Explanation of usermod, chage, userdel and ID commands for Linux user management

Time:2021-8-23

In the previous chapter, we learned how to useuseraddAdd a new user withpasswdSet and modify passwords for users. However, if you shake your hand and accidentally add the wrong user information, or need to modify the user information, what should you do?

As mentioned earlier, we can modify it manually/etc/passwdas well as/etc/shadowFile to add a user, then manually modify the file, of course, you can also modify the user information. But today I’m going to explain how to use LinuxusermodCommand to modify user information.

1、 Modify user commandsusermod

The Linux usermod command can be used to modify various settings of the user account.

Useradd [options] user name

Common options of this command and their meanings are as follows:

  • -cModify the user’s description information, corresponding to modifying/etc/passwdThe fifth information of user information in the file
  • -dModify the user’s home directory, corresponding to modifying/etc/passwdTarget user information in file
  • -eModify the expiration date of the user in the format of “yyyy-mm-dd”, corresponding to the modification/etc/shadowThe 8th information of the file user password information
  • -gModify the user’s initial group, corresponding to modify/etc/passwdFourth message (GID) of file user information
  • -uModify the user’s uid, corresponding to modifying/etc/passwdThird information (uid) of file user information
  • -GModifying the user’s additional group is actually adding the user to other user groups, that is, modifying the / etc / group file;
  • -lModify the user name;
  • -LTemporary lock user (lock)
  • -UUnlock user, corresponding to – L
  • -sModify the login shell of the user. The default is / bin / bash

From the above parameters, it is the same as that explained in the previous chapteruseraddBy comparing the parameters of the command, the parameters of the two commands are the same. JustusermodCommand ratiouseraddMore-Land-UTwo parameters.

1. For example, I now want to lock the user created in the previous chaptertestuser:

$ usermod -L testuser

The essence of locking the user is to invalidate the user’s password so that it can’t log in, so let’s see/etc/shadowIn the password file, it is found that there is one more in front of the password bit of this user!number:

Explanation of usermod, chage, userdel and ID commands for Linux user management

2. Unlock user

Since users can be locked, users can also be unlocked:

$ usermod -U testuser

After executing the command, we’ll check it again/etc/shadowFile, before the password bit!It was cancelled.

3. Modify user description

$ usermod -c "modify user descript" testuser

Before modifying the user description, let’s take a look at the current user description:

$ grep "testuser" /etc/passwd

Explanation of usermod, chage, userdel and ID commands for Linux user management

After executing the command, let’s look at the user’s instructions:

Explanation of usermod, chage, userdel and ID commands for Linux user management

The user description has been successfully modified.

4. Add users to new groups

For example, we’re going totestuserAdd user to root group:

$ usermod -G root testuser

2、 To modify a user’s password status:chage

This command can be used not only to modify the user’s password status, but also topasswd -SCommand displays detailed user password information.

Chage [options] user name

Common options of this command and their meanings are as follows:

  • -mCorresponding to the minimum number of days that the password can be changed. When it is zero, it means that the password can be changed at any time/etc/shadow4th field in file
  • -MThe maximum number of days that the corresponding password remains valid:/etc/shadow5th field in file
  • -wCorresponding to the number of days before the user password expires, the warning message is received in advance/etc/shadow6th field in file
  • -E: the date the account expires. After that date, the account will not be available. corresponding/etc/shadow8th field in file
  • -dDate of last change, corresponding to:/etc/shadow3rd field in file
  • -i: stagnation period. If a password has expired for these days, this account will not be available/etc/shadow7th field in file
  • -l: lists the detailed password status of the user

Let’s check it firsttestuserPassword information for:

$ chage -l testuser

Explanation of usermod, chage, userdel and ID commands for Linux user management

The meaning of each message is as follows:

  • Last password change: last password modification time: June 18, 2020
  • Password expiresPassword expiration time: never
  • Password inactivePassword expiration time: never
  • Account expiresAccount expiration time: never
  • Minimum number of days between password change: minimum number of days between password changes: 0
  • Maximum number of days between password change: maximum number of days between two password changes: 99999
  • Number of days of warning before password expires: number of days to warn before password expires: 7
1. Modify password expiration time

I can modify the expiration time of my password through the following command and set it to expire in 60 days:

$ chage -M 60 testuser

Explanation of usermod, chage, userdel and ID commands for Linux user management

2. Set password expiration time

$ chage -i 5 testuser

It means that 5 days after the password expires, the password will automatically expire, and the user will not be able to log in to the system.

Explanation of usermod, chage, userdel and ID commands for Linux user management

3. The chat command also has a hard core function, which can force the user to change the password after logging in for the first time, and use the new password to log in to the system again, so that the user can use it normally

We create a new usertestuser2, and then set its password creation date to January 1, 1970:

#Create user
$ useradd testuser2

#Set password 123456
$ echo "123456" | passwd --stdin testuser2

#Set the password creation date to January 1, 1970
$ chage -d 0 testuser2

After execution, we usetestuser2The user logs in to the system and prompts to change the password:

Explanation of usermod, chage, userdel and ID commands for Linux user management

3、 Delete user command:userdel

userdelThe command is very simple to use. It is used to delete the relevant data of the user account.

Userdel [option - R] username

If not-rParameter, only the user account is deleted without deleting the user host directory, and the user directory will become a directory without owner and group, that is, a garbage file.

For example, delete them separatelytestuseras well astestuser2User:

#Delete the testuser without adding the - R parameter
$ userdel testuser

#Delete the testuser2 user and add the - R parameter
$ userdel -r testuser2

Explanation of usermod, chage, userdel and ID commands for Linux user management

As you can see, deletetestuserNo-rParameter, after executing the command, the user’s host directory is reserved.

4、 To view the user’s uid and GID commands:id

idThe command is simple. You can query the user’s uid, GID and additional group information:

ID user name

For example, vieweddyUser’s:

$ id eddy
$ uid=1009(eddy)  gid=1009  groups=1009

After executing the command, go to uid (user ID) and GID (initial group ID). Groups is the user’s group.

Now I puteddyUser joinrootGroup:

Explanation of usermod, chage, userdel and ID commands for Linux user management

It is found that there is one additional group information for this userrootGroup.

Today, I explained how to modify Linux user information, modify user password and delete users. The next chapter continues to explain other operation commands related to Linux users.

Explanation of usermod, chage, userdel and ID commands for Linux user management

Recommended Today

Swift advanced (XV) extension

The extension in swift is somewhat similar to the category in OC Extension can beenumeration、structural morphology、class、agreementAdd new features□ you can add methods, calculation attributes, subscripts, (convenient) initializers, nested types, protocols, etc What extensions can’t do:□ original functions cannot be overwritten□ you cannot add storage attributes or add attribute observers to existing attributes□ cannot add parent […]