Modifying User Accounts

Modify existing Linux accounts with usermod

To change any of the attributes associated with a user or system account on a Linux system you can use the command "usermod".

Usermod Command Examples

The basic syntax of the usermod command is: usermod option userid

Adding additional groups to an exiting account

usermod -a -G group1,group2,group3 userid

[root@fedsrv01a ~]# id testuser
uid=1001(testuser) gid=1004(testuser) groups=1004(testuser)

[root@fedsrv01a ~]# groups testuser
testuser : testuser

[root@fedsrv01a ~]# usermod -a -G group1,group2,group3 testuser

[root@fedsrv01a ~]# id testuser
uid=1001(testuser) gid=1004(testuser) groups=1004(testuser),1001(group1),1002(group2),1003(group3)

[root@fedsrv01a ~]# groups testuser
testuser : testuser group1 group2 group3

In the above example we added the additional groups "group1,group2 and group3" to the account "testuser". We used the commands "id" and "groups" to verify that the user now has the additional groups. Note, the "-a" option can only be used in conjunction with the "-G" option.

Change a Users Home Directory

usermod -d /new/home userid

root@john-desktop:/home# grep testuser /etc/passwd

root@john-desktop:/home# usermod -d /home/new testuser

root@john-desktop:/home# grep testuser /etc/passwd

In the above example the user "testuser" had its home directory changed from "home/testuser" to "/home/new". The "-d" option is used to specify a change of directory.

Usermod available options

-b, --badnames allow bad names
-c, --comment COMMENT new value of the GECOS field
-d, --home HOME_DIR new home directory for the user account
-e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE -f, --inactive INACTIVE set password inactive after expiration to INACTIVE -g, --gid GROUP force use GROUP as new primary group -G, --groups GROUPS new list of supplementary GROUPS -a, --append append the user to the supplemental GROUPS mentioned by the -G option without removing the user from other groups -h, --help display this help message and exit -l, --login NEW_LOGIN new value of the login name -L, --lock lock the user account -m, --move-home move contents of the home directory to the new location (use only with -d) -o, --non-unique allow using duplicate (non-unique) UID -p, --password PASSWORD use encrypted password for the new password -R, --root CHROOT_DIR directory to chroot into -P, --prefix PREFIX_DIR prefix directory where are located the /etc/* files -s, --shell SHELL new login shell for the user account -u, --uid UID new UID for the user account -U, --unlock unlock the user account -v, --add-subuids FIRST-LAST add range of subordinate uids -V, --del-subuids FIRST-LAST remove range of subordinate uids -w, --add-subgids FIRST-LAST add range of subordinate gids -W, --del-subgids FIRST-LAST remove range of subordinate gids -Z, --selinux-user SEUSER new SELinux user mapping for the user account