The Linux operating system is a multi-user environment, where a system administrator will need to add users.
As the system administrator, it falls to you to manage the system’s groups and users.
This article discusses how to create new user accounts with the useradd command.
Useradd Command Functions
This is used to create user accounts in Linux. It also has the ability to add multiple users to the same system, at the same time.
When running the useradd command, it does the following tasks:
- It edits etc/shadow, etc/passwd, etc/group and etc/shadow files for the new user account.
- It creates, and then populates the home directory for the user.
- It places the appropriate permissions, and ownership to the home directory.
This is the basic syntax of the command:
useradd [options] username
The only user who can create a new user account or use the useradd command is a root user, or one with sudo privileges.
Useradd makes a new user account based on the choices mentioned on the command line. Generic values are set in the etc/default/useradd configuration file.
Furthermore, useradd honors the settings in the /etc/login.defs file. It features the configuration for the shadow password suite. This includes the range of user IDs allocated for creating additional users (both system and regular), as well as password expiration policies.
How to Create a New User
To add or create a new user on Linux, all you have to do is type the useradd command along with the user’s name.
For example, in order to create a user called username, this is what you will need to run:
sudo useradd username
Whatever name is used for the username, will be the login name used when the user attempts to login to the Linux system.
Before the user can login to the system , a user password needs to be set. To do this, run the passwd command along with the username.
sudo passwd username
After this command, you will be prompted to input and confirm your new password.
Output Changing Password for user username. New Password Retype new password passwd: all authentication token updated successfully.
Once you have done all this, a new user is created.
After you create a user account, this username is automatically included in the ‘/etc/passwd’ file. The file’s function is to collect information about each user. This is how it should be inputted:
Add Users to Group and Make Home Directory
To add a home directory, select the -m (–create-home) option. This command creates a home directory under ‘/home/name of username’.
In this case, the default home directory for ‘etbox’ is ‘/home/etbox‘.
This command sets up the user’s home directory. This also duplicates files from the /etc/skel directory to the user’s personal home directory.
You will see the files if you ‘ls’ the files in the /home/etbox directory:
ls -la /home/etbox/
Output drwxr-xr-x-x 2 etbox etbox 4132 Nov 28 10:43 drwxr-xr-x-x 4 root root 4132 Nov 28 10:43 -rw-r--r-- 1 etbox etbox 445 Aug 30 2020 .bash_logout -rw-r--r-- 1 etbox etbox 3887 Aug 30 2020 .bashrc -rw-r--r-- 1 etbox etbox 623 Aug 30 2020 .profile
Thanks to the home directory, users can write, delete and edit files and separate directories.
To change the user’s home directory to another location, use the d (–home) option
sudo useradd -m -d /opt/etbox etbox
How to Create a User with Specific User ID
UIDs (User Identifiers) along with other access control policies determine the different actions a user can do on system resources.
Type useradd with the -u (–uid) option.
This will help in creating a user that has a specific UID. For example, let’s give etbox a UID of 824. To do this, type this command:
sudo useradd -u 824 etbox
With the help of the ID command, you can verify the value of your user’s UID.
id -u etbox 824
Add User To Specific Group ID
The -g (–gid) option lets you add a new user account with a specific starting login group. Either the group ID or name must be present.
Here is an example of how to create the etbox username and set the group to “users”:
sudo useradd -g users etbox
To verify the user GID, apply the id command
id -gn etbox users
Add User Group and Assign Different Groups
The -G (–groups) option lets you identify supplementary groups.
For example, you can create the user account ‘etbox’. You can also add a primary group ‘control’ as well as secondary groups ‘bike’ and ‘full name’
sudo useradd -g control -G bike,developers etbox
To verify, type: id etbox
uid=1123 (etbox) gid 100 = (control) groups=100(full name), 15(bike), 988(full name)
How to Create a User with Specific Login Shell
The -s (–shell) option enables the user to state its login shell.
To create a username ‘etbox’ with the login shell type /usr/bin/zsh, and input the following:
sudo useradd -s /usr/bin/zsh etbox
To verify your login shell, refer to the /etc/passwd file
grep etbox /etc/passwd etbox:x :2002:2002::/home/etbox/usr/bin/zsh
How to Create a User with Custom Comment
The -c (–comment) option enables you to give a brief description of your user account.
In this example, we’ll use the text string “Test Account” as the comment.
sudo useradd -c "Test Account" etbox
This comment will be saved in the /etc/passwd file:
grep etbox /etc/passwd
Output etbox:x:1043:1042:Test Account:/home/etbox:/bin/sh
How to Create a User with Specific Expiry Date
You can identify each user account’s expiry date. To do this, apply the -e (–expiredate) option. This will come in handy for temporary accounts.
The date must be displayed in the YYYY-MM-DD format.
To set the expiry date to September 1, 2020, this is what you should run.
sudo useradd -e 2020-09-01 etbox
The chage command must be used to verify the user account’s date of expiration:
sudo chage -l etbox
This is what your output value should look like after applying these commands:
Last password change : December 23, 2019 Password expires : never Password inactive : never Account expires : September 5, 2020 Minimum number of days between password change : 0 Maximum number of days between password change : 99999 Number of days of warning before password expires : 7
How to Create a System User
The -r(–system) option is there for you to create a system user account.
To add a new system user named ‘etbox’, you should input this command: sudo useradd -r etbox
These are created without an expiration date. Their UIDs are randomly selected from a variety of system user IDs in the login.defs file.
How to Change Default Useradd Values
The -D, –defaults option can manipulate or view the default useradd values. To do this, type the following command:
useradd - D
This will be the output:
GROUP=100 HOME=/home INACTIVE=-1 EXPIRE= SHELL=/bin/sh SKEL=/etc/skel CREATE_MAIL_SPOOL=no
This article discusses the different options you can use when adding user accounts to the Linux Operating System.