Local Users are all the users that authenticate using the local system. This means they do not authenticate using LDAP, Kerberos, or another authentication system. There are files in the /etc directory that store user information. Notably the /etc/passwd file for user information, /etc/shadow for passwords, and /etc/group for group information. You could technically edit these directly, but that runs the risk of causing problems if you edit the wrong user or use the incorrect format (not to mention the permissions issues it would cause with home directories and existing files!).
Instead there are bash commands you can use to manage users and this guide will walk you through using them to change a local user name and make sure all their existing files are updated as well. See the bottom of this guide for links to Linux Academy courses that cover user management. It is a fundamental concept to Linux Administration so many courses will touch on it or cover it.
This guide will use the Linux Academy servers as an example. You can use Debian or RHEL based systems (Ubuntu and CentOS included) to follow along.
The first step is to make sure we have a second account to log into. We can't change the username of the account we are logged into so we need to set up a second, temporary account to connect with and make our changes. So login to your server, then, using sudo or the root account, run the below commands to create our temporary user account and set a password for it. Note that on some distributions this will not create a home directory for the user. This is fine as it is a temporary account and we do not need one.
Once we've created our temporary user, we can disconnect from our current session, then log back onto the server using the new tempuser account. If you are on Ubuntu, ignore any errors about the home directory not existing. It is expected and won't cause any problems. After connecting, log into the root account. If you do not have access to the root account, log back onto your other account and grant the new account sudo privileges.
Changing the Username
Users in Linux can be changed with the usermod command. This lets us modify information about the account, including group membership, real name, and the username. This command modifies the /etc/passwd file where information about the user is stored. Again, we don't want to edit the file ourselves as that can cause issues and is easy to make mistakes!
As the root user, run this simple command to change the username. It will automatically update all the files and permissions to have the new username. I'm going to use my name as an example, just replace 'sean' with whatever the new username should be!
usermod -l sean user
Now, if this completes successfully, there will be no confirmation message. It just changes the values. It is likely, however, that there may still be a process running under the default user, such as VNC. If you see a message indicating the user is currently used by a process, you need to stop that process to continue. You can either try to stop it gracefully with a stop or end command or, as in this example, use pkill to simply stop all processes owned by 'user'.
pkill -u user
You can then confirm all the processes have stopped by using
ps -u user
If you still see processes running, you can use the SIGKILL (signal id 9) to force stop the processes.
pkill -u user --signal 9
Run the ps command again to verify the processes have stopped, then re-run the usermod command to change the username.
Changing the Group
Now, the above section will only update the username. Our default group is still 'user'. We want this to match our new username to follow standard conventions so now we need to use the groupmod command. This is very similar to usermod except for managing groups and the /etc/group file instead of /etc/passwd. Use the below command to change the group information just like the user information.
groupmod -n sean user
Changing the home directory
There's one last step before we finish modifying our user to the new login. We've changed the username and changed the group name, but our home directory is still /home/user. The home directory is set in the /etc/passwd file so once more we return to the usermod command. We can use usermod -d to set the home directory, however, on its own it will not actually change the directory. It just updates the /etc/passwd file to the new value. Instead we need to add the -m flag to make sure it actually changes the /home/user directory to /home/sean. The full command is:
usermod -d /home/sean -m sean
All right, now we have finished all the changes and can exit out of our tempuser session. We can test to make sure everything went well by connecting with our new username. We can then use pwd. which shows our current directory, right after logging in to make sure our home directory is set properly. We can use ls to show the files in our directory and use the -al flags to list all files and show their permissions to make sure it's all been set properly.
Once we've verified everything displays with the correct information (/home/sean and sean for the user and group name on all our files and directories), we can be sure the changes were successful! Before you finish, remember to log into the root account or use sudo and delete the tempuser we created. If you pass the -r flag it will also delete any files and directories created as part of the user creation process.
userdel -r tempuser
Warnings and Caveats
If you follow this process on a standard user, you are unlikely to run into any major issues, however there is some information to keep in mind and areas where this can cause problems.
- If you use the username in any scripts, this process will update the permissions of the files, but will NOT edit the scripts. You will need to make sure you edit the scripts manually to the new username.
- You can use this to change the name of service accounts, however many services expect to use certain names and changing them can have unpredictable results. It is best to leave them alone and only modify standard users. The same warning applies to changing the root account.
- Linux permissions and file ownership is a complex topic and changing information on users should be taken with great care and caution. If at all possible, make any changes in a test environment first to verify functionality. You may also find it safer to simply create a new user and copy any needed files for the the new user account.
Sources / Resources
As mentioned there are several courses and many places where user accounts are covered or touched on. Check out these courses for good coverage of what they are and how to manage them: