Being a system administrator, you must be assigned a task to create a user account with a specific home directory, shell, group, or password expiration. To complete such task, useradd command is used. It enables you to create new users to your Linux system. In other words, useradd command is used to create a user account.
adduser command is a symbolic link of useradd command and works similar to useradd command. It is just a matter of preference which command you want to use. When you run useradd command in your terminal, it performs the following operations:-
useradd [options] username
Options | Description |
---|---|
-u | This option is used for setting the specified user ID to a user. It modifies the third field of /etc/passwd file. |
-g | This option assigns a group to a new user. You can provide group name or GID to this option. It modifies the fourth field of /etc/passwd file. |
-c | It is used to specify comments helps you to identify the reason for creating a new user. It modifies fifth field of /etc/passwd file. |
-d | This option sets the specified home directory of a user. It modifies the sixth field of /etc/passwd file. |
-s | It assigns a different login shell to a new user. It modifies the seventh field of /etc/passwd file. |
-G | If you want a new user to be a member of additional groups then use this option. It takes group names separated by commas. |
-e | It sets the date on which a user account will expire. Specify the expiry date in YYYY-MM-DD format. |
-f | It specifies the number of days after password expires that account is disabled. |
-p | It is used to set the password of a new user. |
Rather than learning syntax and command line options, it is always better to dirty your hands by practicing examples.
Run useradd or adduser command with username to create a user. Username that you specify is basically the login name using which you will login to the Linux system. Usernames must be unique and you cannot have more than one user with the same username.
To create a new user meera, run the below command-
#useradd meera
When you run this command, and try to login with this username you will find that you cannot login. Because this newly created user is in the locked state and you need to set the password to unlock it. So, we need to assign password to user meera.
#passwd meera Changing password for user meera. New UNIX password: Retype new UNIX password: passwd: all authentication tokens updated successfully.
Just after running the above command, this newly created user is added to /etc/passwd file. If you check /etc/passwd file, you will find its entry into this file.
meera:x:2000:2000::/home/meera:/bin/bash
In case, you want to learn the meaning of each field of /etc/passwd file then click here- Linux /etc/passwd file. And if you list the files in /home/meera folder, you will find some initialization files.
#ls -la /home/meera total 2832 drwxr-xr-x 2 root root 4096 2017-12-02 08:26 . drwxr-xr-x 8354 root root 12288 2017-12-02 18:49 .. -rw-r--r-- 1 meera meera 53 2017-04-18 21:51 .bash_history -rw-r--r-- 1 meera meera 18 2017-04-18 21:51 .bash_logout -rw-r--r-- 1 meera meera 193 2017-03-26 08:31 .bash_profile -rw-r--r-- 1 meera meera 231 2017-04-18 21:51 .bashrc
Now you might wonder where these files came from and also why meera folder is created in /home directory? Well, useradd command picks the default values from the /etc/default/useradd file. You can view the content of this file using useradd -D command or cat command-
#useradd -D GROUP=100 HOME=/home INACTIVE=-1 EXPIRE= SHELL=/bin/bash SKEL=/etc/skel CREATE_MAIL_SPOOL=yes
If you list the files of /etc/skel folder, you will find that all the initialization files came from this folder.
#ls -la /etc/skel total 28 drwxr-xr-x 2 root root 4096 2017-12-02 08:26 . drwxr-xr-x 135 root root 12288 2017-12-02 18:49 .. -rw-r--r-- 1 root root 0 2017-04-18 21:51 .bash_history -rw-r--r-- 1 root root 18 2017-04-18 21:51 .bash_logout -rw-r--r-- 1 root root 193 2017-03-26 08:31 .bash_profile -rw-r--r-- 1 root root 231 2017-04-18 21:51 .bashrc
useradd command creates home directory whose name equal to username in /home directory. Lets say, if you have created a user govind then its home directory will be /home/govind.
However, you can change this default behaviour using -d option. Suppose you want to create a user damodar with home directory /data/webdevelopers
#useradd -d /data/webdevelopers damodar
You can verify this by running the below command-
#cat /etc/passwd | grep damodar damodar:x:515:515::/data/webdevelopers:/bin/bash
Every user in Linux is assigned UID(Unique Identification Number). UID is a unique number between 0 and approximately 1 billion. UID 0 is reserved and is assigned to root user. UIDs between 1 and 499 are reserved for system accounts and UIDs 500 and above are used for other users. It all depends on your Linux distribution, which UID it assigns to your user. In case, you want a different UID then use -u option.
In the below example, user gopal is assigned UID 600.
#useradd -u 600 gopal
Its time to verify it using the below command-
#cat /etc/passwd | grep gopal gopal:x:600:600::/home/gopal:/bin/bash
By default, Linux creates a group with the same name as the username and the same GID as the user's UID. But don't worry, if you want to change this default behavior of useradd command then use -g option.
Suppose, you want to create a user madhav whose group name is devops instead of madhav then use the below command-
#useradd -g devops madhav
Now, you can see that madhav is now a member of devops group-
#cat /etc/group | grep devops devops:x:500:madhav
If you want to create a user gopal whose GID is 1100 then use the below command-
#useradd -g 1100 gopal
Now, you can see the assigned GID in /etc/passwd file.
#cat /etc/passwd | grep gopal gopal:x:1020:1100::/home/gopal:/bin/bash
Use -G option to specify additional groups in which you want a new user to be a member of. Don't use space between group names and separate each group by a comma.
Suppose you want to create a user raghav who is a member of sysadmin, developer, and management group.
#useradd -G sysadmin,developer,management raghav
You can verify this by running the below command:-
#id raghav uid=2018(raghav) gid=2018(raghav) groups=1001(raghav),610(sysadmin),611(developer),612(management)
By default, when you create a user using useradd command then that user account never expires. But, you can set the expiry date using -e option. This is useful when you want to disable the account. Specify the expiry date in YYYY-MM-DD format.
Let's day, you want to expire a user nisha on 23rd December 2017 then run the below command-
#useradd -e 2017-12-23 nisha
You can verify this by running chage command with -l option.
#chage -l nisha Last password change : Nov 12, 2016 Password expires : never Password inactive : never Account expires : Dec 23, 2017 Minimum number of days between password change : 0 Maximum number of days between password change : 99999 Number of days of warning before password expires : 7
Use -f option to specify the number of days after password expires that account is disabled. In this example, we will set the password expiry date to 30 days for the user nitin.
#useradd -f 30 nitin
Adding meaningful comment to a user helps you to identify the reason for creating a new user. Use -c option to specify comment such as first and last name, email address, etc. In the below example, we will add a user kanchan whose full name is Kanchan Sharma into the comment field.
#useradd -c "Kanchan Sharma" kanchan
You can see the comments in /etc/passwd file.
kanchan:x:1020:1026:Kanchan Sharma:/home/kanchan:/bin/bash
Use -s option to assign a different login shell to a new user. In the below example, we will assign /bin/tcsh shell to a new user tutorialsandyou.
#useradd -s /bin/tcsh tutorialsandyou
You can verify this in /etc/passwd file.
tail -1 /etc/passwd tutorialsandyou:x:1024:1024::/home/tutorialsandyou:/bin/tcsh