|
Hopefully, this page is exactly what you are looking for, but if not, you can always find further assistance on Unix/Linux Forum!
System Administration Commands usermod(1M)
NAME
usermod - modify a user's login information on the system
SYNOPSIS
usermod [ -u uid [-o]] [-g group] [ -G group [ , group...]]
[ -d dir [-m]] [-s shell] [-c comment] [-l new_name] [-
f inactive] [-e expire] [-A authorization [, authoriza-
tion]] [-P profile [, profile]] [-R role [, role]] [-K
key=value] login
DESCRIPTION
The usermod utility modifies a user's login definition on
the system. It changes the definition of the specified login
and makes the appropriate login-related system file and file
system changes.
The system file entries created with this command have a
limit of 512 characters per line. Specifying long arguments
to several options might exceed this limit.
OPTIONS
The following options are supported:
-A authorization
One or more comma separated authorizations as defined in
auth_attr(4). Only a user or role who has grant rights
to the authorization can assign it to an account. This
replaces any existing authorization setting. If no
authorization list is specified, the existing setting is
removed.
-c comment
Specify a comment string. comment can be any text
string. It is generally a short description of the
login, and is currently used as the field for the user's
full name. This information is stored in the user's
/etc/passwd entry.
-d dir
Specify the new home directory of the user. It defaults
to base_dir/login, where base_dir is the base directory
for new login home directories, and login is the new
login.
SunOS 5.10 Last change: 24 May 2006 1
System Administration Commands usermod(1M)
-e expire
Specify the expiration date for a login. After this
date, no user will be able to access this login. The
expire option argument is a date entered using one of
the date formats included in the template file
/etc/datemsk. See getdate(3C).
For example, you may enter 10/6/90 or October 6, 1990. A
value of `` '' defeats the status of the expired date.
-f inactive
Specify the maximum number of days allowed between uses
of a login ID before that login ID is declared invalid.
Normal values are positive integers. A value of 0
defeats the status.
-g group
Specify an existing group's integer ID or character-
string name. It redefines the user's primary group
membership.
-G group
Specify an existing group's integer "ID" "," or charac-
ter string name. It redefines the user's supplementary
group membership. Duplicates between group with the -g
and -G options are ignored. No more than NGROUPS_UMAX
groups may be specified as defined in <param.h>.
-K key=value
Replace existing or add to a user's key=value pair
attributes. Multiple -K options can be used to replace
or add multiple key=value pairs. The generic -K option
with the appropriate key can be used instead of the
specific implied key options (-A, -P, -R, -p). See
user_attr(4) for a list of valid keys. Values for these
keys are usually found in man pages or other sources
related to those keys. For example, see project(4) for
guidance on values for the project key. Use the command
ppriv(1) with the -v and -l options for a list of values
SunOS 5.10 Last change: 24 May 2006 2
System Administration Commands usermod(1M)
for the keys defaultpriv and limitpriv.
Keys must not be repeated. Specifying a key= without a
value removes an existing key=value pair.
The type key must be specified only without a value or
with the role value. Specifying the type key without a
value leaves the account as a normal user, with the role
value changing from a normal user to a role user. As a
role account, no roles (-R or roles=value) can be
present.
-l new_logname
Specify the new login name for the user. See passwd(4)
for the requirements for usernames.
-m
Move the user's home directory to the new directory
specified with the -d option. If the directory already
exists, it must have permissions read/write/execute by
group, where group is the user's primary group.
-o
This option allows the specified UID to be duplicated
(non-unique).
-P profile
One or more comma-separated rights profiles defined in
prof_attr(4). This replaces any existing profile set-
ting. If no profile list is specified, the existing set-
ting is removed.
-R role
One or more comma-separated roles (see roleadd(1M)).
This replaces any existing role setting. If no role
list is specified, the existing setting is removed.
SunOS 5.10 Last change: 24 May 2006 3
System Administration Commands usermod(1M)
-s shell
Specify the full pathname of the program that is used as
the user's shell on login. The value of shell must be a
valid executable file.
-u uid
Specify a new UID for the user. It must be a non-
negative decimal integer less than MAXUID as defined in
<param.h>. The UID associated with the user's home
directory is not modified with this option; a user will
not have access to their home directory until the UID is
manually reassigned using chown(1).
OPERANDS
The following operands are supported:
login An existing login name to be modified.
EXAMPLES
Example 1: Assigning Privileges to a User
The following command adds the privilege that affects high
resolution times to a user's initial, inheritable set of
privileges.
