1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
|
<?xml version="1.0" encoding="UTF-8"?>
<!--
Copyright (c) 1991 - 1994, Julianne Frances Haugh
Copyright (c) 2007 - 2011, Nicolas François
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. The name of the copyright holders or contributors may not be used to
endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-->
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY MAIL_DIR SYSTEM "login.defs.d/MAIL_DIR.xml">
<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
<!ENTITY TCB_SYMLINKS SYSTEM "login.defs.d/TCB_SYMLINKS.xml">
<!ENTITY USE_TCB SYSTEM "login.defs.d/USE_TCB.xml">
<!ENTITY USERDEL_CMD SYSTEM "login.defs.d/USERDEL_CMD.xml">
<!ENTITY USERGROUPS_ENAB SYSTEM "login.defs.d/USERGROUPS_ENAB.xml">
<!-- SHADOW-CONFIG-HERE -->
]>
<refentry id='userdel.8'>
<!-- $Id$ -->
<refentryinfo>
<author>
<firstname>Julianne Frances</firstname>
<surname>Haugh</surname>
<contrib>Creation, 1991</contrib>
</author>
<author>
<firstname>Thomas</firstname>
<surname>Kłoczko</surname>
<email>kloczek@pld.org.pl</email>
<contrib>shadow-utils maintainer, 2000 - 2007</contrib>
</author>
<author>
<firstname>Nicolas</firstname>
<surname>François</surname>
<email>nicolas.francois@centraliens.net</email>
<contrib>shadow-utils maintainer, 2007 - now</contrib>
</author>
</refentryinfo>
<refmeta>
<refentrytitle>userdel</refentrytitle>
<manvolnum>8</manvolnum>
<refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
<refmiscinfo class="source">shadow-utils</refmiscinfo>
<refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
</refmeta>
<refnamediv id='name'>
<refname>userdel</refname>
<refpurpose>delete a user account and related files</refpurpose>
</refnamediv>
<refsynopsisdiv id='synopsis'>
<cmdsynopsis>
<command>userdel</command>
<arg choice='opt'>options</arg>
<arg choice='plain'>
<replaceable>LOGIN</replaceable>
</arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
The <command>userdel</command> command modifies the system account
files, deleting all entries that refer to the user name <emphasis
remap='I'>LOGIN</emphasis>. The named user must exist.
</para>
</refsect1>
<refsect1 id='options'>
<title>OPTIONS</title>
<para>
The options which apply to the <command>userdel</command> command are:
</para>
<variablelist remap='IP'>
<varlistentry>
<term>
<option>-f</option>, <option>--force</option>
</term>
<listitem>
<para>
This option forces the removal of the user account, even if the
user is still
logged in. It also forces <command>userdel</command> to remove
the user's home directory and mail spool, even if another
user uses the same home directory or if the mail spool is not
owned by the specified user. If
<option>USERGROUPS_ENAB</option> is defined to <emphasis
remap='I'>yes</emphasis> in <filename>/etc/login.defs</filename>
and if a group exists with the same name as the deleted user,
then this group will be removed, even if it is still the primary
group of another user.
</para>
<para>
<emphasis>Note:</emphasis> This option is dangerous and may leave
your system in an inconsistent state.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-h</option>, <option>--help</option></term>
<listitem>
<para>Display help message and exit.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-r</option>, <option>--remove</option>
</term>
<listitem>
<para>
Files in the user's home directory will be removed along with
the home directory itself and the user's mail spool. Files
located in other file systems will have to be searched for and
deleted manually.
</para>
<para>
The mail spool is defined by the <option>MAIL_DIR</option>
variable in the <filename>login.defs</filename> file.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-R</option>, <option>--root</option> <replaceable>CHROOT_DIR</replaceable>
</term>
<listitem>
<para>
Apply changes in the <replaceable>CHROOT_DIR</replaceable>
directory and use the configuration files from the
<replaceable>CHROOT_DIR</replaceable> directory.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-Z</option>, <option>--selinux-user</option>
</term>
<listitem>
<para>
Remove any SELinux user mapping for the user's login.
</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='configuration'>
<title>CONFIGURATION</title>
<para>
The following configuration variables in
<filename>/etc/login.defs</filename> change the behavior of this
tool:
</para>
<variablelist>
&MAIL_DIR; <!-- documents also MAIL_FILE -->
&MAX_MEMBERS_PER_GROUP;
&TCB_SYMLINKS;
&USE_TCB;
&USERDEL_CMD;
&USERGROUPS_ENAB;
</variablelist>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/group</filename></term>
<listitem>
<para>Group account information.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/login.defs</filename></term>
<listitem>
<para>Shadow password suite configuration.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/passwd</filename></term>
<listitem>
<para>User account information.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/shadow</filename></term>
<listitem>
<para>Secure user account information.</para>
</listitem>
</varlistentry>
<varlistentry condition="subids">
<term><filename>/etc/subgid</filename></term>
<listitem>
<para>Per user subordinate group IDs.</para>
</listitem>
</varlistentry>
<varlistentry condition="subids">
<term><filename>/etc/subuid</filename></term>
<listitem>
<para>Per user subordinate user IDs.</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='exit_values'>
<title>EXIT VALUES</title>
<para>
The <command>userdel</command> command exits with the following values:
<variablelist>
<varlistentry>
<term><replaceable>0</replaceable></term>
<listitem>
<para>success</para>
</listitem>
</varlistentry>
<varlistentry>
<term><replaceable>1</replaceable></term>
<listitem>
<para>can't update password file</para>
</listitem>
</varlistentry>
<varlistentry>
<term><replaceable>2</replaceable></term>
<listitem>
<para>invalid command syntax</para>
</listitem>
</varlistentry>
<varlistentry>
<term><replaceable>6</replaceable></term>
<listitem>
<para>specified user doesn't exist</para>
</listitem>
</varlistentry>
<varlistentry>
<term><replaceable>8</replaceable></term>
<listitem>
<para>user currently logged in</para>
</listitem>
</varlistentry>
<varlistentry>
<term><replaceable>10</replaceable></term>
<listitem>
<para>can't update group file</para>
</listitem>
</varlistentry>
<varlistentry>
<term><replaceable>12</replaceable></term>
<listitem>
<para>can't remove home directory</para>
</listitem>
</varlistentry>
</variablelist>
</para>
</refsect1>
<refsect1 id='caveats'>
<title>CAVEATS</title>
<para>
<command>userdel</command> will not allow you to remove an account if
there are running processes which belong to this account. In that
case, you may have to kill those processes or lock the user's
password or account and remove the account later. The
<option>-f</option> option can force the deletion of this account.
</para>
<para>
You should manually check all file systems to ensure that no files
remain owned by this user.
</para>
<para>You may not remove any NIS attributes on a NIS client. This must
be performed on the NIS server.
</para>
<para>If <option>USERGROUPS_ENAB</option> is defined to <emphasis
remap='I'>yes</emphasis> in <filename>/etc/login.defs</filename>,
<command>userdel</command> will delete the group with the same name
as the user. To avoid inconsistencies in the passwd and group
databases, <command>userdel</command> will check that this group is
not used as a primary group for another user, and will just warn
without deleting the group otherwise. The <option>-f</option> option
can force the deletion of this group.
</para>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para><citerefentry>
<refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>gpasswd</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<phrase condition="subids">
<citerefentry>
<refentrytitle>subgid</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>subuid</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
</phrase>
<citerefentry>
<refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>.
</para>
</refsect1>
</refentry>
|