Adding a user to a Linux computer is a basic administration task, and there are several ways to achieve this. Each method has advantages and disadvantages. We explain three different techniques.
Computers need users
A personal computer without a user is not much. Linux supports multiple users. Whether logging in and sharing computer power at the same time, or logging in individually when they have exclusive machine use, each person needs a unique user account.
The user account covers the work of that user and provides privacy. It also allows the application of control and management to the account. Different users may have different options according to their needs or their role or function by changing the attributes of their account, such as which group they belong to.
Whether you share your computer with family members or administer a multi-user installation for an organization, creating user accounts is a basic administrative skill.
Since Linux is Linux, you can choose from several methods. We’ll walk you through three – two command line methods and one GUI-based method – so you can choose the one you think works best for you.
Command useradd
The useradd
command is the lowest level command used to add users. Other commands act as friendlier front-ends for useradd
team. This adds some convenience and makes the process easier, but other commands don’t do anything you can’t accomplish with useradd
and a little help from passwd
team.
The useradd
the command has many options, the ones you will need to add a typical new user are shown below. Needless to say, you will have to use it sudo
to add a user.
sudo useradd -s /bin/bash -m -c "Mary Quinn" -Gsambashare maryq
The command consists of:
- sudo: We need administrator privileges to allow a new user to access the computer.
- useradd: The
useradd
team. - -s / bin / bash: Shell option. This sets the default shell for this new user.
- -m: Make a home directory option. This creates a directory in the “/ home /” directory with the same name as the new account name.
- -c “Mary Quinn”: Full name of the new user. This is optional.
- -Gsambashare: Additional group option. This is optional. A new user is added to the group with the same name as his account name. The
-G
option (note, capital “G”) adds the user to additional groups. Groups must already exist. We are also making a new user a member of the “sambashare” group. - maryq: Name of the new user account. This must be unique. Cannot be used for another user.
This creates a new user account, creates their home directory and populates it with some default hidden files. We can look at their home directory like this:
sudo ls -ahl /home/maryq
Our new user will not be able to log in. We did not create a password for them. It is possible to transfer the password to useradd
command using your -p
(password), but this is considered bad practice. Moreover, you must enter the password in your encrypted shape, so it’s not as simple as it sounds.
It is easier and safer to use passwd
command to set a password for a new account.
sudo passwd maryq
You are asked for a password, and then you are asked to enter it again to confirm it. This password must be securely passed on to the new user. It is recommended that they be asked to change their password when logging in. This means that I can choose my own password and no one else will know it.
sudo passwd --expire maryq
We can see our new account and compare it with the existing one by looking inside the “/ etc / passwd” file.
grep -E "dave|maryq" /etc/passwd
Separately, the colon “:” separate fields are:
- maryq: The name of the user account.
- x: “X” in this field means that the user password is encrypted and stored in the “/ etc / shadow” file.
- 1001: User account ID.
- 1001: The default group ID for this user account.
- Mary Quinn: This is the GECOS field. May contain a set of values of additional information separated by commas, “. All we’ve added is the full username.
- / home / maryq: The path to the home directory for this account.
- / bin / bash: The path to the default shell for this account.
When our new user first logs in, they will use the password you created for them.
Since we have set their password to “expired”, they will be asked to change it. They have to get back into their own existing password.
They are then asked for a new password.
When they type their new password and press “Enter”, they are asked to re-enter the password to confirm it.
Finally, they are reported. From now on, they must use a new login password.
Certain maintenance is performed and the usual “Documents”, “Downloads” and other directories in their home directory are created for them.
The GECOS field can contain up to five information separated by commas. These are rarely used. If some are filled in at all, it is usually the first, which contains the real name of the owner of this account.
The fields are:
- Real name of this user.
- This user’s room number.
- Their work phone.
- Their home phone.
- Any other information.
If we wanted to provide all this when we created the account, we could have done it like this:
sudo useradd -s /bin/bash -m -c "Mary Quinn,Operations 1,555-6325,555-5412,Team Leader" -Gsambashare maryq
We can use grep
to see that this information is stored in the “/ etc / passwd” file.
grep maryq /etc/passwd
If you do not have this information at hand when creating an account, you can add or change it later using chfn
team.
This information is used by commands such as finger
i pinky
.
finger maryq
Adduser command
The adduser
the command includes creating an account, its home directory, setting a password and capturing GECOS field information in one interactive session.
The adduser
the command was already present on our Ubuntu and Fedora test machines, but had to be installed on Manjaro. It is located in the Arch User Repository, so you will need to use an AUR assistant such as yay
to install it.
yay adduser
Use to start the process sudo
and specify the account name you are adding:
sudo adduser maryq
A default account group has been created, and an account is added with that group as the default. The home directory is created and the hidden configuration files are copied to it.
You are prompted to enter a password.
When you enter the password and press “Enter”, you will be asked to re-enter the password to confirm it.
You are asked for each of the information that can enter the GECOS field.
Either give some information and press “Enter” to move to the next field, or simply press “Enter” to skip the field.
In the end, you wonder if the information you provided is accurate. Press “Y” and press “Enter” to complete the process.
Don’t forget to set the password for the new account as “expired” so that the new user is obliged to change it when they log in for the first time.
sudo password --expire maryq
GUI method
Open the system menu by clicking on the right edge of the GNOME panel, near the power, volume, and network icons.
Click on the “Settings” menu item.
The Settings application opens. Click the “Users” entry in the sidebar, then click the “Unlock” button in the “Users” pane.
You will need to enter your password.
The green “Add user” button will appear.
Click this button. The Add User dialog box appears. Contains a form that records details about the new user.
Fill out the new user information form. If you want you can use them sudo
click the “Administrator” button.
You can set their password now or let them choose a password when they first log in. If you set a password, you will need to remember to open the terminal window and use passwd
command to set it to the “expired” state. This will make them set their own password when they first log in.
It’s a little difficult to go to the terminal when trying to use the GUI to create a new user.
If you click the “Allow user to set their own password the next time they log in” radio button, the user will be prompted to enter a new password when they try to log in. But the downside is that the first person to try to use a new account can set a password. So, anyone who knows that the account has been created and who wins the right new user to try to log in, can download the account.
None of these situations are ideal.
Click the green “Add” button when you fill out the form and make your selections.
We have selected the “Allow user to set their own password the next time they log in” option. When a user tries to log in, they are asked for a new password. But, unlike the sequence we saw earlier, they are not asked for the current password – they do not have it.
As you would expect, they have to enter it once more to confirm it.
Decisions Decisions
The useradd
command gives detailed control, but there is much that can be achieved on the command line.
The adduser
the command makes life easier, but does not allow you to add a new user to additional groups.
The GUI method has the disadvantages of whichever radio button you choose.
In most informal or home situations, adduser
the command probably gives you the best balance between features and functionality. If you need to add a new user to an additional group, you can do so after they have been created, using usermod
team.
RELATED: Add a user to a group (or other group) on Linux