add user

# Debian8 / RedHat(CentOS)
adduser username; #create new user with home directory (interactive mode)

# Suse12
useradd -m -c "Maria Meier" maria
# non-interactively add user maria with full name and home-directory - but without password :-D

# you will have to run to specify a password - otherwise maria won't be able to login
passwd maria

# what is interesting and SUSE only - that the users's home is owned by a group called "users" that per default ALL users belong to (!!! i don't think this is cool - imho it is probably a security problem)
# no per-user group is created as with Debian and RedHat/CentOS (where for every user with username test a new group is created with the same name)
# and the home directory is set to test:test, while in SUSE it is test:users)

suse:/home # ll
insgesamt 4
drwxr-xr-x  7 maria users  253 11. Mai 10:18 maria
drwxr-xr-x 22 user  users 4096 11. Mai 10:16 user

suse:/home # su - maria
maria@suse:~> groups
users

delete user

# Suse12 / RedHat(CentOS)
userdel -r username; # remove user including home directory

# Debian8
deluser username; # just the user, not the files (/home/username still exists

deluser --remove-home username; # delete user and /home/username
       By  default,  deluser will remove the user without removing the home directory, the mail spool  or any other files on the system owned by the user. Removing the home
       directory and mail spool can be achieved using the --remove-home option.

       The --remove-all-files option removes all files on the system owned by the user. Note that if you activate both options --remove-home will have no effect because all
       files including the home directory and mail spool are already covered by the --remove-all-files option.

       If  you want to backup all files before deleting them you can activate the --backup option which will create a file username.tar(.gz|.bz2) in the directory specified
       by the --backup-to option (defaulting to the current working directory). Both the remove and backup options can also be activated for default  in  the  configuration
       file /etc/deluser.conf. See deluser.conf(5) for details.

expire account or password:

you can time account and password validity with:

chage maria
Changing the aging information for maria
Enter the new value, or press ENTER for the default

        Minimum Password Age [0]:
        Maximum Password Age [99999]:
        Last Password Change (YYYY-MM-DD) [2017-05-11]:
        Password Expiration Warning [7]:
        Password Inactive [-1]:
        Account Expiration Date (YYYY-MM-DD) [-1]:

# in german
chage maria
Passwortalterung für maria wird geändert.
Geben Sie einen neuen Wert an oder drücken Sie ENTER für den Standardwert

        Minimales Passwortalter [0]: 3
        Maximales Passwortalter [99999]: 3
        Letzte Passwortänderung (JJJJ-MM-TT) [2017-05-11]:
        Passwortablaufwarnung [7]:
        Passwort inaktiv [-1]:
        Ablaufdatum des Benutzerzugangs (JJJJ-MM-TT) [-1]: 2017-04-01

First off, the respective man page snippets highlight the differences between the two commands and give some indication of what is going on. For

adduser

:

adduser and addgroup add users and groups to the system according to command line options and configuration information in /etc/adduser.conf. They are friendlier front ends to the low level tools like useradd, groupadd and usermod programs, by default choosing Debian policy conformant UID and GID values, creating a home directory with skeletal configuration, running a custom script, and other features.

Then for

useradd

:

useradd is a low level utility for adding users. On Debian, administrators should usually use adduser(8) instead.

Further investigation of

adduser

reveals that it is a perl script providing a high level interface to, and thus offering some of the functionality of, the following commands:

  • useradd
  • groupadd
  • passwd

    – used to add/change users passwords.

  • gpasswd

    – used to add/change group passwords.

  • usermod

    – used to change various user associated parameters.

  • chfn

    – used to add/change additional information held on a user.

  • chage

    – used to change password expiry information.

  • edquota

    – used to change disk usage quotas.

A basic run of the

adduser

command is as follows:


adduser username

This simple command will do a number of things:

  1. Create the user named
    username

    .

  2. Create the user’s home directory (default is
    /home/username

    and copy the files from

    /etc/skel

    into it.

  3. Create a group with the same name as the user and place the user in it.
  4. Prompt for a password for the user.
  5. Prompt for additional information on the user.

The

useradd

program can most of accomplish most of this, however it does not do so by default and needs additional options. Some of the information requires more commands:


useradd -m -U username
passwd username
chfn username

Note that

adduser

ensures that created UIDs and GIDs conform with the Debian policy. Creating normal users with

useradd

seems to be ok, provided

UID_MIN

/

UID_MAX

in

/etc/login.defs

matches the Debian policy. What is a problem though is that Debian specifies a particular range for system user UIDs which only seems to be supported in

/etc/adduser.conf

, so naively adding a system user with

useradd

and not specifying a UID/GUID in the correct range leaves the potential for serious problems.

Another common use for

adduser

is to simplify the process of adding a user to a group. Here, the following command:


adduser username newgroup

replaces a more complex

usermod

command that requires the groups which the user is already a member of (and that you would like the user to remain a member) to be specified:


usermod -G all,other,groups,user,is,in,newgroup

One downside to using

adduser

here though is that you can only specify one group at a time.

admin