How to create user accounts in Linux
After a PONGAL holidays, i’m going to write a new article. It’s very small article but this is the routine work for every server administrator because new employee will be join your concern frequently and we want to create the user account of the new employee.
The common syntax for creating/adding new user account in Linux
Syntax :# useradd [Option] [User Name]
1) How to create/add new user account in Linux ?
Use the below command to create the new user account in linux. I’m going to create the new user account called “2gadmin”. See the details.
[email protected] [~]# useradd 2gadmin
When every if you created the new account, You should set the password to that account. Use the “passwd” command to set password. See the details.
[email protected] [~]# passwd 2gadmin Changing password for user 2gadmin. New password: Retype new password: passwd: all authentication tokens updated successfully.
When a new user is added to system the below list of files has been updated.
The major common options for useradd command.
[c] Comment: Add a comment to user
[d] Home-Directory: Create a new home-directory of the user
[e] Expire-Date: The date on which the user account will be disabled. The date is specified in the format YYYY-MM-DD.
[f] inactive: The number of days after a password expires until the account is permanently disabled. A value of 0 disables the account as soon as the password has expired, and a value of -1 disables the feature. The default value is -1.
[g] gid: The group name or number of the user’s initial login group. The group name must exist. A group number must refer to an already existing group. /etc/default/useradd.
[G] groups: List of secondary group names or group numbers, Each group is separated by commas, group name must exist.
[l]: Do not add the user to the last login log file. This is an option added by Red Hat
[n]: Creating an user with all the default options with the default group.
[m]: Create the home directory, if it does not exist.
[M]: Do not create the home directory.
[s]: User’s login shell (default /bin/bash)
2) How to check created user account ?
Use the grep command to check corresponding user account got created or not. See the output.
[email protected] [~]# grep 2gadmin /etc/passwd 2gadmin:x:32017:32020::/home/2gadmin:/bin/bash
3) How to check default options of new users ?
If we use the above useradd command to create new users, all the default options will be taken except group ID. See below default user creation option using (-D) option.
[email protected] [~]# useradd -D GROUP=100 HOME=/home INACTIVE=-1 EXPIRE= SHELL=/bin/bash SKEL=/etc/skel CREATE_MAIL_SPOOL=yes
Details of above output.
GROUP : This is the only option which will not be taken as default. This will shows default group ID.
HOME : This is indicate the default home director path. When we create new user the home directory should be /home/user name
INACTIVE : To disable account after “N” days. For example, if you set 15 the user account will be active only 15 days after that it will be locked. By default it will set (-1) its mean the user account never disabled.
EXPIRE : You can set the account expiry date
SHELL : Users login shell.
SKEL : Contents of the skel directory will be copied to the users home directory.
CREATE_MAIL_SPOOL : By default mail spool created to all the users.
4) How to set expire date of the user ?
Use the below command to set expiry date of user while creating the account, i’m creating new user to check this. Here i’m going to create the new user called “testuser”. See the output.
[email protected] [~]# useradd -e 2014-01-25 testuser [email protected] [~]# passwd testuser Changing password for user testuser. New password: Retype new password: passwd: all authentication tokens updated successfully.
The above account valid until 25-Jan-2014, after that you haven’t logged in server.
5) How to set default password Expiry ?
Use the below command to set expiry date of user password, i’m creating new user again to check this. Here i’m going to create the new user called “demouser”. See the output.
[email protected] [~]# useradd -f 30 demouser [email protected] [~]# passwd demouser Changing password for user demouser. New password: Retype new password: passwd: all authentication tokens updated successfully.
The above account password work from today (17-Jan-2014) to (16-Jan-2014) after that it will be expires until the account is disabled. The major two option is there, If 0 is specified, the account is disabled immediately after the password expires. If -1 is specified, the account is not be disabled after the password expires.
For more option to protect user account