# usermod -K defaultpriv=basic,proc_clock_highres jdoe
This command results in the following entry in user_attr:
jdoe::::type=normal;defaultpriv=basic,proc_clock_highres
Example 2: Removing a Privilege from a User's Limit Set
The following command removes the privilege that allows the
specified user to create hard links to directories and to
unlink directories.
# usermod -K limitpriv=all,!sys_linkdir jdoe
This command results in the following entry in user_attr:
SunOS 5.10 Last change: 24 May 2006 4
System Administration Commands usermod(1M)
jdoe::::type=normal;defaultpriv=basic,limitpriv=all,!sys_linkdir
Example 3: Removing a Privilege from a User's Basic Set
The following command removes the privilege that allows the
specified user to examine processes outside the user's ses-
sion.
# usermod -K defaultpriv=basic,!proc_session jdoe
This command results in the following entry in user_attr:
jdoe::::type=normal;defaultpriv=basic,!proc_session;limitpriv=all
Example 4: Assigning a Role to a User
The following command assigns a role to a user. The role
must have been created prior to this command, either through
use of the Solaris Management Console GUI or through
roleadd(1M).
# usermod -R mailadm jdoe
This command results in the following entry in user_attr:
jdoe::::type=normal;roles=mailadm;defaultpriv=basic;limitpriv=all
EXIT STATUS
In case of an error, usermod prints an error message and
exits with one of the following values:
2 The command syntax was invalid. A usage message for
the usermod command is displayed.
3 An invalid argument was provided to an option.
4 The uid given with the -u option is already in use.
5 The password files contain an error. pwconv(1M) can
be used to correct possible errors. See passwd(4).
SunOS 5.10 Last change: 24 May 2006 5
System Administration Commands usermod(1M)
6 The login to be modified does not exist, the group
does not exist, or the login shell does not exist.
8 The login to be modified is in use.
9 The new_logname is already in use.
10 Cannot update the /etc/group or /etc/user_attr
file. Other update requests will be implemented.
11 Insufficient space to move the home directory (-m
option). Other update requests will be implemented.
12 Unable to complete the move of the home directory
to the new home directory.
FILES
/etc/group system file containing group defini-
tions
/etc/datemsk system file of date formats
/etc/passwd system password file
/etc/shadow system file containing users'
encrypted passwords and related
information
/etc/user_attr system file containing additional
user and role attributes
SunOS 5.10 Last change: 24 May 2006 6
System Administration Commands usermod(1M)
ATTRIBUTES
See attributes(5) for descriptions of the following attri-
butes:
____________________________________________________________
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|_____________________________|_____________________________|
| Availability | SUNWcsu |
|_____________________________|_____________________________|
| Interface Stability | Evolving |
|_____________________________|_____________________________|
SEE ALSO
chown(1), passwd(1), users(1B), groupadd(1M), groupdel(1M),
groupmod(1M), logins(1M), pwconv(1M), roleadd(1M),
roledel(1M), rolemod(1M), useradd(1M), userdel(1M),
getdate(3C), auth_attr(4), passwd(4), attributes(5)
NOTES
The usermod utility modifies passwd definitions only in the
local /etc/passwd and /etc/shadow files. If a network
nameservice such as NIS or NIS+ is being used to supplement
the local files with additional entries, usermod cannot
change information supplied by the network nameservice. How-
ever usermod will verify the uniqueness of user name and
user ID against the external nameservice.
The usermod utility uses the /etc/datemsk file, available
with SUNWaccr, for date formatting.
SunOS 5.10 Last change: 24 May 2006 7
Man(1) output converted with
man2html and wrapped by fishsponge
This page was generated on Wed Sep 12 11:26:48 GMT 2007
|
Your favourite pages:
No pages logged yet.
Trying to save cookie... Top 10 most popular pages:
sqlite3 man page (5334 hits)
(openSUSE 10.2)
svn man page (5209 hits)
(FreeBSD 6.2)
adv_cap_autoneg man page (4870 hits)
(Solaris 10 11_06)
CPAN man page (4607 hits)
(Suse Linux 10.1)
ssh man page (4342 hits)
(Suse Linux 10.1)
ssh-socks5-proxy-connect man page (2885 hits)
(Solaris 10 11_06)
netcat man page (2717 hits)
(Suse Linux 10.1)
pprosetup man page (2492 hits)
(Solaris 10 11_06)
startproc man page (2471 hits)
(Suse Linux 10.1)
signal man page (2408 hits)
(Suse Linux 10.1)
|
Man Pages 
