Adding users on Linux



fatmawati achmad zaenuri/Shutterstock.com

Adding users to a Linux computer is a basic administrative task and there are several ways to accomplish this. Each method has advantages and disadvantages. We explain three different techniques to you.

Computers need users

A personal computer without a user is not much. Linux supports multiple users. Whether they log in simultaneously and share the power of the computer, or log in separately when using the machine exclusively, each person needs a unique user account.

A user account includes that user’s work and provides privacy. It also allows to apply control and governance to the account. Different users can have different capabilities based on their needs or their role or function by changing the attributes of their user account, such as which groups they belong to.

Whether you share your computer with family members or manage a multi-user installation for an organization, creating user accounts is a fundamental administrative skill.

Since Linux is Linux, you have several methods to choose from. We’re going to walk you through three methods — two command-line methods and one GUI-based method — so you can select the one you think works best for you.

The useradd command

The useradd command is the lowest-level command used to add users. Other commands act as friendlier front-ends to the useradd command. This adds some convenience and makes the process easier, but the other commands don’t do anything that you can’t achieve with useradd and a little help from the passwd command.

The useradd command has many options, the options you need to add a typical new user are listed below. Needless to say, you have to use sudo to add a user.

sudo useradd -s /bin/bash -m -c “Mary Quinn” -Gsambashare maryq

The assignment is composed of:

sudo: we need administrator rights to allow a new user to access the computer. useradd: The useradd command. -s /bin/bash: The shell option. This sets the default shell for this new user. -m: The brand at home directory option. This creates a folder in the “/home/” folder, with the same name as the name of the new user account. -c “Mary Quinn”: The full name of the new user. This is optional. -Gsambashare: The additional group option. This is optional. The new user is added to a group with the same name as the account name. The -G option (note, capital “G”) adds the user to additional groups. The groups must already exist. We also make the new user a member of the “sambashare” group. maryq: The name of the new user account. This must be unique. It may not already be in use for another user.

This will create the new user account, create their home folder and populate it with some hidden files by default. We can look in their home directory like this:

sudo ls -ahl /home/maryq

Our new user cannot log in. We have not created a password for him. It is possible to pass the password to the useradd command with the -p (password) option, but this is considered bad practice. In addition, you have to provide the password in encrypted form, so it’s not as easy as it sounds.

It is easier and safer to use the passwd command to set the password for the new account.

sudo passwd maryq

You will be prompted for the password and then asked to enter it again to verify it. This password must be passed on securely to the new user. We recommend that they be prompted to change their password when they log in. This means they can choose their own password, and no one else will know.

sudo passwd –expire maryq

We can see our new user account and compare it to an existing account by looking in the “/etc/passwd” file.

grep -E “dave|maryq” /etc/passwd

In order, the colon “:” separated fields are:

maryq: The name of the user account. x: An “x” in this field means that the user account password is encrypted and stored in the “/etc/shadow” file. 1001: The user account ID. 1001: The ID of the default group for this user account. Mary Quinn: This is the GECOS field† It can contain a series of commas “,” separated values ​​of additional information. We only added the user’s full name. /home/maryq: The path to the home directory for this account. /bin/bash: The path to the default shell for this account.

When our new user logs in for the first time, they will use the password you created for them.

Since we’ve set their password to “expired,” they’ll be prompted to change it. They must re-enter their existing password.

They will then be asked for their new password.

After typing their new password and pressing “Enter”, they will be asked to re-enter the password to verify it.

Finally, they are logged in. They must now use the new password to log in.

Some housework is done and the usual “Documents”, “Downloads” and other folders are created for them in their home folder.

The GECOS field can contain up to five comma-separated pieces of information. These are rarely used. If already filled in, this is usually the first with the real name of the owner of this account.

The fields are:

The real name of this user. The room number of this user. Their work phone. Their home phone. Any other information.

If we had wanted to provide all this when we created the account, we could have done it like this:

sudo useradd -s /bin/bash -m -c “Mary Quinn, Operations 1.555-6325.555-5412, Team Leader” -Gsambashare maryq

We can use grep to see if this information is stored in the “/etc/passwd” file.

grep maryq /etc/passwd

If you don’t have this information to hand when you create the account, it can be added or changed later with the chfn command.

This information is used by commands such as finger and little finger.

finger maryq

The adduser command

The adduser command wraps the account creation, home directory, password setting, and GECOS field information capture into one interactive session.

The adduser command was already present on our Ubuntu and Fedora test machines, but had to be installed on Manjaro. It’s in the Arch User Repository, so you’ll need to use an AUR helper like yay to install it.

yay adduser

Use sudo to start the process and specify the name of the user account you are adding:

sudo adduser maryq

The default group for the user account is created and the user account is added with that group as the default. The home directory is created and the hidden configuration files are copied into it.

You will be prompted to enter a password.

When you enter a password and press “Enter”, you will be prompted to re-enter the password to verify it.

You will be asked in turn about each of the pieces of information that can be placed in the GECOS field.

Provide some information and press “Enter” to go to the next field, or just press “Enter” to skip a field.

Finally, you will be asked if the information you have provided is correct. Press the “Y” key and press “Enter” to complete the process.

Don’t forget to set the password for the new account as “expired” so that the new user has to change it when they first log in.

sudo-password –expire maryq

The GUI method

Open the system menu by clicking the right edge of the GNOME panel, near the power, volume, and network icons.

Click on the menu item “Settings”.

The Settings application opens. Click the “Users” item in the sidebar and then click the “Unlock” button in the “Users” pane.

You must enter your password.

A green “Add user” button will appear.

Click this button. The “Add User” dialog box appears. It contains a form that records the details of the new user.

Fill in the form with the new user’s details. If you want them to be able to use sudo, click the “Administrator” button.

You can set their password now or leave it to them to choose a password when they first log in. When setting a password, remember to open a terminal window and use the passwd command to set it to the “expired” state. That will force them to set their own password the first time they log in.

That’s a bit tedious to have to go to the terminal when trying to use the GUI to complete the creation of the new user.

Clicking the radio button “Allow user to set their own password the next time they log in” will prompt the user for a new password when they try to log in. But the downside here is that the first person to try to use the new account can set the password. So anyone who knows the account has been created and beats the real new user to try to login can take over the account.

Neither situation is ideal.

Click the green “Add” button when you have completed the form and made your selections.

We selected the option “Allow users to set their own password the next time they log in”. When the user tries to log in, they will be prompted for a new password. But, unlike the string we saw before, they don’t ask for their current password – they don’t have one.

As you would expect, they have to enter it one more time to verify it.

Decisions decisions

The useradd command gives granular control, but there’s a lot to get right at the command line.

The adduser command makes life easier, but you cannot enter the new user into additional groups.

The GUI method has drawbacks, whichever radio button you choose.

In most casual or domestic situations, the adduser command probably gives you the best balance of features and functionality. If you need to add the new user to an additional group, you can do so once it is created, using the usermod command.

RELATED: How to Add a User to a Group (or Second Group) on Linux

Leave a Reply

Your email address will not be published.