How to Create/Add Users in Linux

July 26, 2022

Introduction

Linux is a multiuser environment, and user provisioning is an essential responsibility in system management. System administrators add, delete, and manage users and groups on the system.

The useradd command provides various options, resulting in a comprehensive way to automate identity and access management.

This article shows how to create and add users in Linux.

How To Create/Add Users in Linux

Prerequisites

useradd Command Syntax

The basic syntax for the useradd command is:

useradd <options> <username>

Running the command creates a new user account or updates an existing user according to the values in:

  • /etc/default/useradd - The default values for the useradd command.
  • /etc/login.defs - Configuration control values for the login package.
  • The <options> provided with the command, which update or override the predefined configuration.

The default values vary between different systems.

The rules limit the username to:

  • Length between 1 and 32 characters.
  • The username begins with a lowercase letter or an underscore.
  • The username can contain any combination of upper and lowercase letters, numbers, dashes, and underscores.
  • The username can end in a dollar sign ($).

The regular expression for checking the username validity is:

[a-z_][a-z0-9_-]*[$]

Note: Debian follows a different set of rules for usernames. However, the provided rules are a good starting point for all systems to help avoid problems.

In addition, the command also creates a group for the new user. Adding a new user requires sudo permissions to modify the files for storing user and group information.

useradd Command Options

The useradd command comes with various options. Common options are in the table below:

OptionDescription
-b <directory>
--base-dir <directory>
Sets a default base directory for the system.
-c <information>
--comment <information>
Sets a short description of the user, such as the full name or role.
-d <home directory>
--home-dir <home directory>
The user's login directory.
-D
--defaults
Displays the default values or changes them when combined with other options.
-e <YY-MM-DD>
--expiredate <YY-MM-DD>
The date when the user account expires.
-f <days>
--inactive <days>
Sets the time in days the account becomes inactive after a password expiry.
-g <name or number>
--gid <name or number>
Establishes the user's initial login group.
-G <group1,group2,etc>
--groups <group1,group2,etc>
Adds user to additional groups.
-k <skeleton directory>
--skel <skeleton directory>
Copies files and directories into the user's home directory.
-m
--create-home
Creates a home directory for a user if it does not exist.
-M
--no-create-home
Does not create a home directory (overrides system settings).
-o
--non-unique
Combines with -u to allow duplicate UIDs.
-p <password>
--password <password>
Sets the user's password (not recommended).
-r
--system
Adds a system account.
-s <shell path>
--shell <shell path>
Defines the user's login shell.
-u <uid>
--uid <uid>
Unique numerical value ID.
-U
--user-group
Creates a group with the same name as the user and adds the user to the group.

Creating New Users in Linux

Creating new users in Linux does the following:

1. Provides a unique UID and GID.

  • 0 is reserved for root and assigned automatically.
  • 1-999 is for system accounts and services.
  • 1000 and above are for regular users.

Note: Numbers vary between different operating systems. The example values are for Ubuntu.

2. Edits files that store account information.

  • /etc/passwd - Lists all registered users on the system.
  • /etc/shadow - Stores encrypted user passwords.
  • /etc/group - Defines user groups.
  • /etc/gshadow - Stores encrypted group passwords.

3. Sets user permissions on the home directory through the group.

Note: Linux also provides a command to modify existing users with usermod.

Follow the examples below to see how to add users in Linux.

Adding a User in Linux

To add a user in Linux, run the following command in the terminal:

sudo useradd <username>
sudo useradd terminal output

If prompted, enter the sudo password to continue.

Without any options, the useradd command adds a user based on the predefined options in the /etc/useradd file. The new user is in a locked state and requires a password to unlock it. Use the passwd command to unlock the account:

sudo passwd <username>
sudo passwd terminal output

The command prompts to enter and confirm the password.

Note: Passwords are an important security aspect. Check out our guide for strong password ideas.

After creating a password, a new entry appears automatically in the /etc/passwd file. To see the information, view the file with the cat command and grep for the user:

sudo cat /etc/passwd | grep <username>

The fields are in the following format:

etc passwd user info terminal output
username:password:UID:GID:info:/home/directory:shell/path

The x character represents and hides the user's password for security reasons. The encrypted password is in the /etc/shadow file.

Adding a User in Linux and Creating Home Directory

By default, the useradd command does not create a home directory. The /etc/passwd file shows an absolute link (/home/<username>). If the directory does not exist, the user redirects to home (/) after logging in.

To create a user and the home directory automatically, use the -m option:

sudo useradd -m <username>

Check if the directory exists with the ls command:

ls -lah /home/<username>
sudo useradd -m terminal output

The directory contains initialization files copied from the /etc/skel directory.

Adding a User with a Specific Home Directory

To add a user in Linux with a specific home directory, use the -m option with -d and provide the directory path:

sudo useradd -m -d <path> <username>
sudo useradd -m -d terminal output

The useradd command warns that the directory already exists and doesn't copy files from /etc/skel. Use this option to create a custom or shared home directory.

Adding a User without Home Directory

If the /etc/login.defs configuration CREATE_HOME variable value is yes, the useradd command automatically creates a home directory.

To override the default settings and add a user without a home directory, use the -M option:

sudo useradd -M <username>
sudo useradd no home directory terminal output

The command adds the user without creating a home directory, overriding the default settings.

Adding a User with Specific User ID

To add a user with a specific user ID, use the -u tag and provide the UID:

sudo useradd -u <uid> <username>

If the UID is not unique, the terminal outputs a message and does not add the user. Check the UID with the id command:

id <username>
sudo useradd -u uid terminal output

Use a UID above 1000 to indicate a regular user.

