Chapter 4. User, Group and Permission

Usermod (Modify User Account Information)

Usermod (Modify User Account Information)
Tag:
course iconBack to the course page

The usermod (USER MODify) command is used to modify the user profile. The user profile includes Primary Group, Secondary Groups, user ID, user comment, and home directory path, etc.

Check the user status

When you change your user profile, you need to check the status. The /etc/passwd file contains most user profile data but it doesn't include the Secondary Groups that the user belongs to. To have a comprehensive view, you need to run the groups or id command or check the /etc/group file.

1. check user information

There are several ways to check the /etc/passwd file.

  • grep [user name] /etc/passwd
  • getent passwd [user name]
  • cat /etc/passwd

As the cat command shows all data contained in the document, the grep or getent commands are more efficient.

For example, to check user_a's user information, you can run one of the commands below.

Command Line - INPUT
grep user_a /etc/passwd

Or

getent passwd user_a

You'll get the information shown below.

Command Line - RESPONSE
user_a:x:1001:1001::/home/user_a:/bin/sh

This result shows the following

  • User ID: 1001
  • Primary Group ID: 1001
  • User comment: n/a
  • Home Directory Path: /home/user_a
  • Default Shell: /bin/sh

2. check group information

There are several ways to check all groups the user is belongs to.

  • groups [user name]
  • id [user name]
  • check /etc/group file by the grep, getent or cat command

Running the groups or id command is a quicker way to get the necessary information.

For example, to check user_a's group information, you can run the groups command as shown below.

Command Line - INPUT
groups user_a
Command Line - RESPONSE
user_a : user_a

This result shows that user_a only belongs to its Private Group.

Change User Primary Group (-g option)

To change the user's Primary Group, run the usermod -g [group ID or name] [user name] command as the superuser. For example, to change user_a's primary group to group_a, run the command below.

Command Line - INPUT
sudo su -

usermod -g group_a user_a

To check the primary group status, run the command below.

Command Line - INPUT
grep user_a /etc/passwd

You can see that the Primary Group ID became 1003, which is group_a's group ID.

Command Line - RESPONSE
user_a:x:1001:1003::/home/user_a:/bin/sh

Add to a Secondary Group (-aG option)

To add a new group, run the command of usermod -aG [group ID or name] [user name] as the superuser. For example, to add a sudo group to user_a's Secondary Group, run the command below.

Command Line - INPUT
usermod -aG sudo user_a

To check the group status, run the groups command.

Command Line - INPUT
groups user_a

You can see that a sudo group is added to user_a's Secondary Group.

Command Line - RESPONSE
user_a : group_a sudo

IMPORTANT

If you use only the -G option, you'll overwrite the existing group setting. This means that you may mistakenly erase the existing setting and override it. Unless you want to list all groups for the user, use the -aG option.
To list all groups in the -G option, you can connect group names with, (comma) shown below.

Command Line - INPUT
usermod -G group_a,group_b,group_c user_a

By running the groups command, you can see that group_a, group_b, and group_c are added while the sudo group is removed.

Command Line - INPUT
groups user_a
Command Line - RESPONSE
user_a : group_a group_b group_c

Change User ID (-u option)

To change the user ID, run the usermod -u [user ID] [user name] command as the superuser. For example, to change user_a's user ID to 2001, run the command below.

Command Line - INPUT
usermod -u 2001 user_a

To check user_a's user ID, check the /etc/passwd file. You can see that the user ID has changed to 2001.

Command Line - INPUT
grep user_a /etc/passwd
Command Line - RESPONSE
user_a:x:2001:1003::/home/user_a:/bin/sh

Change User Comment (-c option)

To change the user comment, run the usermod -c ["Comment"] [User name] command as the superuser. For example, to change user_a's comment to "comment for user_a", run the command below.

Command Line - INPUT
usermod -c "comment for user_a" user_a

To check user_a's user comment, check the /etc/passwd file. You can see that the new comment has been added to the file.

Command Line - INPUT
grep user_a /etc/passwd
Command Line - RESPONSE
user_a:x:2001:1002:comment for user_a:/home/user_a:/bin/sh

Note: comment is usually used for the user’s full name or other additional information relating to the user.

Change User Home Directory (-d option)

To change the user's home directory, run the usermod -d [directory path] [user name] command as the superuser. For example, to change user_a's home directory to /home/normal_users/user_a, run the command below.

Command Line - INPUT
mkdir -p /home/normal_user/user_a
usermod -d /home/normal_user/user_a user_a

To check user_a's home directory path, switch to user_a and run the cd and pwd command. You can see that the home directory path has changed.

Command Line - INPUT
su user_a

cd ~
pwd
Command Line - RESPONSE
/home/normal_user/user_a

The usermod (USER MODify) command is used to modify the user profile. The user profile includes Primary Group, Secondary Groups, user ID, user comment, and home directory path, etc.

