How to add users in Linux

Adding users to a Linux machine is a basic administrative task, and there are several ways to accomplish this. Each method has advantages and disadvantages. We explain three different methods for you.

Computers need users

A personal computer without a user doesn’t really mean anything. Linux supports multiple users. Whether they log in at the same time and share the power of the computer, or log in individually when they have the exclusive right to use the machine, each person needs a unique user account.

A user account encapsulates that user’s work and provides privacy. It also allows you to apply control and management to an account. Different users can have different capabilities according to their needs, their role or function by changing the attributes of their user account, such as which groups they belong to.

Whether you’re sharing your computer with family members or administering a multi-user setup for an organization, creating user accounts is a fundamental administrative skill.

Linux is Linux, you have several methods to choose from. We’ll introduce you to three – two command-line methods and one GUI-based method – so you can choose the one you think works best for you.

useradd command

Command useraddis the lowest level command used to add users. Other commands act as friendlier external interfaces for useraddthe command. It adds some convenience and simplifies the process, but the other commands don’t do anything you can’t achieve useradd , and a little help from passwdthe team.

The command useraddhas many options, the ones you need to add a regular new user are shown below. Needless to say, what you will have to use sudoto add a user.

sudo useradd -s /bin/bash -m -c "Mary Quinn"-Gsambashare maryq

The team consists of:

  • sudo: We need administrator rights so that the new user can access the computer.
  • useradd: useraddcommand.
  • -s /bin/bash: shell option. This sets the default shell for this new user.
  • -m: option to create a home directory. This creates a directory in the “/home/” directory with the same name as the new user account name.
  • -c “Mary Quinn”: The full name of the new user. It’s not obligatory.
  • -Gsambashare: additional group option. It’s not obligatory. The new user is added to the group with the same name as their account name. The option -G (note the capital “G”) adds the user to additional groups. Groups must already exist. We also make the new user a member of the “sambashare” group.
  • maryq: The name of the new user account. It must be unique. It cannot already be used by another user.

This creates a new user account, creates their home directory, and populates it with some default hidden files. We can look into their home directory like this:

sudo ls -ahl /home/maryq

Our new user will not be able to login. We have not created a password for it. It is possible to pass a password useraddto a command using its -poption (password), but this is considered bad practice. Also, you must provide an encrypted password, so it’s not as easy as it sounds.

It’s easier and safer to use passwdthe command to set a password for a new account.

sudo passwd maryq

You will be asked to enter a password and then asked to enter it again to confirm it. This password must be securely communicated to the new user. Preferably, they should be prompted to change their password when they log in. This means that they can choose their own password and no one else will know it.

sudo passwd --expire maryq

We can see our new user account and compare it to the existing one by looking in the “/etc/passwd” file.

grep -E "dave|maryq"/etc/passwd

In order, colon-separated “:” fields:

  • maryq: user account name.
  • x: An “x” in this field means that the user account’s password is encrypted and stored in the “/etc/shadow” file.
  • 1001: user account ID.
  • 1001: The default group ID for this user account.
  • Mary Quinn: This is the GECOS field . It may contain a set of additional information values ​​separated by commas. All we’ve added is the full username.
  • /home/maryq: The path to the home directory for this account.
  • /bin/bash: path to the default shell for this account.

When our new user logs in for the first time, he will use the password you created for him.

Since we have set their password to “expired”, they will be prompted to change it. They must re-enter their existing password.

They will then be prompted to enter a new password.

After they enter their new password and press Enter, they will be prompted to enter the password again to confirm it.

Finally, they logged in. From now on, they must use the new password to log in.

Some cleanup is done and the usual Documents, Downloads, and others directories are created for them in their home directory.

The GECOS field can contain up to five pieces of information separated by commas. They are rarely used. If any of them are filled out at all, it’s usually the first one that contains the real name of that account’s owner.

Fields:

  • The real name of this user.
  • This user’s room number.
  • Their work phone.
  • their home phone.
  • Any other information.

If we wanted to provide all of this when creating an account, we could do it like this:

sudo useradd -s /bin/bash -m -c "Mary Quinn,Operations 1,555-6325,555-5412,Team Leader"-Gsambashare maryq

We can use grepto see that this information has been stored in the “/etc/passwd” file.

grep maryq /etc/passwd

If you don’t have this information when you create your account, you can add or change it later with a chfncommand.

This information is used by commands such fingeras pinky.

finger maryq

adduser command

The command addusercombines creating an account, its home directory, setting a password, and collecting GECOS field information into one interactive session.

This addusercommand was already present on our Ubuntu and Fedora test machines, but needed to be installed on Manjaro. It’s in the Arch user repository, so you’ll need the AUR helper to install it, for example yay.

yay adduser

To start the process, use sudoand provide the name of the user account to be added:

sudo adduser maryq

A default group for the user account is created and the user account is added with this default group. A home directory is created and hidden configuration files are copied into it.

You will be prompted to enter a password.

When you enter your password and press Enter, you will be prompted to enter your password again to confirm it.

You are asked in turn about each piece of information that can be entered in the GECOS field.

Either provide some information and press enter to move on to the next field, or just press enter to skip the field.

Finally, you will be asked if the information you provided is correct. Press the “Y” key and press “Enter” to complete the process.

Don’t forget to set the password for the new account to “Expired” so that the new user will have to change it the first time they log in.

sudo password --expire maryq

GUI method

Open the system menu by clicking on the right edge of the GNOME panel next to the power, volume, and network icons.

Click on the “Settings” menu item.

The Settings app will open. Click the Users entry in the sidebar, then click the Unblock button in the Users panel.

You will need to enter your password.

A green Add User button will appear.

Click this button. The Add User dialog box will appear. It contains a form in which information about the new user is recorded.

Fill out the form with the new user’s details. If you want them to be able to use sudo, click the “Administrator” button.

You can either set their password now or let them choose a password when they first log in. If you set a password, you will need to remember to open a terminal window and use passwd the command to set it to the “expiry” state. This will force them to set their own password the first time they log in.

It’s a bit of a pain to jump to the terminal when you’re trying to use the GUI to create a new user.

If you click the “Allow user to set their own password at next logon” radio button, the user will be prompted to enter a new password when they try to log in. But the downside here is that the first person who tries to use the new account can set a password. This way, anyone who knows that an account has been created and who is ahead of a real new user when trying to log in can get an account.

None of these situations are ideal.

Click the green “Add” button when you’ve completed the form and made your selection.

We selected the option “Allow the user to set their own password the next time they log in”. When a user attempts to log in, they are prompted for a new password. But, unlike the sequence we saw earlier, they are not prompted for their current password – they don’t have one.

As expected, they have to enter it again to confirm it.

Solutions Solutions

The command useraddgives fine-grained control, but a lot can be done directly from the command line.

The command addusermakes life easier, but does not allow you to add a new user to additional groups.

The GUI method has drawbacks depending on which password switcher you choose.

In most informal or home situations adduser, command probably gives you the best balance between features and functionality. If you need to add a new user to an additional group, you can do so after creating it with the usermodcommand.

Leave a Reply

Your email address will not be published.