Adding a User with Specific Group ID

To create a user and add them to a specific group, use the -g tag:

sudo useradd -g <group name or GID> <username>

The group name or GID must exist. Otherwise, the command throws an error. Check the user's GID with:

id <username>
sudo useradd -g terminal output

The output prints the user's group ID.

Adding a User to Multiple Groups

Add a user to multiple groups with the -G option and list the group names or GIDs in a comma-separated list, followed by the username. For example:

sudo useradd -G <group1,group2,group3> <username>

Check the user's groups with:

id <username>
sudo useradd -g multiple groups terminal output

The groups must exist, and the list should not contain any spaces. The command doesn't add the user if any groups do not exist.

Note: To add an existing user to a group, check out the following guide: How to Add User to a Group in Linux.

Adding a User with a Specific Login Shell

Each new user gets a default login shell (such as the Bourne shell or Bourne Again Shell). To explicitly define the user's shell, add the -s tag and provide the shell's path:

sudo useradd -s <shell path> <username>

For example, to add a user and set Bash as the default login shell, run:

sudo useradd -s /bin/bash <username>

Check the /etc/passwd file to confirm the shell selection:

cat /etc/passwd | grep <username>
sudo useradd -s shell terminal output

The final field shows the login shell for the new user.

Adding a User with a Specific Comment

To add a user with a specific comment, run:

sudo useradd -c <comment> <username>

To view the comment, check the /etc/passwd file and grep for the user:

sudo cat /etc/passwd | grep <username>
sudo useradd -c comment terminal output

The comment is for descriptive purposes only and has no actual functionality.

Adding a User with Account Expiry Date

Add a user with an account expiry date to automatically delete the account after provided date:

sudo useradd -e <YY-MM-D> <username>

View the account's expiry information with:

sudo chage -l <username>
sudo useradd -e expiry date terminal output

The output prints the account expiry date (Account expires). Use this option for temporary accounts.

Adding a User with a Deactivation Period

If a user has a password expiry set, the useradd command allows stating a period before the account deactivates after expiry. If an account expires, the expiry period will enable users to change their password and reactivate the account.

Use the -f command and add the number of days:

sudo useradd -f <days> <username>

For example, to have an account deactivate three days after the password expires, run:

sudo useradd -f 3 <username>

View the expiry information with:

sudo cat /etc/shadow | grep <username>
sudo useradd -f inactive period terminal output

The /etc/shadow file stores password information, including idle time (third to the last field).

Use this method to deactivate users who don't change their password in the provided timeframe.

The deactivation period is a good security measure, and the recommended duration is 35 days. Business requirements dictate what's the perfect duration before the account expires. If the value is too low, the consequences are costly for an administrator, whereas a high value impacts security.

Adding a System User

Programs and systems create system user accounts, which are different from regular users. Programs such as MySQL or Tomcat require a unique user account to work on the system, and daemons typically create system users during installation.

To create a system user, use the -r option:

sudo useradd -r <username>

Check the user's information with:

sudo cat /etc/passwd | grep <username>
sudo useradd -r system user terminal output

The user has a UID lower than 1000, indicating it's a system user.

The adduser Command

The adduser command is an alternative way to add users to a Linux system and acts as a simple interactive front end for useradd.

To add a user, run:

sudo adduser <username>

The command prints the user and group to the console.

Next, the command asks for the following:

  • Password, which needs to be re-entered to continue.
  • User information. The data acts as a comment (same as useradd -c command and option).

Press Y to complete the process. In case of a mistake, press N and reenter the correct information.

sudo adduser terminal output

Check the parameters from the adduser command with:

sudo cat /etc/passwd | grep <username>
etc passwd user info adduser terminal output

The command adds all the values entered during the command execution and the Bash shell by default.

Add Multiple Users

The useradd and adduser commands do not support adding multiple users at once. To add multiple users, use a Bash for loop in a script or in the terminal directly to loop through a list of usernames.

Note: Learn what are the differences between useradd and adduser commands.

For example, to add ten users, do the following:

1. Create a text file using a text editor:

nano user_list.txt

2. Append usernames to the file, entering each on a new line. For example:

alice
bob
charlie
dave

Save the file and close nano (CTRL+X, Y, then Enter).

3. Use a for loop to list through the names in the file and run useradd on each:

for i in `cat ~/user_list.txt` ; do useradd $i ; done

4. Show the created users with:

for i in `cat ~/user_list.txt` ; do id $i ; done
add multiple users terminal output

To add passwords, exchange the command in the do clause with passwd and enter the password for each user. Alternatively, use the expect command to automate the password creation process, especially if working with a large number of users.

Conclusion

After completing this guide, you know how to add new users to a Linux system with the useradd command.

Next, read about privileged access management and how it helps reduce security attacks and data breaches.

Was this article helpful?
YesNo
Milica Dancuk
Milica Dancuk is a technical writer at phoenixNAP who is passionate about programming. Her background in Electrical Engineering and Computing combined with her teaching experience give her the ability to easily explain complex technical concepts through her content.
Next you should read
How to Use the usermod Command in Linux
March 4, 2021

The usermod command modifies user account details: username, password, home directory location, shell, and more. This tutorial explains and...
Read more
How to Add User to a Group in Linux
July 26, 2022

By following the steps in this tutorial you will learn how to add a user to a group in Linux. Read the easy steps and learn how to expand your team. You will learn how to manage privileges for...
Read more
How To Add User To Sudoers & Add User To Sudo Group on Ubuntu
March 19, 2019

The sudo command is the preferred means to handle elevated permissions. Standard user accounts are restricted from performing...
Read more
How to List Users in Linux, List all Users Command
August 4, 2022

Linux OS is unique because of its multiuser characteristic. It allows multiple users on one system, at the same time. In such circumstances, it...
Read more
  • © 2022 Copyright phoenixNAP | Global IT Services. All Rights Reserved.