, you can change the primary group of a user and add the user to another group.
You can check the groups on your system using the
gaurav@ubuntu:~$ groups gaurav adm cdrom sudo dip plugdev lpadmin sambashare gaurav@ubuntu:~$
For changing the primary group of a user, you will need the group name of the primary group to which the user is currently added. Use the
id [username] command to get the group name and group id of the current primary group of the user.
gaurav@ubuntu:~$ id batman uid=1000(batman) gid=1000(batman) groups=1000(batman),128(sambashare),4(adm),24(cdrom),27(sudo) gaurav@ubuntu:~$
Here the primary group is ‘batman‘. Now, use the
usermod command to change the primary group of the user. I am changing the user’s primary group to ‘sambashare’. Check the following command.
sudo usermod -g [group name] [user name]
sudo usermod -g sambashare batman
gaurav@ubuntu:~$ sudo usermod -g sambashare batman gaurav@ubuntu:~$ id batman uid=1000(batman) gid=128(sambashare) groups=128(sambashare),1000(batman),4(adm),24(cdrom),27(sudo) gaurav@ubuntu:~$
Using the above operation the primary group of the user batman is now changed to ‘sambashare’.
Adding New Group To An Existing User
The user account can belong to more than one group in the Linux system. Every user has a primary group. And Linux allows adding secondary groups to users as well.
sudo usermod -G [new group] [username]
sudo usermod -G dip batman
gaurav@ubuntu:~$ sudo usermod -G dip batman gaurav@ubuntu:~$ id batman uid=1000(batman) gid=128(sambashare) groups=128(sambashare), 30(dip) gaurav@ubuntu:~$
Here new group named ‘dip’ is added to the user ‘batman’.
Note: To add the new group as a ‘Secondary Group’ you should use
-G will add the group as a ‘Secondary Group’ without changing the ‘Primary Group’ of the user.
Use following command to keep the primary group of the user unchanged.
sudo usermod -a -G [group to add] [User]
Changing The Home Directory Of The User
When you log in to your system, your session starts in your home directory which is unique to your user account. The system assigns this unique directory when the user account is created. Linux offers you an option to change your ‘Home Directory’. Most of the time, the name of the ‘Home Directory’ is the same as the username and is placed under the
Use the following command to change the ‘Home Directory’ of the user.
sudo usermod -d [new_directory_path] [username]
To verify if the Home Directory has changed, use the
grep command. I have displayed information about the user ‘batman’ from the
gaurav@ubuntu:~$ sudo usermod -d /var/hpq/ batman gaurav@ubuntu:~$ grep 'var/hpq/' /etc/passwd batman:x:1001:4::/var/hpq/:/bin/false gaurav@ubuntu:~$
Note: To move the contents from the old home directory to the new directory you have to use
-m. Use the syntax as shown below.
sudo usermod -m -d [new_directory_path] [username]
Changing the Uid (User Identifier) of a User
Uid (User Identifier) is the unique numerical value assigned to every user by Linux. The system identifies the user with a unique
uid assigned to it. UID zero is assigned to the root user.
You can change the UID of a user using the command below.
sudo usermod -u [new_UID] user
Checking the current uid for the user batman using the
id [user] command.
gaurav@ubuntu:~$ id batman uid=1000(batman) gid=4(adm) groups=4(adm),30(dip)
The uid of the batman is now 1000. Let’s change it to 536 using the
gaurav@ubuntu:~$ sudo usermod -u 536 batman [sudo] password for gaurav: gaurav@ubuntu:~$
Now, lets again check the uid of the user batman using the
id [user] command
gaurav@ubuntu:~$ id batman uid=536(batman) gid=4(adm) groups=4(adm),30(dip) gaurav@ubuntu:~$
Here we can see that the uid of the user batman is changed from 1000 to 536 using the
usermod -u command.
Adding Personal Comments With The User Account
Let’s take an example of the user ‘batman’. This user is working in a big office and he has recently changed his work phone number and desk number. So he can add these modified details to his user account by using the
usermod -c command.
sudo usermod -c "Your comment" User
gaurav@ubuntu:~$ sudo usermod -c "Tony Stark, 405, 95985475" batman gaurav@ubuntu:~$ sudo grep 'batman' /etc/passwd batman:x:536:4:Tony Stark, 405, 95985475:/var/hpq/:/bin/false gaurav@ubuntu:~$
The changes will be reflected in the
Locking/Disabling the Users
If you wish to restrict access to the system for a certain user you can do so by locking the password of that particular user. So even if the user tries to log in with the password he will not be granted access to the system.
! symbol will be added in front of the encrypted password of the user in the
/etc/shadow file, meaning the password is disabled.
sudo usermod -L [user]
gaurav@ubuntu:~$ sudo usermod -L batman gaurav@ubuntu:~$ sudo grep batman /etc/shadow batman:!:17612:0:99999:7::: gaurav@ubuntu:~$
Unlocking/Enabling the Users
You can easily unlock/enable the password of a user who was previously disabled. You can check the
/etc/shadow file for the change.
! symbol will be removed from the user’s encrypted password.
sudo usermod -U [user]
gaurav@ubuntu:~$ sudo usermod -U batman gaurav@ubuntu:~$ sudo grep batman /etc/shadow batman:t:18511:0:99999:7::: gaurav@ubuntu:~$
Changing the User Shell
The GNU/Linux shell is a special interactive utility. It provides a way for users to start programs, manage files on the filesystem, and manage processes running on the Linux system. The shell contains a set of internal commands that you use to control things such as copying files, moving files, renaming files, displaying the programs currently running on the system, and stopping programs running on the system.
You can change the user of the shell using
usermod -s command. Use the below-given syntax.
sudo usermod -s /bin/sh [user]
gaurav@ubuntu:~$ sudo usermod -s /bin/sh batman [sudo] password for gaurav: gaurav@ubuntu:~$ grep batman /etc/passwd batman:x:536:4:This is my demo account:/var/www/:/bin/sh
You can verify the change using
grep command as shown in the output above.
Set User Expiry Date
If you want a certain user account to be used for only a specific period of time then you can set an expiry date on that user account. The expiry date is put in the format of
usermod -e [YYYY-MM-DD] [User]
To check the current expiry date of the account, use the
chage -l [user] command.
gaurav@ubuntu:~$ sudo chage -l batman [sudo] password for gaurav: Last password change : Sep 06, 2020 Password expires : never Password inactive : never Account expires : never Minimum number of days between password change : 0 Maximum number of days between password change : 99999 Number of days of warning before password expires : 7 gaurav@ubuntu:~$
In the above output, we can see that currently the expiry date of the user batman is not set. Now we will use the
usermod -e command to set the expiry date for the user batman.
sudo usermod -e 2022-06-19 batman
Now we will check the status of the user expiry date again using the
chage -l [user] command.
gaurav@ubuntu:~$ sudo chage -l batman [sudo] password for gaurav: Last password change : Sep 06, 2020 Password expires : never Password inactive : never Account expires : Jun 19, 2022 Minimum number of days between password change : 0 Maximum number of days between password change : 99999 Number of days of warning before password expires : 7 gaurav@ubuntu:~$
In this way, we have set an expiry date to the user account ‘batman’ as Jun 19, 2022.
In this tutorial, we have seen the applications of the
usermod command to modify the basic user account data in a comprehensive way. Feel free to reach out to us in case we missed something.
Check out our other articles below to learn more about Tech. Happy Learning !