Delete a linux account

How To Delete/Remove A User Account In Linux?

User account deletion is one of the basic task for Linux administrator.

Whenever a new employee joins in your organization, we need to create the user account for them and when he/she is left from the company then we need to delete it immediately to avoid unnecessary security breach.

We generally use the userdel command to remove the user account in Linux.

It will delete the corresponding user’s information from the system.

You should have privileges to perform this action. It should be root or other privilege user.

Navigate to the following URLs to create a user account and setting up a password to them.

• How to Update/Change Users Password in Linux Using Different Ways
• How To Force User To Change Password On Next Login In Linux
• How to Reset/Change User’s Password in Linux Using passwd Command?
• How To Check Password Complexity/Strength And Score In Linux?
• 6 Easy Ways to Check User Name And Other Information in Linux
• 3 Methods to List All The Users in Linux System
• Four Methods To Add A User To Group In Linux

What is userdel?

userdel command is used to delete a user account and related files from the Linux system.

It modifies the system account files, deleting all entries that refer to the user name LOGIN.

userdel will not allow you to remove an account if there are running processes which belong to this account. In that case, you may have to kill those processes or lock the user’s password or account and remove the account later. The -f option can force the deletion of this account.

You should manually check all file systems to ensure that no files remain owned by this user.

When we deleting the user account from the Linux system the below files will be modified.

• /etc/passwd: User details will be updated in this file.
• /etc/shadow: User password info will be updated in this file.
• /etc/group: Group details will be updated of the new user in this file.
• /etc/gshadow: Group password info will be updated of the new user in the file.

Common Syntax for userdel command.

1) How To Delete The User Account Alone From Linux System?

Use the following format if you would like to delete only the user account from the system. It will delete only the user account from the system and keep the files.

Here we are going to delete the user1 user account from the system and see what will happen once we removed it. See the below output.

Output: I could see that the user1 user account (user and group) permission has been gone and it’s replaced by UID & GID of the user instead.

# ls -ld /home/user1 drwxr-xr-x 4 1008 1008 4096 Mar 17 10:23 /home/user1

The above output is clearly showing that the user account got deleted from the system but the user home directory is still exist in the system. If you want to delete the user’s home directory as well then use the -r option.

2) How To Delete/Remove An Entire User Account From Linux System?

Use the below command to delete an entire user account. It will delete the users home directory as well.

# userdel -r user2 userdel: user2 mail spool (/var/mail/user2) not found

Yes, the below output clearly showing that the given user account got completely deleted from the system.

# ls -ld /home/user2 ls: cannot access '/home/user2': No such file or directory

But still crontab entries are exist in system. It should be removed manually by searching the users files.

# ls -lh /var/spool/cron/crontabs/user2 -rw------- 1 1009 crontab 1.2K Mar 31 00:36 /var/spool/cron/crontabs/user2

3) How To Remove The Logged In User Account In Linux?

Add -f option with userdel command to remove the logged in user from the system. As i can see user3 is currently logged into the system, I’m going to remove him with help of force option.

[email protected]:~# w 01:00:15 up 20:57, 3 users, load average: 0.00, 0.00, 0.00 USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT user3 pts/0 192.168.1.6 01:00 4.00s 0.00s 0.00s -sh daygeek pts/1 192.168.1.6 Sat09 0.00s 0.41s 0.02s sshd: daygeek [priv] daygeek :0 :0 17:59 ?xdm? 3:41 0.01s /usr/lib/gdm3/gdm-x-session --run-script

The above output is clearly showing that user3 user is currently accessing the ssh session, Now I’m going to delete the user account. See the output.

# userdel -rf user3 userdel: user user3 is currently used by process 30371 userdel: user3 mail spool (/var/mail/user3) not found

The above output is showing the following warning message that userdel: user user3 is currently used by process 30371 and the same time the user account got deleted from system but the ssh session not killed automatically.

Once the user logged out from the system then the current session get disconnected and after that he can’t able to login because we have already deleted the account.

Alternatively we can kill the corresponding ssh session by navigating to the following url.

[email protected]:~# w 01:07:24 up 21:04, 3 users, load average: 0.01, 0.00, 0.00 daygeek pts/1 192.168.1.6 Sat09 0.00s 0.41s 0.02s sshd: daygeek [priv] daygeek :0 :0 17:59 ?xdm? 3:41 0.01s /usr/lib/gdm3/gdm-x-session --run-script

Yes, the below output clearly showing that the given user account got completely deleted from the system.

# ls -ld /home/user3 ls: cannot access '/home/user3': No such file or directory

4) How To Delete/Remove SELinux User Mapping From Linux System?

Use the below command to delete SELinux user mapping for the user by adding -Z option.

# userdel -Zfr user4 userdel: user4 mail spool (/var/mail/user4) not found

5) How To Find All Files Owned By user2?

userdel command will delete the user account, home directory and user mail spool but it wont delete other file system. Use the following command to find out those file and delete it manually.

# find / -user user2 -print find: _user2_ is not the name of a known user

The above output is showing that the user2 is not exist in system. But user crontab entry is there, which was created by the user2. To find the details use the following format. See the output.

# find / -name user2 -print /var/spool/cron/crontabs/user2

For details, use the following command.

# ls -lh /var/spool/cron/crontabs/user2 -rw------- 1 1009 crontab 1.2K Mar 31 00:36 /var/spool/cron/crontabs/user2 # rm -Rf /var/spool/cron/crontabs/user2

Now, I’m clear when we delete the user account from system. It deletes the user account, home directory, user mail spool as well as users primary group.

But it won’t delete some of the files which was created by the user if it’s there in other filesystem. Hence, we need to remove it manually by searching them using the above find command.

Note:

If you want the particular user account content for future use then you need to take a backup using tar command before performing the delete action., you can backup the content using tar command and delete it.

Hope this article useful for you. If you like our work please share on social media to support us.

Источник