Linux User Management Explained with Examples

This tutorial explains how to create users in Linux at command prompt step by step. Learn how to create various types of user account with the useradd command such as user without password, user with or without home directory, user with custom shell, user with custom groups, etc.

A system administrator spends its most of time in user management. Learning user management commands and tools explained in this tutorial not only save your precious time but also boost your confidence in RedHat exam as well as in real life system administrator job.

User management in Linux mainly involves three administrative tasks adding, modifying and removing user accounts. In this tutorial, we will discuss and understand only first task. We will learn second and third tasks in next parts of this tutorial separately.

Adding or Creating user accounts

To add or create a new user account, the useradd command is used. This command adds entries in user management files (passwd, group, shadow and gshadow) and creates a home directory for user and copies initial configuration files from default skeleton directory /etc/skel into the user’s home directory.

By default the useradd command creates user account with blank password. A user account with blank password is considered as locked account. A locked account can’t be used for login. In order to unlock the user account, we must have to set a password from the passwd command separately.

Basically, adding a new user involves two steps: -

  • Create user account with useradd command
  • Set password for user account with passwd command
Creating user account

To add a new user account with default options, the useradd command requires only the username. For example, following command creates a new user rhcetestuser1

#useradd rhcetestuser1

Technically, as long as we do not set a password for this user account, it will remain locked.

Unlocking or enabling user account

In order to unlock this account, we must have to set a password. To set a new password or update an existing password, the passwd command is used. Let’s assign a password to this account.

#passwd rhcetestuser1

Once password is set, account is ready to use.

Following figure explains the process of adding a new user account with default options step by step.

useradd command ad user with default options

Creating user with custom home directory

By default the useradd command creates user’s home directory in the /home directory. If we want to use other location, we have to specify that. To specify other location for user’s home directory, we have two options; -b and –d. The differences between both options are following.

The –b option represents the location of base directory. The base directory is the directory where all users’ home directories are stored. The default base directory is the /home directory. If this option is used, supplied location will be used to create the user’s home directory. The name of user’s home directory will be same as username.

The –d option represents the location of user’s home directory. User’s home directory is the directory where user stores his private files. The default name of user’s home directory is same as username. If this option is used, supplied name and location will be used to create user’s home directory.

In short, in the -b option, we only specify the path of base directory. While in the –d option, we specify both; the path of base directory and the name of the user’s home directory.

Let’s take an example.

Create a directory named rhcetestdata in / directory. Add a new user named rhcetestuser2. Force the useradd command to use the directory /rhcetestdata as base directory instead of default base directory /home. Verify that user’s home directory is created at new location.

#mkdir /rhcetestdata
#useradd –b /rhcetestdata rhcetestuser2
#grep rhcetestuser2 /etc/passwd
#ls –l /rhcetestdata

Following figure shows above exercise with output.

useradd command add user with base directory option

Let’s create one more user named rhcetestuser3. Use –d option to specify the location of base directory and name of home directory.

#useradd –b /rhcetestdata rhcetestuser3
#grep rhcetestuser3 /etc/passwd
#ls –l /rhcetestdata

Following figure shows above exercise with output.

useradd command add user with custom directory

Creating user without home directory

Due to any reason, if you don’t want to create home directory for user, use –M option. The –M option forces useradd command to skip the home directory while adding user.

Regardless home directory is created or not, its entry will be placed in /etc/passwd. This default behavior allows administrators to, if require, create a home directory for user in future.

Let’s create a new user named rhcetestuser4 without home directory.

#useradd –M rhcetestuser4
#grep rhcetestuser4 /etc/passwd
#ls  /home

useradd command with -m option

In above exercise, the grep and ls commands have been used to verify that user is created without home directory. To learn how to use grep command you can check this tutorial.
Grep Command in Linux Explained with Practical Examples

Creating user with description

In company environment, it's common practice to use the designation name as username. In such a situation, where identifying full name from username is not possible, its good idea to store user’s full name along with username.

To store user’s full name or other related information, use –c option. If full name contain whitespace, use quotes. For example, to create a user which full name and login are Abdul Rehman Fakari and rhcetestuser5 respectively, use following command.

#useradd –c "Abdul Rehman Fakari" rhcetestuser5

add user with description

Create user with custom group

There are two types of group; primary and secondary. While creating user, the useradd command automatically creates primary group for user and adds user in it.

The useradd command only creates primary group for user. It doesn’t create secondary group. But if secondary group or groups exist, it can add the user in them. For primary group name, the useradd command uses the login name. It keeps primary group name same as login name.

Let’s add one more user and check its primary group.

#useradd rhcetestuser6
$grep rhcetestuser6 /etc/passwd
$grep rhcetestuser6 /etc/group

Fourth field of user entry, stores GID of the user’s primary group. Group name and its members information is stored /etc/group file.

