userdel(8)



USERDEL(8)                System Management Commands                USERDEL(8)

NAME
       userdel - delete a user account and related files

SYNOPSIS
       userdel [options] LOGIN

DESCRIPTION
       userdel is a low level utility for removing users. On Debian,
       administrators should usually use deluser(8) instead.

       The userdel command modifies the system account files, deleting all
       entries that refer to the user name LOGIN. The named user must exist.

OPTIONS
       The options which apply to the userdel command are:

       -f, --force
           This option forces the removal of the user account, even if the
           user is still logged in. It also forces userdel to remove the
           user's home directory and mail spool, even if another user uses the
           same home directory or if the mail spool is not owned by the
           specified user. If USERGROUPS_ENAB is defined to yes in
           /etc/login.defs and if a group exists with the same name as the
           deleted user, then this group will be removed, even if it is still
           the primary group of another user.

           Note: This option is dangerous and may leave your system in an
           inconsistent state.

       -h, --help
           Display help message and exit.

       -r, --remove
           Files in the user's home directory will be removed along with the
           home directory itself and the user's mail spool. Files located in
           other file systems will have to be searched for and deleted
           manually.

           The mail spool is defined by the MAIL_DIR variable in the
           login.defs file.

       -R, --root CHROOT_DIR
           Apply changes in the CHROOT_DIR directory and use the configuration
           files from the CHROOT_DIR directory.

       -P, --prefix PREFIX_DIR
           Apply changes in the PREFIX_DIR directory and use the configuration
           files from the PREFIX_DIR directory. This option does not chroot
           and is intended for preparing a cross-compilation target. Some
           limitations: NIS and LDAP users/groups are not verified. PAM
           authentication is using the host files. No SELINUX support.

       -Z, --selinux-user
           Remove any SELinux user mapping for the user's login.

CONFIGURATION
       The following configuration variables in /etc/login.defs change the
       behavior of this tool:

       MAIL_DIR (string)
           The mail spool directory. This is needed to manipulate the mailbox
           when its corresponding user account is modified or deleted. If not
           specified, a compile-time default is used.

       MAIL_FILE (string)
           Defines the location of the users mail spool files relatively to
           their home directory.

       The MAIL_DIR and MAIL_FILE variables are used by useradd, usermod, and
       userdel to create, move, or delete the user's mail spool.

       MAX_MEMBERS_PER_GROUP (number)
           Maximum members per group entry. When the maximum is reached, a new
           group entry (line) is started in /etc/group (with the same name,
           same password, and same GID).

           The default value is 0, meaning that there are no limits in the
           number of members in a group.

           This feature (split group) permits to limit the length of lines in
           the group file. This is useful to make sure that lines for NIS
           groups are not larger than 1024 characters.

           If you need to enforce such limit, you can use 25.

           Note: split groups may not be supported by all tools (even in the
           Shadow toolsuite). You should not use this variable unless you
           really need it.

       USERDEL_CMD (string)
           If defined, this command is run when removing a user. It should
           remove any at/cron/print jobs etc. owned by the user to be removed
           (passed as the first argument).

           The return code of the script is not taken into account.

           Here is an example script, which removes the user's cron, at and
           print jobs:

               #! /bin/sh

               # Check for the required argument.
               if [ $# != 1 ]; then
                    echo "Usage: $0 username"
                    exit 1
               fi

               # Remove cron jobs.
               crontab -r -u $1

               # Remove at jobs.
               # Note that it will remove any jobs owned by the same UID,
               # even if it was shared by a different username.
               AT_SPOOL_DIR=/var/spool/cron/atjobs
               find $AT_SPOOL_DIR -name "[^.]*" -type f -user $1 -delete \;

               # Remove print jobs.
               lprm $1

               # All done.
               exit 0

       USERGROUPS_ENAB (boolean)
           If set to yes, userdel will remove the user's group if it contains
           no more members, and useradd will create by default a group with
           the name of the user.

FILES
       /etc/group
           Group account information.

       /etc/login.defs
           Shadow password suite configuration.

       /etc/passwd
           User account information.

       /etc/shadow
           Secure user account information.

       /etc/subgid
           Per user subordinate group IDs.

       /etc/subuid
           Per user subordinate user IDs.

EXIT VALUES
       The userdel command exits with the following values:

       0
           success

       1
           can't update password file

       2
           invalid command syntax

       6
           specified user doesn't exist

       8
           user currently logged in

       10
           can't update group file

       12
           can't remove home directory

CAVEATS
       userdel will not allow you to remove an account if there are running
       processes which belong to this account. In that case, you may have to
       kill those processes or lock the user's password or account and remove
       the account later. The -f option can force the deletion of this
       account.

       You should manually check all file systems to ensure that no files
       remain owned by this user.

       You may not remove any NIS attributes on a NIS client. This must be
       performed on the NIS server.

       If USERGROUPS_ENAB is defined to yes in /etc/login.defs, userdel will
       delete the group with the same name as the user. To avoid
       inconsistencies in the passwd and group databases, userdel will check
       that this group is not used as a primary group for another user, and
       will just warn without deleting the group otherwise. The -f option can
       force the deletion of this group.

SEE ALSO
       chfn(1), chsh(1), passwd(1), login.defs(5), gpasswd(8), groupadd(8),
       groupdel(8), groupmod(8), subgid(5), subuid(5), useradd(8), usermod(8).

shadow-utils 4.8.1                02/07/2020                        USERDEL(8)

Man(1) output converted with man2html
list of all man pages