userdel Command

sudo userdel john
# Removes user 'john' but keeps /home/john

# Verify user is removed
id john
# Output: id: 'john': no such user

sudo userdel -r jane
# Removes user 'jane' and deletes /home/jane

# Verify home directory is gone
ls /home/jane
# Output: ls: cannot access '/home/jane': No such file or directory

# Check if user is logged in
who | grep alice
# Output: alice    pts/0        2024-01-15 10:30

# Force delete (use with extreme caution)
sudo userdel -f alice
# Removes user even if logged in

sudo userdel -r -f bob
# Removes user 'bob', home directory, and forces deletion
# Use with extreme caution

# Verify user exists
id charlie
# Output: uid=1003(charlie) gid=1003(charlie) groups=1003(charlie)

# Check user's processes
ps -u charlie
# Shows any running processes

# Check login status
who | grep charlie

# Safe deletion
sudo userdel charlie

#!/bin/bash
USERNAME="$1"

if [ -z "$USERNAME" ]; then
    echo "Usage: $0 username"
    exit 1
fi

echo "Checking user: $USERNAME"
echo "========================"

# Check if user exists
if ! id "$USERNAME" &>/dev/null; then
    echo "User $USERNAME does not exist"
    exit 1
fi

# Check if user is logged in
if who | grep -q "^$USERNAME "; then
    echo "WARNING: User $USERNAME is currently logged in"
    who | grep "^$USERNAME "
fi

# Check for running processes
PROCESSES=$(ps -u "$USERNAME" --no-headers 2>/dev/null | wc -l)
if [ "$PROCESSES" -gt 0 ]; then
    echo "WARNING: User $USERNAME has $PROCESSES running processes"
    ps -u "$USERNAME"
fi

# Check home directory size
if [ -d "/home/$USERNAME" ]; then
    SIZE=$(du -sh "/home/$USERNAME" 2>/dev/null | cut -f1)
    echo "Home directory size: $SIZE"
fi

# Check group membership
echo "Group memberships:"
groups "$USERNAME"

# Check crontab
if crontab -u "$USERNAME" -l &>/dev/null; then
    echo "WARNING: User has crontab entries"
fi

# Step 1: Disable the account first
sudo usermod -L -e 1 username
# Locks password and sets expiry to Jan 1, 1970

# Step 2: Kill user processes (if any)
sudo pkill -u username
sudo pkill -9 -u username  # Force kill if needed

# Step 3: Check for important files
find /home/username -name "*.important" -o -name "*.key" -o -name "*.cert"

# Step 4: Backup if needed
sudo tar -czf /backup/username-backup-$(date +%Y%m%d).tar.gz /home/username

# Step 5: Remove crontab
sudo crontab -u username -r 2>/dev/null || true

# Step 6: Finally delete the user
sudo userdel -r username

#!/bin/bash
# Script to safely delete multiple users

USERS_TO_DELETE=("user1" "user2" "user3")
BACKUP_DIR="/backup/deleted-users"

# Create backup directory
sudo mkdir -p "$BACKUP_DIR"

for username in "${USERS_TO_DELETE[@]}"; do
    echo "Processing user: $username"
    
    # Check if user exists
    if ! id "$username" &>/dev/null; then
        echo "User $username does not exist, skipping"
        continue
    fi
    
    # Check if logged in
    if who | grep -q "^$username "; then
        echo "WARNING: $username is logged in, skipping"
        continue
    fi
    
    # Backup home directory if it exists
    if [ -d "/home/$username" ]; then
        echo "Backing up /home/$username"
        sudo tar -czf "$BACKUP_DIR/$username-$(date +%Y%m%d).tar.gz" "/home/$username"
    fi
    
    # Kill user processes
    sudo pkill -u "$username" 2>/dev/null || true
    sleep 2
    sudo pkill -9 -u "$username" 2>/dev/null || true
    
    # Remove user
    sudo userdel -r "$username"
    echo "User $username deleted successfully"
done

# Error message
userdel: user john is currently used by process 1234

# Solutions:
# 1. Ask user to log out
# 2. Kill user sessions
sudo pkill -u john
# 3. Force deletion (dangerous)
sudo userdel -f john

# Check processes
ps -u username

# Kill processes gracefully
sudo pkill -TERM -u username
sleep 5

# Force kill if needed
sudo pkill -KILL -u username

# Then delete user
sudo userdel username

# Check ownership
ls -ld /home/username

# If not owned by user, userdel -r might fail
# Manually remove after user deletion
sudo userdel username
sudo rm -rf /home/username

# If you have a backup of /etc/passwd and /etc/shadow
# Extract the user's line from backup
grep "^username:" /backup/passwd >> /etc/passwd
grep "^username:" /backup/shadow >> /etc/shadow

# Restore home directory from backup
sudo tar -xzf /backup/username-backup.tar.gz -C /

# Fix ownership
sudo chown -R username:username /home/username

# Reset password
sudo passwd username

# Lock the account
sudo usermod -L username

# Set expiry date in the past
sudo usermod -e 1970-01-01 username

# Change shell to prevent login
sudo usermod -s /bin/false username

# This approach allows for easy restoration

#!/bin/bash
USERNAME="$1"
ARCHIVE_DIR="/archive/users"

# Create archive directory
sudo mkdir -p "$ARCHIVE_DIR"

# Archive user data
sudo tar -czf "$ARCHIVE_DIR/$USERNAME-$(date +%Y%m%d).tar.gz" \
    /home/"$USERNAME" \
    /var/spool/mail/"$USERNAME" 2>/dev/null

# Save user info
getent passwd "$USERNAME" > "$ARCHIVE_DIR/$USERNAME-info.txt"
groups "$USERNAME" >> "$ARCHIVE_DIR/$USERNAME-info.txt"

# Then delete user
sudo userdel -r "$USERNAME"