useradd

user managementLinux/Unix
The useradd command is one of the most frequently used commands in Linux/Unix-like operating systems. useradd Create a new user or update default new user information

Quick Reference

Command Name:

useradd

Category:

user management

Platform:

Linux/Unix

Basic Usage:

useradd [options] [arguments]

Common Use Cases

    Syntax

    useradd [options] LOGIN

    Options

    Option Description
    -b, --base-dir BASE_DIR Base directory for the home directory of the new account
    -c, --comment COMMENT GECOS field of the new account
    -d, --home-dir HOME_DIR Home directory of the new account
    -D, --defaults Print or change default useradd configuration
    -e, --expiredate EXPIRE_DATE Expiration date of the new account (YYYY-MM-DD)
    -f, --inactive INACTIVE Password inactivity period of the new account
    -g, --gid GROUP Name or ID of the primary group of the new account
    -G, --groups GROUPS List of supplementary groups of the new account
    -h, --help Display help message and exit
    -k, --skel SKEL_DIR Use this alternative skeleton directory
    -K, --key KEY=VALUE Override /etc/login.defs defaults
    -l, --no-log-init Do not add the user to the lastlog and faillog databases
    -m, --create-home Create the user's home directory
    -M, --no-create-home Do not create the user's home directory
    -N, --no-user-group Do not create a group with the same name as the user
    -o, --non-unique Allow to create users with duplicate (non-unique) UID
    -p, --password PASSWORD Encrypted password of the new account
    -r, --system Create a system account
    -s, --shell SHELL Login shell of the new account
    -u, --uid UID User ID of the new account
    -U, --user-group Create a group with the same name as the user
    -Z, --selinux-user SEUSER Use a specific SEUSER for the SELinux user mapping

    Examples

    How to Use These Examples

    The examples below show common ways to use the useradd command. Try them in your terminal to see the results. You can copy any example by clicking on the code block.

    # Basic Examples Basic
    # Create a new user with default settings sudo useradd johndoe
    # Create a new user with a specific home directory sudo useradd -m -d /home/johndoe johndoe
    # Create a new user and add to specific groups sudo useradd -G wheel,developers johndoe
    # Create a user with specific shell sudo useradd -s /bin/bash johndoe
    # Advanced Examples Advanced
    # Create a user with specific user ID sudo useradd -u 1500 johndoe # Create a user with specific group ID sudo useradd -g 1000 johndoe # Create a user with specific home, shell, and groups sudo useradd -m -d /home/johndoe -s /bin/bash -G sudo,developers johndoe # Create a system user sudo useradd -r system_user # Create a user with specific login shell, home directory, and comment sudo useradd -s /bin/bash -m -d /home/johndoe -c "John Doe from IT" johndoe # Create a user with expiry date sudo useradd -e 2023-12-31 temporary_user # Create a user with specific password expiry information sudo useradd -f 30 johndoe # Create a user and set password non-interactively echo "password123" | sudo passwd --stdin johndoe # Create a user with non-unique UID (some systems) sudo useradd -o -u 1000 another_admin # Create a user with skeleton directory (custom template) sudo useradd -m -k /etc/custom_skel johndoe

    Try It Yourself

    Practice makes perfect! The best way to learn is by trying these examples on your own system with real files.

    Understanding Syntax

    Pay attention to the syntax coloring: commands, options, and file paths are highlighted differently.

    Notes

    The `useradd` command is a low-level utility used in Linux and Unix-like systems to create new user accounts. It's a fundamental tool for system administrators who need to manage users on their systems. When executed, `useradd` creates a new user entry in the system account files (primarily `/etc/passwd` and `/etc/shadow`), creates a new group entry if specified, and creates a home directory for the user if requested. By default, the new user account is created but disabled until a password is set using the `passwd` command. **Key Behaviors and Features:** 1. **Default Settings**: Without options, `useradd` creates a user with default settings defined in the `/etc/default/useradd` file and `/etc/login.defs`. These defaults include the location of home directories, default shell, password expiration policies, and more. 2. **Home Directory Creation**: The `-m` option is commonly used to create the user's home directory. Without this flag, many distributions won't create a home directory automatically. When created, the directory is populated with files from the skeleton directory (usually `/etc/skel`), which contains default configuration files. 3. **Primary Group Assignment**: Each user in Linux has a primary group, which is either a group with the same name as the user (if the `-U` option is used, which is often the default) or an existing group specified with the `-g` option. 4. **Secondary Group Membership**: The `-G` option allows you to assign a user to additional groups, which is useful for granting specific permissions (like sudo access by adding a user to the sudo or wheel group). 5. **System Users**: The `-r` option creates a system user, which is typically used for services and daemons rather than human users. System users usually have UIDs below 1000, no home directory, and a non-login shell. 6. **Shell Assignment**: The `-s` option specifies the user's login shell. Users that shouldn't have shell access are often assigned to `/sbin/nologin` or `/bin/false`. **Comparison with Other User Management Commands:** - **`adduser`**: On many distributions, `adduser` is a higher-level, more user-friendly wrapper around `useradd` that asks interactive questions and sets up sensible defaults. For scripting and automation, `useradd` is often preferred. - **`usermod`**: Used to modify existing user accounts, with many options similar to `useradd`. - **`userdel`**: Used to delete user accounts. **Security Considerations:** - The `-p` option accepts an already-encrypted password, not a plaintext one. For security reasons, it's usually better to create the account with `useradd` and then set the password separately with `passwd`. - When creating users for system services, it's best practice to create system users with no login shell and often no home directory to minimize potential security vulnerabilities. - Be cautious with the `-o` option, which allows creating users with duplicate UIDs, as this can have security implications. **Administration Best Practices:** - Use descriptive comments with the `-c` option to document the purpose of the account. - Set appropriate expiration dates for temporary accounts using `-e`. - Consider using a custom skeleton directory (`-k`) for specific types of users to provide appropriate default configurations. - When creating multiple similar users, consider setting up a default configuration with `useradd -D` to simplify the process. The `useradd` command is essential knowledge for Linux system administrators, as proper user management is fundamental to system security and organization.

    Related Commands

    These commands are frequently used alongside useradd or serve similar purposes:

    Use Cases

    Learn By Doing

    The best way to learn Linux commands is by practicing. Try out these examples in your terminal to build muscle memory and understand how the useradd command works in different scenarios.

    $ useradd
    View All Commands