리눅스 useradd
From IT Wiki
- useradd - create a new user or update default new user information
사용법
useradd [옵션] [아이디]
옵션
요약
- -c comment : 새로운 사용자의 설명을 추가한다. 사용자의 전체 이름을 지정할 수 있다.
- -d 홈 디렉터리 : 사용자의 홈 디렉터리 위치를 지정한다. 기본값은 /home 디렉터리이다.
- -e 날짜 : 임시 사용자의 사용기간을 제한한다. YYYY-MM-DD(년도-월-날) 방식으로 지정한다.
- -f 남은 날 수 : 임시로 생성한 사용자의 사용 기간을 지정한다.
- -g 그룹 : 새로운 사용자의 그룹을 지정한다.
- -G 그룹, ··· : 새로운 사용자가 포함되는 여러 그룹을 지정할 수 있다.
- -u UserID : 새로운 사용자의 ID 값을 지정한다. 사용자 ID 값은 /etc/passwd 파일로 확인할 수 있다.
- -p 패스워드 : 새로운 사용자를 추가하면서 동시에 패스워드도 지정한다.
- -s shell : 새로운 사용자의 셸을 지정한다.
- -m -k skell_dir : skell 디렉터리를 지정한다. 기본값은 /etc/skell의 내용을 새로운 사용자의 디렉터리로 복사한다.
전체
-b, --base-dir BASE_DIR The default base directory for the system if -d HOME_DIR is not specified. BASE_DIR is concatenated with the account name to define the home directory. The BASE_DIR must exist otherwise the home directory cannot be created. If this option is not specified, useradd will use the base directory specified by the HOME variable in /etc/default/useradd, or /home by default. -c, --comment COMMENT Any text string. It is generally a short description of the login, and is currently used as the field for the user´s full name. -d, --home-dir HOME_DIR The new user will be created using HOME_DIR as the value for the user´s login directory. The default is to append the LOGIN name to BASE_DIR and use that as the login directory name. -D, --defaults See below, the subsection "Changing the default values". -e, --expiredate EXPIRE_DATE The date on which the user account will be disabled. The date is specified in the format YYYY-MM-DD. If not specified, useradd will use the default expiry date specified by the EXPIRE variable in /etc/default/useradd, or an empty string (no expiry) by default. -f, --inactive INACTIVE The number of days after a password expires until the account is permanently disabled. A value of 0 disables the account as soon as the password has expired, and a value of -1 disables the feature. If not specified, useradd will use the default inactivity period specified by the INACTIVE variable in /etc/default/useradd, or -1 by default. -g, --gid GROUP The group name or number of the user´s initial login group. The group name must exist. A group number must refer to an already existing group. If not specified, the behavior of useradd will depend on the USERGROUPS_ENAB variable in /etc/login.defs. If this variable is set to yes (or -U/--user-group is specified on the command line), a group will be created for the user, with the same name as her loginname. If the variable is set to no (or -N/--no-user-group is specified on the command line), useradd will set the primary group of the new user to the value specified by the GROUP variable in /etc/default/useradd, or 100 by default. -G, --groups GROUP1[,GROUP2,...[,GROUPN]]] A list of supplementary groups which the user is also a member of. Each group is separated from the next by a comma, with no intervening whitespace. The groups are subject to the same restrictions as the group given with the -g option. The default is for the user to belong only to the initial group. -h, --help Display help message and exit. -k, --skel SKEL_DIR The skeleton directory, which contains files and directories to be copied in the user´s home directory, when the home directory is created by useradd. This option is only valid if the -m (or --create-home) option is specified. If this option is not set, the skeleton directory is defined by the SKEL variable in /etc/default/useradd or, by default, /etc/skel. If possible, the ACLs and extended attributes are copied. -K, --key KEY=VALUE Overrides /etc/login.defs defaults (UID_MIN, UID_MAX, UMASK, PASS_MAX_DAYS and others). Example: -K PASS_MAX_DAYS=-1 can be used when creating system account to turn off password ageing, even though system account has no password at all. Multiple -K options can be specified, e.g.: -K UID_MIN=100 -K UID_MAX=499 -l, --no-log-init Do not add the user to the lastlog and faillog databases. By default, the user´s entries in the lastlog and faillog databases are resetted to avoid reusing the entry from a previously deleted user. -m, --create-home Create the user´s home directory if it does not exist. The files and directories contained in the skeleton directory (which can be defined with the -k option) will be copied to the home directory. By default, if this option is not specified and CREATE_HOME is not enabled, no home directories are created. The directory where the user´s home directory is created must exist and have proper SELinux context and permissions. Otherwise the user´s home directory cannot be created or accessed. -M, --no-create-home Do not create the user´s home directory, even if the system wide setting from /etc/login.defs (CREATE_HOME) is set to yes. -N, --no-user-group Do not create a group with the same name as the user, but add the user to the group specified by the -g option or by the GROUP variable in /etc/default/useradd. The default behavior (if the -g, -N, and -U options are not specified) is defined by the USERGROUPS_ENAB variable in /etc/login.defs. -o, --non-unique Allow the creation of a user account with a duplicate (non-unique) UID. This option is only valid in combination with the -u option. -p, --password PASSWORD The encrypted password, as returned by crypt(3). The default is to disable the password. Note: This option is not recommended because the password (or encrypted password) will be visible by users listing the processes. You should make sure the password respects the system´s password policy. -r, --system Create a system account. System users will be created with no aging information in /etc/shadow, and their numeric identifiers are chosen in the SYS_UID_MIN-SYS_UID_MAX range, defined in /etc/login.defs, instead of UID_MIN-UID_MAX (and their GID counterparts for the creation of groups). Note that useradd will not create a home directory for such an user, regardless of the default setting in /etc/login.defs (CREATE_HOME). You have to specify the -m options if you want a home directory for a system account to be created. -R, --root CHROOT_DIR Apply changes in the CHROOT_DIR directory and use the configuration files from the CHROOT_DIR directory. -s, --shell SHELL The name of the user´s login shell. The default is to leave this field blank, which causes the system to select the default login shell specified by the SHELL variable in /etc/default/useradd, or an empty string by default. -u, --uid UID The numerical value of the user´s ID. This value must be unique, unless the -o option is used. The value must be non-negative. The default is to use the smallest ID value greater than or equal to UID_MIN and greater than every other user. See also the -r option and the UID_MAX description. -U, --user-group Create a group with the same name as the user, and add the user to this group. The default behavior (if the -g, -N, and -U options are not specified) is defined by the USERGROUPS_ENAB variable in /etc/login.defs. -Z, --selinux-user SEUSER The SELinux user for the user´s login. The default is to leave this field blank, which causes the system to select the default SELinux user.
관련 파일
- /etc/login.defs : Shadow password suite configuration.
- /etc/passwd : User account information.
- /etc/shadow : Secure user account information.
- /etc/group : Group account information.
- /etc/gshadow : Secure group account information.
- /etc/default/useradd : Default values for account creation.
- /etc/skel/ : Directory containing default files.
관련 항목
chfn(1), chsh(1), passwd(1), crypt(3), groupadd(8), groupdel(8), groupmod(8), login.defs(5), newusers(8), userdel(8), usermod(8)