• Modern UX

    Edit and navigate faster in the terminal with Warp's IDE-like input editor.

  • Warp AI

    AI suggests what commands to run and learns from your documentation.

  • Agent Mode

    Delegate tasks to AI and use natural language on the command line.

  • Warp Drive

    Save and share interactive notebooks, workflows, and environment variables.

  • All Features

Create User In Linux

Oscar Mauricio Forero Carrillo

Published: 3/5/2024

About Terminus

Creating new user accounts on Linux is a fundamental skill for developers and system administrators; even if developers have no infrastructure responsibilities, adding new users is necessary when setting up a new development or testing environment mirroring production.

The short answer

To create a new user on Linux in interactive mode, you can use the adduser  command as follows:

 $ sudo adduser <username>

Run in Warp

This command will create a new user and group with the same name, set that group as the user’s primary group, and create a home directory for that user located at /home/<username> .

Note that the username length is limited to 32 characters.

Also note that this command requires superuser privileges to run. You can learn more about the sudo  command by reading our other articles on how to add a user to sudoers and how to spawn a root shell.

For example, the following command will create a new user and group named maverick , and a home directory for this user located at /home/maverick :

 $ sudo adduser maverick

Run in Warp
Thumbnail for

Creating a user in non-interactive mode

To create a new user in non-interactive mode, which is usually more suitable for scripting purposes, you can use the useradd  command as follows:

 $ sudo useradd <username>

Run in Warp

Just like the adduser  command, this command will create a new user and a new group with the same name, and set that group as the user’s primary group.

However, unlike the adduser  command, it won’t automatically create a home directory nor set a password for the specified user.

Easily retrieve these commands using Warp’s AI Command Search

If you’re using Warp as your terminal, you can easily retrieve this command using the Warp AI Command Search feature:

Thumbnail for

Entering create user linux  in the AI command search will prompt a list of commands that can then be quickly inserted into your shell by doing CMD+ENTER .

Setting up the password of a newly created user

To set the password of a new user created with the useradd  command, you can use the passwd  command as follows:

$ sudo passwd <username>

Run in Warp

Which will prompt you to manually enter the password for this user.

Note that while the useradd  command allows you to create a new user with a password using the -p  flag (short for --password ), it is strongly recommended to avoid using this flag as the password will be visible to anyone who can list processes in the system.

Creating a user with a home directory

By default, the useradd  command doesn’t create a home directory for the specified user.

To create a new user with a home directory located at /home/<username> , you can use the -m  flag (short for --create-home ) as follows:

$ sudo useradd -m <username>

Run in Warp

Note that the home directory will only be created if the CREATE_HOME  variable in the /etc/login.defs  file is set to true .

Specifying a custom location for the home directory

To create a new user with a home directory at a custom location instead of the default /home/<username> , you can use the -d  flag (short for --home ) as follows:

 $ sudo useradd -m <username> -d <path>

Run in Warp

Setting up a home directory based on a skeleton

When creating a new user, you can specify a skeleton directory whose files will be automatically copied into the user’s home directory using the -k  flag (short for --skel ) as follows:

 $ sudo useradd -m <username> -k <path>

Run in Warp

Note that if this option is not set, the useradd  command will use the skeleton directory defined in the SKEL  variable in the /etc/default/useradd  or /etc/skel  file.

Creating a new user with an explicit UID and GID

In Unix-like operating systems, users and groups are identified by numeric values respectively known as UID and GID. By default, the users created using the useradd  command are automatically assigned an unused UID and GID by the system.

Creating a new user with an arbitrary UID

To create a new user with an arbitrary UID, you can use the -u  flag (short for --uid ) as follows:

 $ sudo useradd <username> -u <uid>

Run in Warp

Note that if the USERGROUPS_ENAB  variable in the login.defs  file is set to true , it will also create a group with the same name and GID.

For example, this command will create a new user named iceman  with a UID of 1985 :

 $ sudo useradd iceman -u 1985

Run in Warp

Creating a new user with an existing group name or GID

To create a new user and assign it to an existing group name or GID, you can use the -g  flag (short for --gid ) as follows:

 $ sudo useradd <username> -g <gid>

Run in Warp

Note that the specified gid  must belong to an existing group, as otherwise, the useradd  command will fail.

For example, this command will create a new user named iceman  with a UID of 1985  and a GID of 1969 :

 $ sudo useradd iceman -u 1985 -g 1969

Run in Warp

Creating users with multiple group memberships

The primary group is the default group that files and directories created by the user will belong to. On the other hand, secondary groups provide additional permissions and access rights to files beyond those granted by the primary group.

