Many system administrators find themselves using the useradd command on their systems from time to time. For those unfamiliar with the command, it can seem daunting at first. However, by breaking it down into steps and understanding exactly how it works, useradd can become a powerful tool used by administrators to add and manage user accounts.
The basic syntax of useradd is simple:
useradd <user name>
This creates a user account with the given name and a UID (Unique Identifier) provided by the system. By default, it also creates a home directory (/home/<user name>), a group with the same name as the user, adds the user to this group, and creates a basic set of environment variables.
However, there are a variety of flags and options that can be used when creating an account with useradd. To give an example, here’s how to create an account where the user is forced to change their password on their first login, and the account will be disabled after 30 days of inactivity:
useradd -e <YYYY-MM-DD> -f 30 -D -K PASS_MAX_DAYS=30 <user name>
Let’s break this down:
-e : Sets the date that the account will expire
-f : Forces the user to change their password on their first login
-D : Disables the account after a certain number of days (in this case, 30) of inactivity
-K : Sets any default system environment variables that should be applied to the user
By using these flags and options, administrators can customize the user accounts they create to fit their needs. This allows for more control over user permissions and access rights, as well as helping to secure the system from unauthorized access.
In summary, useradd is a powerful tool for creating user accounts on a system. By understanding the syntax and the various flags and options available, system administrators can create secure accounts with custom permissions that better fit the needs of the environment.