Deleting Users

Just like adding new users, you can delete users with an automated script or manually. The automated scripts deluser or userdel ask which user you want to delete, and then remove that user's entry from the /etc/passwd file. Some scripts also clean out the spool and home directory files, if you want. You must log in as root in order to make any deletions to the /etc/passwd file.

To delete the user manually, remove the user's entry from the /etc/passwd file. Then you can clean up the user's directories to clear disk space. You can completely delete all the user's files and his or her home directory with the command rm -r /home/userdir where /home/userdir is the full pathname of the user's home directory. Make sure there are no files you want to keep in that directory before you blow them all away!

Next, remove the user's mail spool file, which is usually kept in /usr/spool/mail/username. For example, to remove the user walter's mail file, issue the command rm /usr/spool/mail/walter

The spool file is a single file, so this command cleans up the entries properly. To finish off the mail cleanup, check that the user has no entries in the mail alias files (usually /usr/lib/aliases), or you can force all mail for that user to another login (such as root) with an entry in the aliases file. Finally, make sure that there are no entries in the user's cron and at files that the system will continue to execute. You can display the user's crontab file (explained in Chapter 23) using the crontab command.

If you need to retain the user for some reason (such as file ownerships, a general access account, or accounting purposes), you can disable the login completely by placing an asterisk in the password field of the /etc/passwd file. That login cannot be used when an asterisk is in the password field. To reactivate the account, run the passwd command.

The process for manually deleting a user (or using an automated script that doesn't clean up directories and files) is as follows:

1. Remove the user's entry from /etc/passwd and /etc/group files.

2. Remove the user's mail file and any mail aliases.

3. Remove any cron or at jobs.

4. Remove the home directory if you don't want any files it holds.

Occasionally, you may want to temporarily disable a user's account, such as when the user goes on extended leave or vacation. If you want to temporarily disable the login but be able to recover it at any time in the future, add an asterisk as the first character of the encrypted password. Don't alter any characters in the existing password, but add the asterisk to the beginning. When you want to reactivate the account, remove the asterisk and the password is back to whatever it was set as before you made the changes.

Was this article helpful?

0 0

Post a comment