The useradd command in Linux: creating new users step by step

Posted on by BlockmyIP | Category: Linux terminal commands

Introduction

In any Linux system, user management is a fundamental task to maintain security and order. The useradd command allows creating user accounts quickly and flexibly from the command line. In this article we will see its syntax, the most useful options, and practical examples so you can manage users like a professional.

Basic syntax of useradd

The simplest way to use useradd is:

sudo useradd nombre_de_usuario

This command creates a user with default values defined in /etc/default/useradd and /etc/login.defs. However, we rarely settle for the default values; therefore it is important to know the options that allow us to customize.

Most common options

  • -c “comment”: Adds a description or full name of the user (GECOS field).
  • -d home_directory: Specifies the user’s home directory (default /home/username).
  • -s shell: Defines the login shell (e.g. /bin/bash).
  • -G group1,group2: Adds the user to supplementary groups separated by commas.
  • -u UID: Assigns a specific user ID (useful to avoid collisions).
  • -m: Creates the home directory if it does not exist (by default omitted in some distributions).
  • -r: Creates a system user (low UID, no home directory by default).
  • -e YYYY-MM-DD: Sets the account expiration date.
  • -f days: Number of days after password expiration before the account is disabled.

Practical examples

1. Create a standard user with bash and home directory

sudo useradd -m -s /bin/bash juanp

This command creates the user juanp, assigns /bin/bash as shell, and creates his home directory in /home/juanp.

2. User with full name and group membership

sudo useradd -c "María López" -m -s /bin/bash -G sudo,dev marial

Here we create marial with the comment “María López”, granting access to sudo and the dev group for specific permissions.

3. System user for a service

sudo useradd -r -s /usr/sbin/nologin servicio_web

The user servicio_web is created as a system account (low UID), without a login shell (/sbin/nologin) and without a home directory, ideal for running daemons.

4. Set expiration date

sudo useradd -e 2025-12-31 temporal

The temporal account will be automatically disabled after December 31, 2025.

Best practices when using useradd

  • Always precede the command with sudo if you are not root.
  • Verify that the UID and GID do not conflict with existing users by checking /etc/passwd and /etc/group.
  • After creating the user, set a password with passwd username or force a change at first login using chage -d 0 username.
  • Document the purpose of each account in a wiki or inventory file to facilitate audits.
  • Use specific groups to assign permissions (e.g. devops, dba) instead of indiscriminately granting sudo privileges.

Conclusion

The useradd command is an essential tool for any Linux system administrator. Mastering its options allows you to create user accounts tailored

This post is also available in ESPAÑOL.

Leave a Reply

Your email address will not be published. Required fields are marked *

Esta obra está bajo una Licencia Creative Commons Atribución 4.0 Internacional para Francesc Roig francesc@vivaldi.net .