Options userdel, usermod, groupadd, groupdel and groupmod - Administration
Why can SetUID programs be a bad thing? What happens if you forget to add the home directory for a user? Get answers to these and other questions in this, part 2 of Managing Users from the book Linux Administration, A Beginner's Guide, third edition by Steven Graham and Steve Shah (McGraw-Hill/Osborne, 0072225629, 2002). See this link for Part 1.
userdel does the exact opposite of useraddóit removes existing users. This straightforward command has only one optional parameter and one required parameter:
userdel [-r] username
By running the command with only the userís login specified on the command line, for example, userdel sshah, all of the entries in the /etc/passwd and /etc/shadow files, and references in the /etc/group file, are automatically removed. By using the optional parameter (for example, userdel -r sshah) all of the files owned by the user in their home directory are removed as well.
usermod allows you to modify an existing user in the system. It works in much the same way as useradd. The exact command-line usage is as follows:
Every option you specify when using this command results in that particular parameter being changed about the user. All but one of the parameters listed here are identical to the parameters documented for the useradd program. That one option is -l.
The -l option allows you to change the userís login name. This and the -u option are the only options that require special care. Before changing the userís login or UID, you must make sure the user is not logged in to the system or running any processes. Changing this information if the user is logged in or running processes will cause unpredictable results.
Hereís an example of using usermod to change user hdc so that their comment field reads H.D. Core instead of H.D.C:
[root@ford /root]# usermod -c "H.D. Core" hdc
The group commands are similar to the user commands; however, instead of working on individual users, they work on groups listed in the /etc/group file. Note that changing group information does not cause user information to be automatically changed. For example, if you remove a group whose GID is 100 and a userís default group is specified as 100, the userís default group would not be updated to reflect the fact that the group no longer exists.
The groupadd command adds groups to the /etc/group file. The command-line options for this program are as follows:
groupadd [-g gid] [-r] [-f] group
Table 5-2 shows command options and their descriptions.
Specifies the GID for the new group as gid. By default, this value is automatically chosen by finding the first available value.
By default, Red Hat searches for the first GID that is higher than 499. The
-r options tell groupadd that the group being added is a system group and should have the first available GID under 499.
When adding a new group, Red Hat Linux will exit without an error if the specified group to add already exists. By using this option, the program will not change the group setting before exiting. This is useful in scripting cases where you want the script to continue if the group already exists.
This option is required. It specifies the name of the group you want to add to be group.
Table 5-2 groupadd Commands and Options
Suppose, for example, that you want to add a new group called research with the GID 800. To do so, you would type the following command:
[root@ford /root]# groupadd -g 800 research
Even more straightforward than userdel, the groupdel command removes existing groups specified in the /etc/group file. The only usage information needed for this command is:
where group is the name of the group to remove. For example, if you wanted to remove the research group, you would issue this command:
[root@ford /root]# groupdel research
The groupmod command allows you to modify the parameters of an existing group. The options for this command are:
groupmod -g gid -n group-name group
where the -g option allows you to change the GID of the group, and the -n option allows you to specify a new name of a group. Additionally, of course, you need to specify the name of the existing group as the last parameter.
For example, if the superman research group wanted to change its name to batman, you would issue the following command:
[root@ford /root]# groupmod -n batman superman
This chapter is from Linux Administration, A Beginner's Guide, third edition, by Graham and Shah. (McGraw-Hill/Osborne, 2002, ISBN: 0072225629). Check it out at your favorite bookstore today.