What happens to a users files when I delete the user in linux?

Solution 1:

Most distributions come with a tool called userdel, or deluser. These won't, by default, remove any of the user's files. So by default, nothing happens to the files owned by that deleted account. They keep their user and group IDs as they are.

In ls and other such listings, you'll see the numeric IDs instead of the usual username (and group if you delete that too).

userdel (and deluser) do have options to remove a specific set of files (namely, the user's home directory and mail spool), but will not do a system-wide search-and-destroy operation. You'll need to do that yourself if you want to (using find, locate or similar tools for instance).

Note that if you re-create a user with the same UID, that new user will end up owning the defunct user's files, so backing up (just in case, maybe not with a long retention) and clearing at least the home directory (including dotfiles) is something that should be considered (for privacy and security issues for instance).

(This is assuming normal filesystems and local accounts, and no "enhanced" user-management tools or policy enforcement software of some type or other that could potentially do anything it wants to orphaned files - you'll need to check the docs for these tools to know exactly to what extent they "destroy" the account.)

Solution 2:

The files and home directories of the users remain. Which in fact is a security risk. When you add another user, then it can get the UID of the deleted user and so it gets the permission to access the files owned by the deleted user.

For this, use userdel -r to remove home directories and files of the user too whom you are deleting.

This is because utilities like ls map the UID to user name to show this.