rmuser(ADM) 19 June 1992 rmuser(ADM) Name rmuser, rmgroup, rmpasswd - remove user accounts Syntax /tcb/bin/rmuser users Description rmuser removes user accounts from the system. A user account consists of a line in /etc/passwd, entries in /etc/group and a Protected Password database file. rmuser removes all three entities from the system. If no users are specified on the command line then rmuser will read stan- dard input for account names, one per line. rmuser checks there are no currently running processes for the account before removing it. rmuser uses ale(ADM) and two underlying shell scripts, rmpasswd and rmgroup to do the actual removal and authck(ADM) to rebuild the subsystem databases. ale and authck require the invoking user to have the auth subsystem authorization and the chown and execsuid kernel authorizations. Files /etc/passwd password file /etc/group group file /tcb/files/auth/?/* protected password database /tcb/lib/auth_scripts/rmpasswd user script tcb/lib/auth_scripts/rmgroup group script See also ale(ADM), authcap(F), Diagnostics rmuser returns an exit status of 1 if it was interrupted. Notes Because removing users is not allowed on a C2 system, rmuser checks for UIDREUSE=YES in /etc/default/login before removing any accounts. rmuser does not remove all traces of an account: home directories are left intact, any cron jobs are not removed and the name of the account is left in the Terminal Control database and some Protected Password entries. In the Terminal Control database, the deleted account name is not removed from the last (un)successful login, and last logout fields of a terminal entry. In the Protected Password entries, the account name is left in the owner field of accounts which the removed account owned, and the password user field of any accounts for which the removed account was authorized to change the password. These remnants in the C2 database files do not affect the system. Value added rmuser is an extension of AT&T System V provided by The Santa Cruz Opera- tion, Inc.