Usermod command

The usermod command changes the system account files to reflect the changes which are specified on the command line.

Syntax

Usermod [options] login

The options that apply to the usermod command are as given below:

-c comment

-c comment specifies new data about the user's password file comment field.

-d home_dir

This denotes the user's new login directory.  The contents of the current home directory will be moved to the new home directory if the -m option is provided, that is created if it does not exist already.

-e expire_date

This specifies the date on that the user's account will be disabled. The date is specified in the format YYYY- MM-DD.

-f inactive_days

This specifies the number of days for that the account will remain inactive after the password expires until the account is permanently disabled. The value of 0 disables the account as soon as the password expires and a value of -1 disables these characteristics. The default value is -1.

-g initial_group

-g initial group specifies the group name or number of the user's new initial login group. The group names have to be existing. A group number have to be refer to an already existing group. A default group number is 1.

-G group,[...]

This denotes a list of supplementary groups to that the user belongs. Every group is divided from the next through a comma, with no intervening whitespace. The groups are subject to the similar restrictions as the group given with the -g option.  The user will be removed from the group if the user is currently a member of a group that is not listed.

-l login_name

This is used to modify the name of the user from login to login_name. In exacting, the user's home directory name should possibly be modified to reflect the new login name.

-s shell

This is used to identify the name of the user's new login shell. By setting this field to blank causes the system to select the default login shell.

-u uid

This specifies the numerical value of the user's ID.This value must be unique, unless the -o option is used. The value must be non-negative. Values among 0 and 499 are typically reserved for system accounts. Any files in that the user owns which are located in the directory tree rooted at the user's home directory will have the file user ID modified automatically.   Files which are outside the user's home directory must be altered manually.

-L

This option locks a user's password.  This puts a '!'  in front of  the  encrypted  password and efficiently disables it.

-U

This option is used to unlock a user's password. This removes the '!' in front of the encrypted password.

Note:  usermod   does   not   permit   the   name   of   a   user   who is   logged   in   to   be   modified.   It   should   be ensured which the named user is not executing any procedure when this command is issued. The owner of any crontab files should be modified manually.   Modification   including   NIS   should   be   made   on   the   NIS server.

Associative files to be updated whenever the usermod command is used are

/etc/passwd - user account information

/etc/shadow - it secure user account information

/etc/group - group information

Practice 

# usermod - G 515,517 raja

# usermod - s /bin/bash sudha

# usermod - l ravi

# usermod - u ravi

The given command will change user raja through adding two secontary groups. For user sudha we are modifying the default login shell to bash. By using the usermod unlocking and locking the user ravi.