useradd Command in Linux
The Linux useradd command is a straightforward tool for creating new system user accounts. System administrators use this command to set up users with specific permissions, home directories, access to the command shell, and other key features that are important for system security and management. Whether they need to manage large groups of users on a server or just set up individual accounts, useradd helps them add new users in an organized way, making sure all settings are correct and consistent.
Table of Contents
Here is a comprehensive guide to the options available with the useradd command −
Syntax of useradd Command
The basic syntax for creating a new user with useradd is −
useradd [options] username
Where −
- options − Modifies user creation attributes such as shell access, home directories, and user groups.
- username − Defines the new username for the account being created.
useradd Command Options
The useradd command provides multiple options that help refine how new user accounts are created.
| Options | Description |
|---|---|
| --badname | Allows usernames that do not conform to standard naming conventions by skipping validation checks. |
| -b, --base-dir BASE_DIR | Specifies the base directory where the user's home directory should be created, instead of using the default /home/. |
| --btrfs-subvolume-home | Uses a Btrfs subvolume for the user's home directory, ensuring better snapshot and backup capabilities. |
| -c, --comment COMMENT | Adds user-specific metadata in the GECOS field, typically used for descriptive information like full names or office numbers. |
| -d, --home-dir HOME_DIR | Defines a custom home directory path for the user instead of automatically assigning /home/username/. |
| -D, --defaults | Displays or modifies default settings for useradd, including shell type, home directory permissions, and UID configuration. |
| -e, --expiredate EXPIRE_DATE | Sets an expiration date for the account, after which the user will be unable to log in. Useful for temporary or restricted accounts. |
| -f, --inactive INACTIVE | Defines the number of days after password expiration before the account is disabled. Helps enforce security policies. |
| -F, --add-subids-for-system | Ensures that subuser and subgroup ID entries are created when adding a system user, supporting advanced access control models. |
| -g, --gid GROUP | Sets the primary group for the new user, either by group name or numeric Group ID (GID). |
| -G, --groups GROUPS | Adds the user to multiple supplementary groups, allowing access to shared resources. |
| -h, --help | Displays a list of available options, providing guidance on useradd command functionalities. |
| -k, --skel SKEL_DIR | Uses an alternative skeleton directory for home directory initialization instead of /etc/skel/. |
| -K, --key KEY=VALUE | Overrides default configurations stored in /etc/login.defs, allowing customization of account settings. |
| -l, --no-log-init | Prevents the user from being added to lastlog and faillog databases, which track login activity. |
| -m, --create-home | Automatically creates a home directory for the user, copying default files from /etc/skel/. |
| -M, --no-create-home | Disables home directory creation, typically used for system or service accounts that do not require personal storage. |
| -N, --no-user-group | Prevents the creation of a dedicated group with the same name as the user. |
| -o, --non-unique | Allows the creation of a user with a duplicate UID, useful in specific administrative setups. |
| -p, --password PASSWORD | Assigns an encrypted password to the new account at creation, instead of setting it manually later. |
| -r, --system | Creates a system account, typically used for services and daemons, with no home directory and restricted privileges. |
| -R, --root CHROOT_DIR | Executes user creation inside a chroot environment, useful for managing isolated installations. |
| -P, --prefix PREFIX_DIR | Specifies a prefix directory for locating configuration files such as /etc/passwd. |
| -s, --shell SHELL | Defines the default shell assigned to the user, such as /bin/bash, /bin/zsh, or /usr/sbin/nologin. |
| -u, --uid UID | Assigns a custom User ID (UID) instead of automatically generating one. |
| -U, --user-group | Creates a group with the same name as the user, ensuring consistent file ownership and group policies. |
| -Z, --selinux-user SEUSER | Maps the user to a specific SELinux security context, ensuring compliance with SELinux rules. |
| --extrausers | Enables the extra users database, allowing management of users stored in an alternate authentication system. |
Examples of useradd Command in Linux
Here are a few examples of using the useradd command in various real-world scenarios.
- Creating a Basic User with Default Settings
- Creating a User with a Home Directory
- Assigning a Specific Shell to a User
- Creating a User with a Custom Home Directory
- Adding a User to a Primary Group
Creating a Basic User with Default Settings
If you need to create a new user without specifying additional configurations, run −
sudo useradd kumar
This command creates a new user without a home directory. The system assigns a default shell and user ID automatically.
No password is set initially, so the administrator must assign a password separately using −
sudo passwd kumar
This method is ideal for service accounts that don't require personal storage.
Creating a User with a Home Directory
Most regular users need a personal home directory for storing files. To automatically create a home folder, run the following command −
sudo useradd -m satish
The -m option creates /home/alice_satish/ as the user's directory. Default configuration files from /etc/skel/ are copied into the new home directory. The user satish will have a personal storage area for files, configurations, and SSH keys.
Assigning a Specific Shell to a User
Different users may require specific shell environments. To ensure a user is assigned Bash as their default shell, use −
sudo useradd -m -s /bin/bash developer_aryan
This guarantees that every time aryan logs in, he is provided with the Bash shell for executing commands.
Creating a User with a Custom Home Directory
By default, user home directories are created under /home/. If you need to store it elsewhere, such as /opt/custom_home/, run −
sudo useradd -m -d /opt/custom_home devops_user
The -d option specifies /opt/custom_home/ as the home directory. This is useful in environments where user directories need to be placed outside the standard /home/. The system automatically grants ownership to devops_user.
Adding a User to a Primary Group
Assigning a primary group helps define access control. To create a user and set their primary group, run −
sudo useradd -m -g developers gaurav
The -g option assigns gaurav to the developers group. This ensures file permissions align with the group's privileges.
Conclusion
The useradd command is essential for managing users in Linux. It allows administrators to set up accounts with specific settings. With useradd, you have a lot of options. You can create regular user accounts, restrict access to the shell, set when accounts will expire, and manage permissions by organizing users into groups.
By learning these commands, Linux administrators and users can boost security and organize their systems more effectively. It also helps make sure that they comply with company policies for managing users properly.