Skip to main content
Engineering LibreTexts

02-B.7: Users: Create, Modify and Delete (cont'd)

  • Page ID
    26809
  • More useradd Customization

    Even though the useradd command is very basic, it is possible for options to be specified as a new user is created. Let's take a look at some brief examples of the most common customizations used.

    Comment

    The comment option is a plain-text field for providing a short description or other information using the -c argument.

    $ sudo useradd -c "Sean is cool" sean
    $ getent passwd sean
    sean:x:1011:1011:sean is cool:/home/sean:/bin/bash
    

    Groups

    A user can be assigned one primary group and multiple secondary groups. The -g argument specifies the name or GID of the primary group. If it's not specified, useradd creates a primary group with the user's same name (as demonstrated above). The -G (uppercase) argument is used to pass a comma-separated list of groups that the user will be placed into; these are known as secondary groups.

    $ sudo useradd -G mygrp,fgroup,libvirt emma
    $ id emma
    uid=1012(emma) gid=1012(emma) groups=1012(emma),981(libvirt),4000(fgroup),3000(tgroup)
    

    Home directory

    The default behavior of useradd is to create the user's home directory in /home. However, different aspects of the home directory can be overridden with the following arguments. The -b sets another directory where user homes can be placed. For example, /home2 instead of the default /home.

    $ sudo useradd -b /home2 hallie
    $ getent passwd hallie
    hallie:x:1013:1013::/home2/hallie:/bin/bash
    

    The -d lets you specify a home directory with a different name from the user.

    $ sudo useradd -d /home/ben nick
    $ getent passwd nick
    nick:x:1014:1014::/home/ben:/bin/bash
    

    The skeleton directory

    The -k instructs the new user's new home directory to be populated with any files in the /etc/skel directory. These are usually shell configuration files, but they can be anything that a system administrator would like to make available to all new users.

    Shell

    The -s argument can be used to specify the shell. The default is used if nothing else is specified. For example, in the following, shell bash is defined in the default configuration file, but david has requested zsh.

    $ grep SHELL /etc/default/useradd
    SHELL=/bin/bash
    
    $ sudo useradd -s /usr/bin/zsh david
    $ getent passwd david
    david:x:1004:1004::/home/david:/usr/bin/zsh
    

    Security

    Security is an essential part of user management, so there are several options available with the useradd command. A user account can be given an expiration date, in the form YYYY-MM-DD, using the -e argument.

    $ sudo useradd -e 20191231 sammy
    $ sudo getent shadow sammy
    sammy:!!:18171:0:99999:7::20191231:
    

    An account can also be disabled automatically if the password expires. The -f argument will set the number of days after the password expires before the account is disabled. Zero is immediate.

    $ sudo useradd -f 30 seth
    $ sudo getent shadow seth
    seth:!!:18171:0:99999:7:30::
    

    "Intro to the Linux useradd command" by Alan Formy-Duval, opensource.com is licensed under CC BY-SA 4.0