리눅스 useradd
IT 위키
- useradd - create a new user or update default new user information
사용법[편집 | 원본 편집]
useradd [옵션] [아이디]
옵션[편집 | 원본 편집]
요약[편집 | 원본 편집]
- -c comment : 새로운 사용자의 설명을 추가한다. 사용자의 전체 이름을 지정할 수 있다.
- -d 홈 디렉터리 : 사용자의 홈 디렉터리 위치를 지정한다. 기본값은 /home 디렉터리이다.
- -e 날짜 : 임시 사용자의 사용기간을 제한한다. YYYY-MM-DD(년도-월-날) 방식으로 지정한다.
- -f 남은 날 수 : 임시로 생성한 사용자의 사용 기간을 지정한다.
- -g 그룹 : 새로운 사용자의 그룹을 지정한다.
- -G 그룹, ··· : 새로운 사용자가 포함되는 여러 그룹을 지정할 수 있다.
- -u UserID : 새로운 사용자의 ID 값을 지정한다. 사용자 ID 값은 /etc/passwd 파일로 확인할 수 있다.
- -p 패스워드 : 새로운 사용자를 추가하면서 동시에 패스워드도 지정한다.
- -s shell : 새로운 사용자의 셸을 지정한다.
- -m -k skell_dir : skell 디렉터리를 지정한다. 기본값은 /etc/skell의 내용을 새로운 사용자의 디렉터리로 복사한다.
전체[편집 | 원본 편집]
-b, --base-dir BASE_DIR
The default base directory for the system if -d HOME_DIR is not specified. BASE_DIR is concatenated with the
account name to define the home directory. The BASE_DIR must exist otherwise the home directory cannot be created.
If this option is not specified, useradd will use the base directory specified by the HOME variable in
/etc/default/useradd, or /home by default.
-c, --comment COMMENT
Any text string. It is generally a short description of the login, and is currently used as the field for the
user´s full name.
-d, --home-dir HOME_DIR
The new user will be created using HOME_DIR as the value for the user´s login directory. The default is to append
the LOGIN name to BASE_DIR and use that as the login directory name.
-D, --defaults
See below, the subsection "Changing the default values".
-e, --expiredate EXPIRE_DATE
The date on which the user account will be disabled. The date is specified in the format YYYY-MM-DD.
If not specified, useradd will use the default expiry date specified by the EXPIRE variable in
/etc/default/useradd, or an empty string (no expiry) by default.
-f, --inactive INACTIVE
The number of days after a password expires until the account is permanently disabled. A value of 0 disables the
account as soon as the password has expired, and a value of -1 disables the feature.
If not specified, useradd will use the default inactivity period specified by the INACTIVE variable in
/etc/default/useradd, or -1 by default.
-g, --gid GROUP
The group name or number of the user´s initial login group. The group name must exist. A group number must refer to
an already existing group.
If not specified, the behavior of useradd will depend on the USERGROUPS_ENAB variable in /etc/login.defs. If this
variable is set to yes (or -U/--user-group is specified on the command line), a group will be created for the user,
with the same name as her loginname. If the variable is set to no (or -N/--no-user-group is specified on the
command line), useradd will set the primary group of the new user to the value specified by the GROUP variable in
/etc/default/useradd, or 100 by default.
-G, --groups GROUP1[,GROUP2,...[,GROUPN]]]
A list of supplementary groups which the user is also a member of. Each group is separated from the next by a
comma, with no intervening whitespace. The groups are subject to the same restrictions as the group given with the
-g option. The default is for the user to belong only to the initial group.
-h, --help
Display help message and exit.
-k, --skel SKEL_DIR
The skeleton directory, which contains files and directories to be copied in the user´s home directory, when the
home directory is created by useradd.
This option is only valid if the -m (or --create-home) option is specified.
If this option is not set, the skeleton directory is defined by the SKEL variable in /etc/default/useradd or, by
default, /etc/skel.
If possible, the ACLs and extended attributes are copied.
-K, --key KEY=VALUE
Overrides /etc/login.defs defaults (UID_MIN, UID_MAX, UMASK, PASS_MAX_DAYS and others).
Example: -K PASS_MAX_DAYS=-1 can be used when creating system account to turn off password ageing, even though
system account has no password at all. Multiple -K options can be specified, e.g.: -K UID_MIN=100 -K UID_MAX=499
-l, --no-log-init
Do not add the user to the lastlog and faillog databases.
By default, the user´s entries in the lastlog and faillog databases are resetted to avoid reusing the entry from a
previously deleted user.
-m, --create-home
Create the user´s home directory if it does not exist. The files and directories contained in the skeleton
directory (which can be defined with the -k option) will be copied to the home directory.
By default, if this option is not specified and CREATE_HOME is not enabled, no home directories are created.
The directory where the user´s home directory is created must exist and have proper SELinux context and
permissions. Otherwise the user´s home directory cannot be created or accessed.
-M, --no-create-home
Do not create the user´s home directory, even if the system wide setting from /etc/login.defs (CREATE_HOME) is set
to yes.
-N, --no-user-group
Do not create a group with the same name as the user, but add the user to the group specified by the -g option or
by the GROUP variable in /etc/default/useradd.
The default behavior (if the -g, -N, and -U options are not specified) is defined by the USERGROUPS_ENAB variable
in /etc/login.defs.
-o, --non-unique
Allow the creation of a user account with a duplicate (non-unique) UID.
This option is only valid in combination with the -u option.
-p, --password PASSWORD
The encrypted password, as returned by crypt(3). The default is to disable the password.
Note: This option is not recommended because the password (or encrypted password) will be visible by users listing
the processes.
You should make sure the password respects the system´s password policy.
-r, --system
Create a system account.
System users will be created with no aging information in /etc/shadow, and their numeric identifiers are chosen in
the SYS_UID_MIN-SYS_UID_MAX range, defined in /etc/login.defs, instead of UID_MIN-UID_MAX (and their GID
counterparts for the creation of groups).
Note that useradd will not create a home directory for such an user, regardless of the default setting in
/etc/login.defs (CREATE_HOME). You have to specify the -m options if you want a home directory for a system account
to be created.
-R, --root CHROOT_DIR
Apply changes in the CHROOT_DIR directory and use the configuration files from the CHROOT_DIR directory.
-s, --shell SHELL
The name of the user´s login shell. The default is to leave this field blank, which causes the system to select the
default login shell specified by the SHELL variable in /etc/default/useradd, or an empty string by default.
-u, --uid UID
The numerical value of the user´s ID. This value must be unique, unless the -o option is used. The value must be
non-negative. The default is to use the smallest ID value greater than or equal to UID_MIN and greater than every
other user.
See also the -r option and the UID_MAX description.
-U, --user-group
Create a group with the same name as the user, and add the user to this group.
The default behavior (if the -g, -N, and -U options are not specified) is defined by the USERGROUPS_ENAB variable
in /etc/login.defs.
-Z, --selinux-user SEUSER
The SELinux user for the user´s login. The default is to leave this field blank, which causes the system to select
the default SELinux user.
관련 파일[편집 | 원본 편집]
- /etc/login.defs : Shadow password suite configuration.
- /etc/passwd : User account information.
- /etc/shadow : Secure user account information.
- /etc/group : Group account information.
- /etc/gshadow : Secure group account information.
- /etc/default/useradd : Default values for account creation.
- /etc/skel/ : Directory containing default files.
관련 항목[편집 | 원본 편집]
chfn(1), chsh(1), passwd(1), crypt(3), groupadd(8), groupdel(8), groupmod(8), login.defs(5), newusers(8), userdel(8), usermod(8)
