Home » Shell Scripting » BASH » Linux Create User Example

About Toni

Toni

Linux Create User Example

This example will show you how to create users in Linux, looking at the two different available commands: the default utility, useradd; and a script that acts as more friendly front-end for the default utility, which is named adduser.

For this example, Linux Mint 17.03 has been used.

1. How users are organized

The existing users of the system are registered in the file /etc/passwd. This file defines who has legit access to the system. This is an example of a line of the file:

julen:x:1000:1000:Julen Pardo:/home/julen:/bin/bash
 
Which follows the following format:

username:password:uid:gid:real_name:home_directory:command_shell
  • The username is the account name for the login.
  • The password field is actually not used in modern systems. The users credentials are stored in /etc/shadow file.
  • The uid (user id) and gid (group id) are the unique identifiers of the user and the group it belongs to, respectively.
  • The real_name is that, the user’s real name.
  • The home_directory is the working directory of each user, usually /home/<username>.
  • Finally, the command_shell is the program that is ran at login. Usually, this is the path to a shell. If not set, /bin/sh is used.

It’s better not to touch manually this file to add (or modify/remove) users. To add users, we should use the methods that we will see in this tutorial.

2. Using native binary: useradd

useradd is the native, low level, binary of Linux systems. Its use is very simple:

sudo useradd [options] username # superuser privileges are needed.

So, we could create a user named john_doe:

sudo useradd john_doe

Now, a new user named john_doe has been created in the users database. We can check it in the /etc/passwd file:

grep "john_doe" /etc/passwd

Which will show:

john_doe:x:1002:1005::/home/john_doe:

2.1. Setting a password

We have created a user without a password! We can check it in the /etc/shadow file:

grep "john_doe" /etc/shadow

Returning:

john_doe:!:17018:0:99999:7:::

That exclamation mark ! means that no password is set for the user.

Setting a password for each user is not an advice, but mandatory. For this, we have two options: create the user and then set the password (with passwd command), or specify it at creation time with -p (--password) option. The recommended option is the first one, since the second one has two obvious downsides:

  • The password is visible in the command line.
  • We are not asked for confirmation, so we won’t notice if we make a miss typing the password.

Use always the passwd command to set the passwords. We only have to run it specifying the user, as in the following example:

sudo passwd john_doe

And we will be asked to set the password (with confirmation).

2.2. Creating the home directory

Now that we have this new user, we can try to login in the system with it:

sudo -u john_doe -i # Login with user john_doe.

But we will get an error:

sudo: unable to change directory to /home/john_doe: No such file or directory

This is because useradd sets the home directory for new users, but it does not create it by default. We can fix it by creating manually the directory, but is better to create the home directory at user creation time. This is achieved passing the -m (--create-home) option to useradd:

sudo userdel john_doe # To delete it.
sudo useradd john_doe -m

This will create a directory for the new user. The default behavior for this option is to create the directory with the same name as the created user, in the /home directory.

2.3. Setting a different home directory

For some reason, we might want to set the home directory in a different place from /home. This is allowed using the -b (--base-dir) option. For example:

sudo useradd john_doe -b /tmp

Will create the following entry in /etc/passwd:

john_doe:x:1002:1005::/tmp/john_doe:

Note that we only have specified the directory where the home directory will be placed, not the home directory name itself.

When we use this option, we also have to tell userrad to create the home directory, as in the example of the previous section:

sudo useradd john_doe -b /tmp -m

2.4. Setting the shell

You may have noticed that the in the line for our user, the value for the shell is not set. Usually, we would want to use /bin/bash instead of the default /bin/sh. To specify the shell, we have to use the -s (--shell) option:

sudo useradd john_doe -m -s /bin/bash

2.5. Other options

Let’s see other common options for useradd command.

