The usermod command works somewhat like useradd command, with similar parameters. The usermod utility changes an existing account, unlike the useradd that adds a new account.
The basic syntax of the command is:
usermod [-c comment] [-d home_dir [-m]] [-e expire_date] [-f inactive_time]
[-g initial_group] [-G group [,…]] [-l login_name] [-p passwd] [-s shell] ↵
[-u uid [-o]] [-L|-U] username
The major differences between useradd and usermod are:
• usermod allows you to use the -m flag along with -d. The -d parameter by itself changes the user’s home directory, but does not move any file; by adding -m, usermod moves the user’s files into the new location;
• usermod supports the -l parameter, which changes the user’s login name to another specified value. For example, by writing usermod -l john josh, we will change the username from John to Josh;
• we can block or unlock a user’s password with the -L and -U options. These options duplicate the functionality provided by passwd only if the file used to store passwords is /etc/shadow.
The usermod command changes the contents of the /etc/passwd file, /etc/shadow or /etc/group, depending on the parameter used. If -m is used, usermod will also move the user’s files, as I said earlier.
Changing the features of an account while the user is logged in it can have bad consequences. And it is even worse if the combination of parameters -m -d is used, which makes the files that a user is working with at that moment, to be moved. Most of the changes, such as changing the default shell, do not work until the user logs out and loggs in back to the system.
If, for example, we change the UID of an account, this action will not affect the existing files as well, which will cause the user to lose access to the old files. Therefore, the UID update will be done manually on all the files owned by the user with the chown command.
When using the -G option to add a user to a new group, we need to make sure that all other user groups that are not listed in the command will be deleted from that user. That’s why it’s a good idea that -G command to be used with the -a (append) option so that the user is added to an additional group – in this way, we do not need to list all the other user groups.
For example, to add the jack user to the cinema group, we will write the following command:
# groups jack // displays the current groups to which the user jack belongs to
jack : jack users music
#
# usermod -a -G cinema jack // add the user jack to the cinema group
#
# groups jack // displays the new groups of the user
jack : jack users music cinema
#
A normal user will rarely need to apply more than what I explained in the two articles on useradd and usermod. Fine details of this utility can be obtained by reading its man page: man usermod