Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
usermod(1M)							   usermod(1M)

       usermod - modify	a user's login information on the system

       usermod	[  -u uid  [-o]] [-g group] [ -G group [ , group...]] [	-d dir
       [-m]] [-s shell]	[-c comment] [-l new_name]  [-f	inactive]  [-e expire]
       [-A  authorization   [,	authorization]]	 [-P profile  [, profile]] [-R
       role  [,	role]] [-K key=value] login

       The usermod utility modifies a user's login definition on  the  system.
       It  changes  the	definition of the specified login and makes the	appro-
       priate login-related system file	and file system	changes.

       The system file entries created with this command have a	limit  of  512
       characters  per	line. Specifying long arguments	to several options may
       exceed this limit.

       The following options are supported:

       -A authorization	       One or more comma separated  authorizations  as
			       defined	in  auth_attr(4).  Only	a user or role
			       who has grant rights to the  authorization  can
			       assign  it to an	account. This replaces any ex-
			       isting authorization setting. If	no  authoriza-
			       tion list is specified, the existing setting is

       -c comment	       Specify a comment string. comment  can  be  any
			       text  string.  It is generally a	short descrip-
			       tion of the login, and is currently used	as the
			       field  for  the user's full name. This informa-
			       tion is stored in the user's /etc/passwd	entry.

       -d dir		       Specify the new home directory of the user.  It
			       defaults	 to  base_dir/login, where base_dir is
			       the base	directory for new login	home  directo-
			       ries, and login is the new login.

       -e expire	       Specify	the expiration date for	a login. After
			       this date, no user will be able to access  this
			       login. The expire option	argument is a date en-
			       tered using one of the date formats included in
			       the   template	file  /etc/datemsk.  See  get-

			       For example, you	may enter 10/6/90  or  October
			       6, 1990.	A value	of `` '' defeats the status of
			       the expired date.

       -f inactive	       Specify the maximum number of days allowed  be-
			       tween  uses  of a login ID before that login ID
			       is declared invalid. Normal values are positive
			       integers. A value of 0 defeats the status.

       -g group		       Specify an existing group's integer ID or char-
			       acter-string name. It redefines the user's pri-
			       mary group membership.

       -G group		       Specify an existing group's integer "ID"	"," or
			       character string	name. It redefines the	user's
			       supplementary  group membership.	Duplicates be-
			       tween group with	the -g and -G options are  ig-
			       nored.  No more than NGROUPS_UMAX groups	may be
			       specified as defined in <param.h>.

       -K key=value	       Replace existing	or add to a  user's  key=value
			       pair  attributes.  Multiple  -K	options	may be
			       used  to	 replace  or  add  multiple  key=value
			       pairs.	The  generic -K	option with the	appro-
			       priate key may be used instead of the  specific
			       implied	key  options  (-A,  -P,	 -R,  -p). See
			       user_attr(4) for	 a  list  of  valid  key=value
			       pairs.  The  "type"  key	is not a valid key for
			       this option. Keys may not be repeated. Specify-
			       ing  a key= without a value removes an existing
			       key=value pair. The  "type"  key	 may  only  be
			       specified  without  a  value or with the	"role"
			       value for this option.  Specifying  the	"type"
			       key  without  a	value  leaves the account as a
			       normal user, with  the  "role"  value  changing
			       from  a	normal	user to	a role user. As	a role
			       account,	no roles (-R or	 roles=value)  may  be

       -l new_logname	       Specify	the  new  login	name for the user. The
			       new_logname argument is a string	no  more  than
			       eight  bytes  consisting	of characters from the
			       set of alphabetic characters,  numeric  charac-
			       ters,  period  (.),  underline  (_), and	hyphen
			       (-). The	first character	should	be  alphabetic
			       and the field should contain at least one lower
			       case alphabetic character.  A  warning  message
			       will  be	 written if these restrictions are not
			       met.  A future Solaris release  may  refuse  to
			       accept  login fields that do not	meet these re-
			       quirements. The new_logname argument must  con-
			       tain  at	 least one character and must not con-
			       tain a colon (:)	or NEWLINE (\n).

       -m		       Move the	user's home directory to the  new  di-
			       rectory	specified  with	 the -d	option.	If the
			       directory already exists, it must have  permis-
			       sions  read/write/execute by group, where group
			       is the user's primary group.

       -o		       This option allows the specified	UID to be  du-
			       plicated	(non-unique).

       -P profile	       One or more comma-separated rights profiles de-
			       fined in	prof_attr(4).  This replaces  any  ex-
			       isting  profile	setting. If no profile list is
			       specified, the existing setting is removed.

       -R role		       One  or	 more	comma-separated	  roles	  (see
			       roleadd(1M)).  This  replaces any existing role
			       setting.	 If no role list is specified, the ex-
			       isting setting is removed.

       -s shell		       Specify	the  full pathname of the program that
			       is used as the user's shell on login. The value
			       of shell	must be	a valid	executable file.

       -u uid		       Specify	a  new	UID for	the user. It must be a
			       non-negative decimal integer less  than	MAXUID
			       as  defined  in	<param.h>.  The	UID associated
			       with the	user's home directory is not  modified
			       with  this  option; a user will not have	access
			       to their	home directory until the UID is	 manu-
			       ally reassigned using chown(1).

       The following operands are supported:

       login	An existing login name to be modified.

       In case of an error, usermod prints an error message and	exits with one
       of the following	values:

       2	The command syntax was invalid.	A usage	message	for the	 user-
		mod command is displayed.

       3	An invalid argument was	provided to an option.

       4	The uid	given with the -u option is already in use.

       5	The password files contain an error. pwconv(1M)	can be used to
		correct	possible errors. See passwd(4).

       6	The login to be	modified does not exist, the  group  does  not
		exist, or the login shell does not exist.

       8	The login to be	modified is in use.

       9	The new_logname	is already in use.

       10	Cannot update the /etc/group or	/etc/user_attr file. Other up-
		date requests will be implemented.

       11	Insufficient space to move the	home  directory	 (-m  option).
		Other update requests will be implemented.

       12	Unable	to  complete the move of the home directory to the new
		home directory.

       /etc/group	       system file containing group definitions

       /etc/datemsk	       system file of date formats

       /etc/passwd	       system password file

       /etc/shadow	       system file containing users'  encrypted	 pass-
			       words and related information

       /etc/user_attr	       system file containing additional user and role

       See attributes(5) for descriptions of the following attributes:

       |      ATTRIBUTE	TYPE	     |	    ATTRIBUTE VALUE	   |
       |Availability		     |SUNWcsu			   |
       |Interface Stability	     |Evolving			   |

       chown(1),  passwd(1),  users(1B),  groupadd(1M),	 groupdel(1M),	group-
       mod(1M),	logins(1M), pwconv(1M),	roleadd(1M), roledel(1M), rolemod(1M),
       useradd(1M), userdel(1M),  getdate(3C),	auth_attr(4),  passwd(4),  at-

       The  usermod  utility  modifies	passwd	definitions  only in the local
       /etc/passwd and /etc/shadow files. If a network nameservice such	as NIS
       or NIS+ is being	used to	supplement the local files with	additional en-
       tries, usermod cannot change information	supplied by the	network	 name-
       service.	 However  usermod  will	verify the uniqueness of user name and
       user ID against the external nameservice.

       The  usermod  utility  uses  the	 /etc/datemsk  file,  available	  with
       SUNWaccr, for date formatting.

				  1 Jul	2004			   usermod(1M)


Want to link to this manual page? Use this URL:

home | help