How to remove traces of a deleted user

1

I have been tasked with removing departed employees' local *nix accounts. In almost all cases, userdel -r <username> works like a charm. However there are a few cases where the user in question was removed uncleanly on a prior date, leaving their account non-existent but with a presence in the /etc/group file and a home directory. When the task comes to me to remove their user from the system, I find that the user doesn't exist, but I still need to remove these remnants. In this case, userdel -r <username> prints userdel: user '<username>' does not exist, and the orphaned group entries, mail spool, home directory etc are not removed.

I could whip up a script to check home, group, and mail spool myself, but I'd rather use an existing utility if it exists. That utility can be a shell command or an Ansible module.

I'm given the username to purge, and that can be assumed correct, though case insensitivity would be a bonus. If there's a safe way to find and correct all non-existent users without an input, that would be even better, as it would save me from having to rework previous tasks.

Wazoople

Posted 2019-04-19T17:28:35.833

Reputation: 111

I've found that I can add the user and then remove them with the -r flag, but that feels somewhat unclean. It's preferable to writing the script I mentioned in the second paragraph, however. – Wazoople – 2019-04-19T17:57:53.827

Answers

0

What I understand is that you need to delete the user from all his secondary groups with a core utility (on top of userdel)

usermod -G "" <username> && userdel -r <username>

You could add it as function to your ~/.bash_aliases or ~/.bashrc for quicker use

nukeusr() {
    usermod -G \"\" $1 && userdel -r $1
}

Then nukeusr <username> to delete the user from the groups too.

AlexLoss

Posted 2019-04-19T17:28:35.833

Reputation: 84

Actually, userdel -r <username> handles removing the user from secondary groups, and that's what I use in the default case. The issue is when the user has already been deleted without userdel's -r flag. usermod and userdel won't work on a user that has been deleted. – Wazoople – 2019-04-19T18:36:24.970

Alright, I didn't understand that from the question. It sounded like userdel -r wouldn't work consistently, forgetting the secondary groups sometimes – AlexLoss – 2019-04-19T19:04:41.450

Ah, okay. I see how it can be read that way. I'll try to clarify. – Wazoople – 2019-04-19T20:05:30.890

I believe I would have to delete my reply, right? (reason: unrelated to what you wanted).

I would personaly have gone for your other method : reinstate a dummy user and re-delete it. I could also edit my answer to fit that solution. – AlexLoss – 2019-04-19T21:08:32.733

You're free to write up a reply with the dummy user strategy. I'll probably post it myself if someone doesn't post something cleaner by Monday afternoon. I realize I posted the question on Good Friday, so I'd like to give it 24 hours that aren't in a holiday weekend. – Wazoople – 2019-04-21T06:32:19.057

Asked: 2019-04-19T17:28:35.833

Viewed: 51 times

Active: 2019-04-19T20:10:59.257