Modifying User Accounts

If you need to make changes to an existing user account, such as changing the login or UID, updating the GECOS data, or home directory, use usermod and chfn.

Anything and everything is modifiable, including the login name and UID. To change the login, list first the new login name, then the old one:

# usermod -l aborg anitab

The following command changes the UID—in this example, from the original 1050 to 1200—without changing the login name. Name the new UID first, then the login:

# usermod -u 1200 anitab

Group memberships are not changed. All files in the user’s home directory will automatically be updated with the new UID. However, you must hunt down and change any files outside the user’s home directory, such as crontabs, mail directories, /tmp files, and files in shared directories. You can hunt them down with find, searching for the original UID, if you want to review them before making changes:

# find / -uid 1050
/usr/src/include/lber.h
/usr/src/include/ldap.h
/usr/src/include/ldbm.h

Use chown to update ownership of the files:

# chown 1200 /usr/src/include/lber.h

Doing this one file at a time can be rather tedious. chown and find can do the work for you:

# find / -uid 1050 -exec chown -v 1200 { } \;
changed owner of `/usr/src/include/lber.h’ to 1200
changed owner of `/usr/src/include/ldap.h’ to 1200
changed owner of `/usr/src/include/ldbm.h’ to 1200

The following command moves the user’s home directory, and its contents, to a different location. It will create the new directory if it does not already exist. Name the new directory first, then the login name. Be sure to use both the -d and -m flags:

# usermod -d /server1/home/aborg/ -m aborg

To change a user’s GECOS information use:

# chfn aborg

Users can change their own GECOS data with chfn, with the exception of the full name and “other” fields, which only the superuser can edit.

It is better not to change the login and UID, as changing these has system-wide repercussions. If you do, remember to hunt down all the files belonging to the user, change the name on the user’s home directory, and update group memberships.

You can make find verify each change by substituting the -ok flag for -exec, rather than letting it make all the changes automatically:

# find / -uid 1050 -ok chown -v 1200 { } \;

This will prompt you to approve each change.

This particular use of find is endlessly useful. The -exec or -ok options tell find to execute the command that follows. { } is replaced by the current file being processed. The semicolon tells find where the chown command stops, and the backslash escapes the semicolon so it isn’t gobbled by the shell.