Following figure shows user creation and verification process in detail.

useradd command add user with default group

If required, instead of creating new one, the useradd command can be forced to use custom primary group. For this, the -g option is used. This option needs new primary group name as argument. Let’s take an example.

Create a group named rhcetestprimary. Add a new user named rhcetestuser7. Use newly created group rhcetestprimary as the primary group of user. Verify that the group rhcetestprimary is configured as the primary group for the user rhcetestuser7.

#groupadd rhcetestprimary
#useradd –g rhcetestprimary rhcetestuser7
#grep rhcetestuser7 /etc/passwd
#grep rhcetestprimary /etc/group

Following figure shows above practice step by step.

useradd command change primary group

Just like primary group, we can also set secondary groups for user. To configure secondary group, –G option is used. Use comma to specify multiple group names.

Let’s take another example. Create two groups; rhcetestsecondary1 and rhcetestsecondary2. Create a new user rhcetestuser8. Use –G option to add user in both group.

Following figure shows this exercise.

useradd command add user in secondary group

Creating user with custom shell

The useradd command sets the /bin/bash shell as the default shell for user. If we want to configure different shell for user, we can do that with –s option. This option needs absolute path of new shell. Let’s take an example.

Add two users; rhcetestuser9 and rhcetest10. For first user, use default shell. For second user, use /bin/tcsh shell. Compare both users’ entries in /etc/passwd file.

Following figure shows this exercise.

useradd create advance user

Creating advanced user

If required, the useradd command allows us to use multiple options. To use more than one option, space is used as separator. For example following command creates a user whose: -

  • Full name is Sara Cornor
  • Login or username is rhcetestuser11
  • Primary group is rhcetestprimary
  • Secondary groups are rhcetestsecondary1 and rhcetestsecondary2
  • Default shell is /bin/tcsh
#useradd –c “Sara Cornor” –g rhcetestprimary –G rhcetestsecondary1,rhcetestsecondary2 –s /bin/tcsh rchcetestuser11

The useradd command options cheat sheet

The useradd command supports several options and arguments. From them, important options with default arguments are explained in following table.

Short option Full option Description Default
-b --base-dir Defines the absolute path of the base directory to place users’ home directories. Default is /home directory.
-c --comment Sets a description for user account. Usually it is used to store user’s full name. Use quotes, If description contains white spaces or multiple words for example “Sanjay Kumar Goswami”. Default is blank. If we don’t use this option, description will set to blank.
-d --home-dir Sets the name of user’s home directory. Default is login name. If this option is not used, user’s home directory name will be same as his username.
-D --default Instead of creating new user, this option force command to use supplied information as the default setting for any new accounts that will be created. Default value of each option is explained individually along with their respective options in this row.
-e --expiredate Specifies a date in YYYY-MM-DD format after that account will be disabled automatically. Default is blank. If no expiry date is specified through this option, account will never disable.
-f --inactive Sets number of days after a password expires before disabling account permanently. Default is blank. If this option is not used, account will not be disabled, even password is expired.
-g --gid Sets primary group for user. In order to use this option, group must already exist in the /etc/group file. By default, a new group named same as username is created and user is added in this group.
-G --groups Set secondary groups for user. In order to specify multiple groups’ names, use comma (for example, -G wheel,developer,programmer). By default, user is not added in any secondary group.
-k --skel Set the location of skeleton directory. The skeleton directory contains initial configuration files and login scripts. These files are copied to user’s home directory at the time of account creation. Default is /etc/skel directory. By default this directory contains three bash shell files; .bash_profile, .bashrc and .bash_logout.
-m --create-home Creates user’s home directory and copy initial configuration files and scripts from skeleton directory. Check user’s home directory in the base directory. Base directory is the directory which we set with –b option. If it doesn't exist, create a new directory there and copy initial configuration files from skeleton directory.
-M --no-create-home Don’t create home directory for user. Prevents command from creating user’s home directory
-n --no-user-group Don’t create primary group for user. Stop command from creating primary group for user.
-o --non-unique Creates a user account which uses the UID of an existing user. When two users share a common UID, both get identical rights. Force command to create a duplicate user account.
-r --system Creates a system or service account Force command to create an account which has UID below 1000
-s --shell Defines the absolute path of command shell for this account. Default is /bin/bash.
-u --user-group Specify the UID of user account. Default is the next available UID from /etc/passwd file. For example last used UID in /etc/passwd file is 1050, then UID 1051 will be used for this account.

That’s all for this part. In next we will understand how to manage groups in detail with examples. If you like this tutorial, please share it with friends through your favorite social channel.

ComputerNetworkingNotes Linux Tutorials Linux User Management Explained with Examples