2.5.1. Specifying the primary group

The default behavior when creating a user is to create a group for it, with the same name, and set it as primary. But we have the option to avoid this and specify a group name (or gid) to be the primary of the creating user. For this, -g (--gid) option is used, as in the following example:

sudo useradd john_doe -g developers

And john_doe will be created with developers as primary group. We can check it with the groups command:

groups john_doe

2.5.2. Setting secondary groups

Similarly to the primary group, we may want to set secondary group(s) for a user at creation time. This time, -G (-groups) option has to be used, specifying the list of groups separated by commas, without whitespaces, e.g.:

sudo useradd john_doe -G developers,another_secondary

2.5.3. Setting an expiration date

This option is useful when we have to create accounts for users that we know beforehand have to have access to the system only until a certain date. For this, we have to use the -e (--expiredate) option, specifying the date in YYYY-MM-DD format. Let’s see it with an example:

sudo useradd john_doe -e 2017-01-01

2.5.4. Setting personal information

Actually, we can set any type of additional comments, but this option is usually used to specify personal information, such as real name. We have to use the -c (--comment) option, specifying the information between quotes (single or double, doesn’t matter) if the comment contains whitespaces, e.g.:

sudo useradd john_doe -c 'John Doe'

Will generate the following entry:

john_doe:x:1002:1005:John Doe:/home/john_doe:

3. Using a user-friendly wrapper for useradd: adduser

With useradd, we have seen that creating users is not actually difficult, but, by default, it doesn’t perform some actions that can be supposed as essential, like creating the home directory. We can even create a user without a password, and do not notice it.

To make user creation easier and in a more comfortable way, adduser was created. This is just a Perl script for an interactive use of useradd.

If we try to create a user with adduser, e.g.:

sudo adduser john_doe

And we will see that, only typing that, adduser does many things for us:

Adding user `john_doe’ …
Adding new group `john_doe’ (1001) …
Adding new user `john_doe’ (1002) with group `john_doe’ …
Creating home directory `/home/john_doe’ …
Copying files from `/etc/skel’ …
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Changing the user information for john_doe
Enter the new value, or press ENTER for the default
Full Name []: John Doe
Room Number []: 1
Work Phone []: 111-111-111
Home Phone []: 222-222-222
Other []: 333-333-333
Is the information correct? [Y/n] Y

(In italic the values specified by hand).

That is, apart from creating the home directory and setting the password with passwd, also allows to set personal information about the user. And also sets /bin/bash for the shell. This is the line that has been added in /etc/passwd for the user we have just created:

john_doe:x:1002:1001:John Doe,1,111-111-111,222-222-222,333-333-333:/home/john_doe:/bin/bash

3.1. Changing the options

Even if adduser does makes more comfortable the user creation, we can change the options. Let’s see the equivalents for adduser that we have seen for useradd.

The format is the same as with useradd:

sudo adduser <username> [option1] <value1>...[optionN] <valueN>
  • Changing the home directory: --home
  • Changing the shell: --shell
  • Specifying the primary group: --ingroup

The adduser utility does not provide options for setting secondary groups and and an expiration date.

4. Summary

This example has shown how to create users in Linux systems, with two different commands: useradd and adduser. As we have seen, adduser can be considered a better (in terms of usability) option, since it performs two essential actions that useradd does not perform by default: create a home directory, and set a password. Even if a user creation can require more options, those two are always fundamental.

(0 rating, 0 votes)
You need to be a registered member to rate this.
Start the discussion Views Tweet it!
Do you want to know how to develop your skillset to become a sysadmin Rockstar?
Subscribe to our newsletter to start Rocking right now!
To get you started we give you our best selling eBooks for FREE!
1. Introduction to NGINX
2. Apache HTTP Server Cookbook
3. VirtualBox Essentials
4. Nagios Monitoring Cookbook
5. Linux BASH Programming Cookbook
6. Postgresql Database Tutorial
and many more ....
I agree to the Terms and Privacy Policy
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Inline Feedbacks
View all comments