usermod man page on SmartOS

Man page or keyword search:  
man Server   16655 pages
apropos Keyword Search (all sections)
Output format
SmartOS logo
[printable version]

USERMOD(1M)							   USERMOD(1M)

       usermod - modify a user's login information on the system

       usermod [-u uid [-o]] [-g group] [-G group [, group...]]
	    [-d dir [-m]] [-s shell] [-c comment] [-l new_name]
	    [-f inactive] [-e expire]
	    [-A authorization [, authorization]]
	    [-P profile [, profile]] [-R role [, role]]
	    [-K key=value] login

       The  usermod  utility modifies a user's login definition on the system.
       It changes the definition of the specified login and makes  the	appro‐
       priate login-related system file and file system changes.

       The  system  file entries created with this command have a limit of 512
       characters per line. Specifying long arguments to several options might
       exceed this limit.

       The following options are supported:

       -A authorization

	   One	 or   more   comma  separated  authorizations  as  defined  in
	   auth_attr(4).  Only a user or role who  has	grant  rights  to  the
	   authorization can assign it to an account. This replaces any exist‐
	   ing authorization setting. If no authorization list	is  specified,
	   the existing setting is removed.

       -c comment

	   Specify  a  comment	string.	 comment can be any text string. It is
	   generally a short description of the login, and is  currently  used
	   as  the  field for the user's full name. This information is stored
	   in the user's /etc/passwd entry.

       -d dir

	   Specify the	new  home  directory  of  the  user.  It  defaults  to
	   base_dir/login,  where base_dir is the base directory for new login
	   home directories, and login is the new login.

       -e expire

	   Specify the expiration date for a login. After this date,  no  user
	   will	 be able to access this login. The expire option argument is a
	   date entered using one of the date formats included in the template
	   file /etc/datemsk. See getdate(3C).

	   For	example,  you may enter 10/6/90 or October 6, 1990. A value of
	   `` '' defeats the status of the expired date.

       -f inactive

	   Specify the maximum number of days allowed between uses of a	 login
	   ID before that login ID is declared invalid. Normal values are pos‐
	   itive integers. A value of 0 defeats the status.

       -g group

	   Specify an existing group's integer ID or character-string name. It
	   redefines the user's primary group membership.

       -G group

	   Specify  an	existing  group's integer "ID" "," or character string
	   name. It  redefines	the  user's  supplementary  group  membership.
	   Duplicates between group with the -g and -G options are ignored. No
	   more than NGROUPS_UMAX  groups  may	be  specified  as  defined  in

       -K key=value

	   Replace existing or add to a user's key=value pair attributes. Mul‐
	   tiple -K options can be used to replace or add  multiple  key=value
	   pairs.   However,  keys must not be repeated. The generic -K option
	   with the appropriate key  can  be  used  instead  of	 the  specific
	   implied  key	 options (-A, -P, -R, -p). See user_attr(4) for a list
	   of valid keys. Values for these keys are usually found in man pages
	   or other sources related to those keys. For example, see project(4)
	   for guidance on  values  for	 the  project  key.  Use  the  command
	   ppriv(1)  with  the	-v and -l options for a list of values for the
	   keys defaultpriv and limitpriv.

	   The keyword type can be specified with the value role or the	 value
	   normal.  When using the value role, the account changes from a nor‐
	   mal user to a role; using the value normal keeps the account a nor‐
	   mal user.

	   As a role account, no roles (-R or roles=value) can be present.

       -l new_logname

	   Specify  the	 new  login  name  for the user. See passwd(4) for the
	   requirements for usernames.


	   Move the user's home directory to the new directory specified  with
	   the	-d  option. If the directory already exists, it must have per‐
	   missions read/write/execute by group, where	group  is  the	user's
	   primary group.


	   This option allows the specified UID to be duplicated (non-unique).

       -P profile

	   One	 or   more   comma-separated   rights	profiles   defined  in
	   prof_attr(4).  This	replaces  any  existing	 profile  setting   in
	   user_attr(4).  If  an empty profile list is specified, the existing
	   setting is removed.

