How to safely delete a user account on Linux

Deleting users on a Linux server should be handled with this best practice.

If you make use of Linux in your data center, or simply your on-premises servers of any sort, chances are you have users that log into those servers to take advantage of one service or another. The probability is also high that at some point, you're going to have to delete a user. This may be because an employee moves on to another department, job, or company. 

No matter the reason why, you need to know how to safely delete that user account on your Linux server. I'm going to show you how to do just that.

SEE: 10 dangerous app vulnerabilities to watch out for (TechRepublic download)

What you'll need

In order to accomplish this task, you'll need a Linux server up and running (it doesn't matter what distribution of Linux you use) and a user account with sudo privileges. With those things at the ready, let's delete some users.

Lock 'em out

Instead of diving right in and deleting a user, it's best to first lock said user out of their account. By doing this, you prevent that user from gaining access to their account. This is also a good step to take should a user be placed on suspension or take a leave of absence (where they are not allowed to log into their account). 

In order to lock out a user account, log into the Linux server for which they have an account, and then issue the command:

sudo passwd -l USERNAME

Where USERNAME is the user to be locked out.

Before you continue on, attempt to change to that user with the command su USERNAME. You should see (no matter how many times you type the password correctly) an authentication failure alert (Figure A).

Figure A

User don has been locked out.

If you're not sure if the user in question is already logged in (before you lock them out), you might want to force a log out on them with the command:

sudo killall -9 -u USERNAME

Where USERNAME is the name of the user in question. Once you're certain they are not logged in, you can then lock them out of their account. 

Backup user data

Before you delete the user, you might want to take a backup of their home directory (in case there is data you want to save). To do that, issue the following commands:

sudo tar -zcvf USER_backup.tgz /home/USER

Where USERNAME is the name of the user in question.

You could then move that newly created tar file into a backup directory (where you keep deleted user data).

Delete cron and print jobs

The last step, before deletion, would be to delete any cron and print jobs. These two tasks can be done with the following commands:

sudo crontab -r -u USERNAME
sudo lprm USERNAME

Where USERNAME is the name of the user in question.

Delete the user

Now you can safely delete the user account. To do this, issue the command:

sudo userdel -r USERNAME

Where USERNAME is the name of the user to be deleted.

Using the -r option will also delete the home directory of the user (which is why we backed it up before deleting it).

And that's how you safely delete a user on a company-owned Linux server. Yes, there are other ways to take care of this task, but by following the process I've outlined you can delete users safely and without much hassle.

Open Source Weekly Newsletter

You don't want to miss our tips, tutorials, and commentary on the Linux OS and open source applications. Delivered Tuesdays

Sign up today Sign up today

Also see

Image: Jack Wallen