Users in Linux
In Linux, user can refer to either a local user that a real person uses interactively or a system user that is used to identify system processes.
Contents
Creating Users
The low-level useradd(8) command should be avoided.
Use the adduser(8) utility to create a user. Most systems default to creating a home directory simultaneously, but it can be forced by including the --create-home option.
adduser --create-home USERNAME
To add a new user with a custom home directory, try:
adduser --create-home --home /var/USERNAME USERNAME
This can be useful for creating special logins for services, such as git.
Privileged Users
Standard practice is to use the wheel group to manage users with superuser privileges. This is managed by the sudoers file.
## Uncomment to allow members of group wheel to execute any command %wheel ALL=(ALL) ALL
Either use visudo or edit /etc/sudoers directly to ensure that this line is uncommented.
Therefore, to add a privileged user, try:
adduser --create-home --groups wheel USERNAME
Adding Users to Groups
The low-level groupadd(8) command should be avoided.
As well, the low-level usermod(8) command should be avoided. But for reference, the command would be usermod --append --groups GROUPNAME USERNAME.
Use the adduser(8) utility to add a user to a group. For example...
adduser USERNAME wheel
Creating System Users
There are a few considerations for creating a system user:
To have a system user and group ID assigned, use the --system option.
Generally a home directory isn't desirable, so suppress the creation of one using the -M option.
To prevent interactive logins, set the login shell to /sbin/nologin (or something similar) using the --shell option.
adduser --system -M --shell /sbin/nologin USERNAME
To secure an existing user against login, either use chsh(1) or edit /etc/passwd directly.
BusyBox
Note that the BusyBox(1) implementation of adduser(8) does not support the normal flags and options.
!BusyBox Option |
'Normal' Option |
-h DIR |
Create home directory at DIR |
-G GROUP |
Add to existing group |
-S |
Set as system user |
-H |
Do not create a home directory |
Configuration
adduser(8) and useradd(8) both look at /etc/default/useradd for a number of variables. The default login shell (SHELL), the base directory for home directory creation (HOME), and so on.
adduser(8) additionally looks to /etc/logins.def. Much of this file relates to interactive login configuration, but a short list of variables are used in user creation. UID_MIN and UID_MAX define the range for local user IDs, while SYS_UID_MIN and SYS_UID_MAX define the range for system user IDs. (The parallel GID_MIN, GID_MAX, SYS_GID_MIN, and SYS_GID_MAX variables do the same for group IDs.)