To assign one or more secondary groups to a user, you can use the useradd  command with the -G  flag (short for --groups ) as follows:

 $ sudo useradd <username> -G <secondary_group,...>

Run in Warp

Where secondary_group,...  is a list of comma separated secondary group names or GIDs.

For example, this command will create a new user named maverick  whose default primary group is maverick  and secondary groups are topgun  and 1970 :

 $ sudo useradd maverick -G topgun,1970

Run in Warp

Creating users with minimal privileges

Giving users only what is needed to perform their tasks is essential to keep systems secure. However, every system administrator needs to define the concept of minimal privileges.

Two common restrictions are assigning users a limited shell or a non-interactive one, preventing users from logging in.

Creating users with limited shell features

The restricted Bash shell, or rbash , is a shell designed to restrict users to a subset of functionality, preventing them from executing certain commands, accessing specific directories, or modifying environment variables.

It is particularly useful in scenarios where users require limited capabilities, such as in shared computing environments, reducing the risk of unauthorized system access or unintended modifications.

To create a new user account with a restricted shell, you can set the user's default shell to /bin/rbash  using the -s  flag (short for --shell ) as follows:

 $ sudo useradd <username> -s /bin/rbash

Run in Warp

You can learn more about the restricted Bash shell by reading the official documentation page.

Creating users with non-interactive shell

On Unix-like operating systems, administrators often create user accounts with no shell access whose sole purposes are to run predefined tasks or services like backups or servers. This helps mitigate the risk of unauthorized command-line access and reduce the attack surface on the machine.

To create a new user account without shell access, you can set the user's default shell to /sbin/nologin , which will cause the system to output an error message when a user tries to log in to that account:

$ useradd <username> -s /sbin/nologin

Run in Warp

Alternatively, you can set the user's default shell to /bin/false , which, unlike the /sbin/nologin  binary, will prevent the user from logging in to the specified account without outputting an error message:

$ useradd <username> -s /bin/false

Run in Warp

Creating temporary users with expiration dates

Another method for mitigating security risks on a system is to create temporary user accounts with a predefined access duration, which is particularly useful when bringing temporary collaborators onboard a project. This helps avoid the existence of dormant accounts that could potentially be exploited to gain unauthorized system access.

To create a user with an expiration date, you can use the useradd  command with the -e  flag (short for --expiredate ) as follows:

 $ sudo useradd <username> -e <date>

Run in Warp

Where date  has the YYYY-MM-DD  format.

Written by

Oscar Mauricio Forero Carrillo

Filed Under

Related Articles

List Open Ports in Linux

Learn how to output the list of open TCP and UDP ports in Linux, as well as their IP addresses and ports using the netstat command.

UnixLinux
Thumbnail for Razvan LudosanuRazvan Ludosanu

Count Files in Linux

Learn how to count files and folders contained in directories and subdirectories in Linux using the ls, find, and wc commands.

LinuxUnix
Thumbnail for Razvan LudosanuRazvan Ludosanu

How to Check the Size of Folders in Linux

Learn how to output the size of directories and subdirectories in a human-readable format in Linux and macOS using the du command.

LinuxUnix
Thumbnail for Razvan LudosanuRazvan Ludosanu

Linux Chmod Command

Understand how to use chmod to change the permissions of files and directories. See examples with various chmod options.

Linux
Thumbnail for Razvan LudosanuRazvan Ludosanu

POST JSON Data With Curl

How to send valid HTTP POST requests with JSON data payloads using the curl command and how to avoid common syntax pitfalls. Also, how to solve the HTTP 405 error code.

BashUnixLinux
Thumbnail for Neeran GulNeeran Gul

Format Command Output In Linux

Learn how to filter and format the content of files and the output of commands in Linux using the awk command.

Linux

Create Groups In Linux

Learn how to manually and automatically create and list groups in Linux.

Linux

Switch Users In Linux

Learn how to switch between users, log in as another user, and execute commands as another user in Linux.

Linux

Remover Users in Linux

Learn how to remove local and remote user accounts and associated groups and files in Linux using the userdel and deluser commands.

Linux

Delete Files In Linux

Learn how to selectively delete files in Linux based on patterns and properties using the rm command.

Linux

Find Files In Linux

Learn how to find and filter files in Linux by owner, size, date, type and content using the find command.

Linux

Copy Files In Linux

Learn how to safely and recursively copy one or more files locally and remotely in Linux using the cp and scp command.

Linux

Trusted by hundreds of thousands of professional developers

Download Warp to get started

Download for Mac
Thumbnail for null