Maintenance Commands usermod(1M) NAME usermod, rolemod - modify a user's or role's account information | on the system SYNOPSIS usermod [ -u uid [ -o ] ] [ -g group ] [ -G group [ , group ... ] ] [ -d dir [ -m ] ] [ -s shell ] [ -c comment ] [ -l new_name ] | [ -f inactive ] [ -e expire ] [ -A authorization [, authorization ...]] | [ -P profile [, profile ...]] | [ -R role [, role ...]] login | rolemod [ -u uid [ -o ] ] [ -g group ] | [ -G group [ , group ... ] ] [ -d dir [ -m ] ] | [ -s shell ] [ -c comment ] [ -l new_name ] | [ -f inactive ] [ -e expire ] | [ -A authorization [, authorization ...]] | [ -P profile [, profile ...]] role | DESCRIPTION The usermod utility modifies a user's login definition on the system. The rolemod utility modifies a role's definition | on the system. Both commands change the definition of the | specified login or role and make the appropriate system file | and file system changes. The system file entries created with this command have a limit of 512 characters per line. Specifying long arguments to several options may exceed this limit. OPTIONS The following options are supported: -u uid Specify a new UID for the account. It must be a | non-negative decimal integer less than MAXUID as defined in . Note that the UID associated with the user's or role's home directory is | not modified with this option; a user or role will | not have access to their home directory until the UID is manually reassigned using chown(1M). -o This option allows the specified UID to be duplicated (non-unique). -g group Specify an existing group's integer ID or character-string name. It redefines the user's or role's primary group membership. | -G group Specify an existing group's integer "ID" "," or character string name. It redefines the user's or role's supplementary group membership. | Duplicates between group with the -g and -G options are ignored. No more than NGROUPS_UMAX groups may be specified as defined in . -A authorization One or more comma separated authorizations | defined in auth_attr(4). Only a user or role who has | "grant" rights to the "authorization" may assign | it to an account. This replaces any existing | authorization setting. | -P profile One or more comma-separated execution profiles | defined in prof_attr(4). This replaces any existing | profile setting. | -R role One or more comma-separated role names defined in | user_attr(4). This replaces any existing role setting. | -d dir Specify the new home directory of the user or role. It defaults to base_dir/account_name, | where base_dir is the base directory for the | new user or role home directories, and account_name | is the new login or role name. | -m Move the account home directory to the new | directory specified with the -d option. If the directory already exists, it must have permissions read/write/execute by group, where group is the user's or role's primary group. | -s shell Specify the full pathname of the program that is used as the user's shell on login or the | role's shell on assumption. The | value of shell must be a valid executable file. -c comment Specify a comment string. comment can be any text string. It is generally a short description of the login or role. Comment is | currently used as the field for the user's full name. This information is stored in the | /etc/passwd entry for the account. | -l new_name Specify the new name for the user or role. The | new_name argument is a string no more than | eight bytes consisting of characters from the set of alphabetic characters, numeric charac- ters, period (.), underline (_), and hypen (-). The first character should be alpha- betic and the field should contain at least one lower case alphabetic character. A warn- ing message will be written if these restric- tions are not met. A future Solaris release may refuse to accept login fields that do not meet these requirements. For logins only, the new_name | argument must contain at least one character and must not contain a colon (:) or NEWLINE (\n). -e expire Specify the future date on which a login or role can | no longer be used; after this date, no user will be able to access this account. This | option is useful for creating temporary accounts. You may type the value of the argu- | ment expire (which is a date) in any format you like (except a Julian date). For exam- ple, you may enter 10/6/90 or October 6, 1990. A value of `` '' defeats the status of the expired date. -f inactive Specify the maximum number of days allowed between uses of a login or role ID before that | ID is declared invalid. Normal values are positive integers. A value of 0 defeats the status. OPERANDS The following operands are supported: login An existing login name to be modified. role An existing role name to be modified. EXIT STATUS In case of an error, usermod prints an error message and exits with one of the following values: 2 The command syntax was invalid. A usage message for the usermod or rolemod command is displayed. | 3 An invalid argument was provided to an option. 4 The uid given with the -u option is already in use. 5 The password files contain an error. pwconv(1M) can be used to correct possible errors. See passwd(4). 6 The account to be modified does not exist, the group does | not exist, or the shell for that account does not exist. | 8 The account to be modified is in use. | 9 The new_name is already in use. | 10 Cannot update the /etc/group or /etc/user_attr file. | Other update requests will be implemented. 11 Insufficient space to move the home directory (-m option). Other update requests will be implemented. 12 Unable to complete the move of the home directory to the new home directory. FILES /etc/passwd system password file /etc/shadow system file containing users' and roles' encrypted | passwords and related information /etc/group system file containing group definitions /etc/user_attr system file containing additional user and role attributes. | /etc/datemsk system file of date formats ATTRIBUTES See attributes(5) for descriptions of the following attri- butes: __________________________________ | ATTRIBUTE TYPE| ATTRIBUTE VALUE| |__________________________________ | Availability | SUNWcsu | |_______________|_________________| SEE ALSO passwd(1), users(1B), chown(1M), groupadd(1M), groupdel(1M), groupmod(1M), logins(1M), pwconv(1M), useradd(1M), roles(1), profiles(1), auths(1), auth_attr (4), user_attr(4), | userdel(1M), passwd(4), roleadd(1M), roledel(1M), prof_attr(4) | NOTES The usermod utility modifies definitions only in the local /etc/group, /etc/passwd, /etc/shadow and /etc/user_attr files. | If a network nameservice such as NIS or NIS+ is being used to supplement the local files with additional entries, usermod cannot change information supplied by the network nameservice. However usermod will verify the uniqueness of user name and user ID against the external nameservice. The usermod utility uses the /etc/datemsk file, available with SUNWaccr, for date formatting.