       -R role

	   One or more comma-separated roles (see roleadd(1M)). This  replaces
	   any existing role setting. If no role list is specified, the exist‐
	   ing setting is removed.

       -s shell

	   Specify the full pathname of the program that is used as the user's
	   shell on login. The value of shell must be a valid executable file.

       -u uid

	   Specify  a  new UID for the user. It must be a non-negative decimal
	   integer less than MAXUID as defined in <param.h>. The  UID  associ‐
	   ated	 with  the  user's  home  directory  is not modified with this
	   option; a user will not have access to their home  directory	 until
	   the UID is manually reassigned using chown(1).

       The following operands are supported:


	   An existing login name to be modified.

       Example 1 Assigning Privileges to a User

       The  following  command adds the privilege that affects high resolution
       times to a user's initial, inheritable set of privileges.

	 # usermod -K defaultpriv=basic,proc_clock_highres jdoe

       This command results in the following entry in user_attr:


       Example 2 Removing a Privilege from a User's Limit Set

       The following command removes the privilege that allows	the  specified
       user to create hard links to directories and to unlink directories.

	 # usermod -K limitpriv=all,!sys_linkdir jdoe

       This command results in the following entry in user_attr:


       Example 3 Removing a Privilege from a User's Basic Set

       The  following  command removes the privilege that allows the specified
       user to examine processes outside the user's session.

	 # usermod -K defaultpriv=basic,!proc_session jdoe

       This command results in the following entry in user_attr:


       Example 4 Assigning a Role to a User

       The following command assigns a role to a user. The role must have been
       created	prior  to this command, either through use of the Solaris Man‐
       agement Console GUI or through roleadd(1M).

	 # usermod -R mailadm jdoe

       This command results in the following entry in user_attr:


       Example 5 Removing All Profiles from a User

       The following command removes all profiles that were granted to a  user
       directly. The user will still have any rights profiles that are granted
       by means of the PROFS_GRANTED key in policy.conf(4).

	 # usermod -P "" jdoe

       In case of an error, usermod prints an error message and exits with one
       of the following values:


	   The	command	 syntax	 was  invalid. A usage message for the usermod
	   command is displayed.


	   An invalid argument was provided to an option.


	   The uid given with the -u option is already in use.


	   The password files contain an error. pwconv(1M) can be used to cor‐
	   rect possible errors. See passwd(4).


	   The	login to be modified does not exist, the group does not exist,
	   or the login shell does not exist.


	   The login to be modified is in use.


	   The new_logname is already in use.


	   Cannot update the /etc/group or /etc/user_attr file.	 Other	update
	   requests will be implemented.


	   Insufficient	 space	to  move the home directory (-m option). Other
	   update requests will be implemented.


	   Unable to complete the move of the home directory to the  new  home


	   system file containing group definitions


	   system file of date formats


	   system password file


	   system  file	 containing  users'  encrypted	passwords  and related


	   system file containing additional user and role attributes

       See attributes(5) for descriptions of the following attributes:

       │Interface Stability │ Committed	      │

       chown(1),  passwd(1),  users(1B),  groupadd(1M),	 groupdel(1M),	group‐
       mod(1M), logins(1M), pwconv(1M), roleadd(1M), roledel(1M), rolemod(1M),
       useradd(1M), userdel(1M), getdate(3C),  auth_attr(4),  passwd(4),  pol‐
       icy.conf(4), prof_attr(4), user_attr(4), attributes(5)

       The  usermod  utility  modifies	passwd	definitions  only in the local
       /etc/passwd and /etc/shadow files. If a network nameservice such as NIS
       or  NIS+	 is  being  used to supplement the local files with additional
       entries, usermod cannot change  information  supplied  by  the  network
       nameservice.  However  usermod  will verify the uniqueness of user name
       and user ID against the external nameservice.

       The  usermod  utility  uses  the	 /etc/datemsk  file,  available	  with
       SUNWaccr, for date formatting.

				 Feb 22, 2008			   USERMOD(1M)

List of man pages available for SmartOS

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
Vote for polarhome
Free Shell Accounts :: the biggest list on the net