Check the user status

When you change your user profile, you need to check the status. The /etc/passwd file contains most user profile data but it doesn't include the Secondary Groups that the user belongs to. To have a comprehensive view, you need to run the groups or id command or check the /etc/group file.

1. check user information

There are several ways to check the /etc/passwd file.

  • grep [user name] /etc/passwd
  • getent passwd [user name]
  • cat /etc/passwd

As the cat command shows all data contained in the document, the grep or getent commands are more efficient.

For example, to check user_a's user information, you can run one of the commands below.

Command Line - INPUT
grep user_a /etc/passwd

Or

getent passwd user_a

You'll get the information shown below.

Command Line - RESPONSE
user_a:x:1001:1001::/home/user_a:/bin/sh

This result shows the following

  • User ID: 1001
  • Primary Group ID: 1001
  • User comment: n/a
  • Home Directory Path: /home/user_a
  • Default Shell: /bin/sh

2. check group information

There are several ways to check all groups the user is belongs to.

  • groups [user name]
  • id [user name]
  • check /etc/group file by the grep, getent or cat command

Running the groups or id command is a quicker way to get the necessary information.

For example, to check user_a's group information, you can run the groups command as shown below.

Command Line - INPUT
groups user_a
Command Line - RESPONSE
user_a : user_a

This result shows that user_a only belongs to its Private Group.

Change User Primary Group (-g option)

To change the user's Primary Group, run the usermod -g [group ID or name] [user name] command as the superuser. For example, to change user_a's primary group to group_a, run the command below.

Command Line - INPUT
sudo su -

usermod -g group_a user_a

To check the primary group status, run the command below.

Command Line - INPUT
grep user_a /etc/passwd

You can see that the Primary Group ID became 1003, which is group_a's group ID.

Command Line - RESPONSE
user_a:x:1001:1003::/home/user_a:/bin/sh

Add to a Secondary Group (-aG option)

To add a new group, run the command of usermod -aG [group ID or name] [user name] as the superuser. For example, to add a sudo group to user_a's Secondary Group, run the command below.

Command Line - INPUT
usermod -aG sudo user_a

To check the group status, run the groups command.

Command Line - INPUT
groups user_a

You can see that a sudo group is added to user_a's Secondary Group.

Command Line - RESPONSE
user_a : group_a sudo

IMPORTANT

If you use only the -G option, you'll overwrite the existing group setting. This means that you may mistakenly erase the existing setting and override it. Unless you want to list all groups for the user, use the -aG option.
To list all groups in the -G option, you can connect group names with, (comma) shown below.

Command Line - INPUT
usermod -G group_a,group_b,group_c user_a

By running the groups command, you can see that group_a, group_b, and group_c are added while the sudo group is removed.

Command Line - INPUT
groups user_a
Command Line - RESPONSE
user_a : group_a group_b group_c

Change User ID (-u option)

To change the user ID, run the usermod -u [user ID] [user name] command as the superuser. For example, to change user_a's user ID to 2001, run the command below.

Command Line - INPUT
usermod -u 2001 user_a

To check user_a's user ID, check the /etc/passwd file. You can see that the user ID has changed to 2001.

Command Line - INPUT
grep user_a /etc/passwd
Command Line - RESPONSE
user_a:x:2001:1003::/home/user_a:/bin/sh

Change User Comment (-c option)

To change the user comment, run the usermod -c ["Comment"] [User name] command as the superuser. For example, to change user_a's comment to "comment for user_a", run the command below.

Command Line - INPUT
usermod -c "comment for user_a" user_a

To check user_a's user comment, check the /etc/passwd file. You can see that the new comment has been added to the file.

Command Line - INPUT
grep user_a /etc/passwd
Command Line - RESPONSE
user_a:x:2001:1002:comment for user_a:/home/user_a:/bin/sh

Note: comment is usually used for the user’s full name or other additional information relating to the user.

Change User Home Directory (-d option)

To change the user's home directory, run the usermod -d [directory path] [user name] command as the superuser. For example, to change user_a's home directory to /home/normal_users/user_a, run the command below.

Command Line - INPUT
mkdir -p /home/normal_user/user_a
usermod -d /home/normal_user/user_a user_a

To check user_a's home directory path, switch to user_a and run the cd and pwd command. You can see that the home directory path has changed.

Command Line - INPUT
su user_a

cd ~
pwd
Command Line - RESPONSE
/home/normal_user/user_a
Tag:
course iconBack to the course page
check recently viewed topics (history)
history
check bookmarked topics
Library
give rating and feedback
rating
share a URL via email or chat app
Share
check recently viewed topics (history)
history
check bookmarked topics
Library
give rating and feedback
rating
share a URL via email or chat app
Share