Useradd has certain defaults that may be either displayed or modified by invoking the command with the -D option. (Display only if no other options are provided; otherwise, the options are set as specified.)
-bdefault_home | Specify an initial path for new home directories. |
-edefault_expire_date | Specify a new account expiration date. |
-fdefault_inactive | Specify the number of days to wait after a password expired before cancelling an account. |
-gdefault_group | Specify a default group for new users. |
-sdefault_shell | Specify a new user's default login shell. |
userdel
[-r] login
Delete the specified login account. All entries pertaining to the specified user are deleted from system account files.
Example: To remove the user postalguy from the system, enter
userdel postalguy
Example: To remove all traces of the user postalguy from the system, use
userdel -r postalguy
User identities should be deleted with caution. Even if you're sure the person isn't coming back, the files they owned will continue to exist on the system. |
Why do you care? Those files still contain the former user's UID number in their inode as the owner of the file. Say three months go by and you've forgotten all about the user bob whom you deleted. You stumble on a file that used to be owned by Bob in some arcane corner of the filesystem. The ls command will be unable to print Bob's username for the file because bob no longer exists in the /etc/passwd file.
Worse still, once a UID has been deleted from the /etc/passwd file, it is back in the pool of new user identities. Say another month or two go by and you create a new user named susie. By luck of the draw, she happens to get the UID that formerly belonged to Bob.
Now she effectively owns all of bob's files that were left lying around.
In general, it's safer to just disable the login.
-r | Scorched earth option. Remove all files in the user's home directory, as well as the directory itself. |
usermod
[-c comment] [-d home_dir [ -m]] [-e expire_date] [-f inactive_time] [-g initial_group] [-G group[, ]] [-l login_name] [-s shell] [-u uid [ -o]] login
This command enables the user to modify information contained in system account files.
Example: To change user Ajita's home directory to /home/chemdept, enter
usermod -d /home/chemdept ajita
Example: To change user jlee's login shell to the tc shell, use
usermod -s /bin/tcsh jlee
-ccomment | Change the comment field as specified. |
-dhome_dir | Change the login directory to the specified value. |
-eexpire_date | Change the account expiration date as specified. |
-finactive_days | Specify the number of days to wait after the account password expires before permanently disabling the account. |
-ginitial_group | Specify a new initial login group. |
-Ggroup,[...] | Specify a list of additional groups of which the user is a member. |
-llogin_name | Specify a new login name. |
-sshell | Specify a new login shell. |
-uuid | Specify a new numeric user ID. |
users
[FILE]
Display a list of users currently logged on.
Example: This command has no real options. To use it, enter
users
FILE | Tell the command to look in a file other than wtmp for the necessary information. |
--help | Display usage information and exit. |
--version | Display version information and exit. |
who
[OPTION] [FILE] [am i]
Display information about the users currently logged in. With no options, the display includes login name, terminal line, login time, remote hostname, or X display.
Example: To find out who's logged into the system, enter
who
FILE | If present, who will use this as the source for users logged on rather than /etc/wtmp. |
-m | Same as "who am i". |
-q, -count | Display only the count of users logged on and their login names. |
-s | No effect; included for compatibility. |
-i, -u, -idle | Include idle time in display. "." in the idle time field means that the user has been active in the last minute; "old" means they have been idle for more than 24 hours. |
-H, -heading | Print a line of column headings. |
-w, -T, -mesg, -message, -writable | After each login name, print a character indicating the user's message status: |
| + Allowing "write" messages - Disallowing "write" messages ? Cannot find terminal device |