리눅스 useradd

From IT Wiki
useradd - create a new user or update default new user information

사용법[edit | edit source]

useradd [옵션] [아이디]

옵션[edit | edit source]

요약[edit | edit source]

  • -c comment : 새로운 사용자의 설명을 추가한다. 사용자의 전체 이름을 지정할 수 있다.
  • -d 홈 디렉터리 : 사용자의 홈 디렉터리 위치를 지정한다. 기본값은 /home 디렉터리이다.
  • -e 날짜 : 임시 사용자의 사용기간을 제한한다. YYYY-MM-DD(년도-월-날) 방식으로 지정한다.
  • -f 남은 날 수 : 임시로 생성한 사용자의 사용 기간을 지정한다.
  • -g 그룹 : 새로운 사용자의 그룹을 지정한다.
  • -G 그룹, ··· : 새로운 사용자가 포함되는 여러 그룹을 지정할 수 있다.
  • -u UserID : 새로운 사용자의 ID 값을 지정한다. 사용자 ID 값은 /etc/passwd 파일로 확인할 수 있다.
  • -p 패스워드 : 새로운 사용자를 추가하면서 동시에 패스워드도 지정한다.
  • -s shell : 새로운 사용자의 셸을 지정한다.
  • -m -k skell_dir : skell 디렉터리를 지정한다. 기본값은 /etc/skell의 내용을 새로운 사용자의 디렉터리로 복사한다.

전체[edit | edit source]

-b, --base-dir BASE_DIR
     The default base directory for the system if -d HOME_DIR is not specified.  BASE_DIR is concatenated with the
     account name to define the home directory. The BASE_DIR must exist otherwise the home directory cannot be created.

     If this option is not specified, useradd will use the base directory specified by the HOME variable in
     /etc/default/useradd, or /home by default.

 -c, --comment COMMENT
     Any text string. It is generally a short description of the login, and is currently used as the field for the
     user´s full name.

 -d, --home-dir HOME_DIR
     The new user will be created using HOME_DIR as the value for the user´s login directory. The default is to append
     the LOGIN name to BASE_DIR and use that as the login directory name.

 -D, --defaults
     See below, the subsection "Changing the default values".

 -e, --expiredate EXPIRE_DATE
     The date on which the user account will be disabled. The date is specified in the format YYYY-MM-DD.

     If not specified, useradd will use the default expiry date specified by the EXPIRE variable in
     /etc/default/useradd, or an empty string (no expiry) by default.

 -f, --inactive INACTIVE
     The number of days after a password expires until the account is permanently disabled. A value of 0 disables the
     account as soon as the password has expired, and a value of -1 disables the feature.

     If not specified, useradd will use the default inactivity period specified by the INACTIVE variable in
     /etc/default/useradd, or -1 by default.

 -g, --gid GROUP
     The group name or number of the user´s initial login group. The group name must exist. A group number must refer to
     an already existing group.

     If not specified, the behavior of useradd will depend on the USERGROUPS_ENAB variable in /etc/login.defs. If this
     variable is set to yes (or -U/--user-group is specified on the command line), a group will be created for the user,
     with the same name as her loginname. If the variable is set to no (or -N/--no-user-group is specified on the
     command line), useradd will set the primary group of the new user to the value specified by the GROUP variable in
     /etc/default/useradd, or 100 by default.

 -G, --groups GROUP1[,GROUP2,...[,GROUPN]]]
     A list of supplementary groups which the user is also a member of. Each group is separated from the next by a
     comma, with no intervening whitespace. The groups are subject to the same restrictions as the group given with the
     -g option. The default is for the user to belong only to the initial group.

 -h, --help
     Display help message and exit.

 -k, --skel SKEL_DIR
     The skeleton directory, which contains files and directories to be copied in the user´s home directory, when the
     home directory is created by useradd.

     This option is only valid if the -m (or --create-home) option is specified.

     If this option is not set, the skeleton directory is defined by the SKEL variable in /etc/default/useradd or, by
     default, /etc/skel.

     If possible, the ACLs and extended attributes are copied.

 -K, --key KEY=VALUE
     Overrides /etc/login.defs defaults (UID_MIN, UID_MAX, UMASK, PASS_MAX_DAYS and others).

     Example: -K PASS_MAX_DAYS=-1 can be used when creating system account to turn off password ageing, even though
     system account has no password at all. Multiple -K options can be specified, e.g.: -K UID_MIN=100 -K UID_MAX=499

 -l, --no-log-init
     Do not add the user to the lastlog and faillog databases.

     By default, the user´s entries in the lastlog and faillog databases are resetted to avoid reusing the entry from a
     previously deleted user.

 -m, --create-home
     Create the user´s home directory if it does not exist. The files and directories contained in the skeleton
     directory (which can be defined with the -k option) will be copied to the home directory.

     By default, if this option is not specified and CREATE_HOME is not enabled, no home directories are created.

     The directory where the user´s home directory is created must exist and have proper SELinux context and
     permissions. Otherwise the user´s home directory cannot be created or accessed.

 -M, --no-create-home
     Do not create the user´s home directory, even if the system wide setting from /etc/login.defs (CREATE_HOME) is set
     to yes.

 -N, --no-user-group
     Do not create a group with the same name as the user, but add the user to the group specified by the -g option or
     by the GROUP variable in /etc/default/useradd.

     The default behavior (if the -g, -N, and -U options are not specified) is defined by the USERGROUPS_ENAB variable
     in /etc/login.defs.

 -o, --non-unique
     Allow the creation of a user account with a duplicate (non-unique) UID.

     This option is only valid in combination with the -u option.

 -p, --password PASSWORD
     The encrypted password, as returned by crypt(3). The default is to disable the password.

     Note: This option is not recommended because the password (or encrypted password) will be visible by users listing
     the processes.

     You should make sure the password respects the system´s password policy.

 -r, --system
     Create a system account.

     System users will be created with no aging information in /etc/shadow, and their numeric identifiers are chosen in
     the SYS_UID_MIN-SYS_UID_MAX range, defined in /etc/login.defs, instead of UID_MIN-UID_MAX (and their GID
     counterparts for the creation of groups).

     Note that useradd will not create a home directory for such an user, regardless of the default setting in
     /etc/login.defs (CREATE_HOME). You have to specify the -m options if you want a home directory for a system account
     to be created.

 -R, --root CHROOT_DIR
     Apply changes in the CHROOT_DIR directory and use the configuration files from the CHROOT_DIR directory.

 -s, --shell SHELL
     The name of the user´s login shell. The default is to leave this field blank, which causes the system to select the
     default login shell specified by the SHELL variable in /etc/default/useradd, or an empty string by default.

 -u, --uid UID
     The numerical value of the user´s ID. This value must be unique, unless the -o option is used. The value must be
     non-negative. The default is to use the smallest ID value greater than or equal to UID_MIN and greater than every
     other user.

     See also the -r option and the UID_MAX description.

 -U, --user-group
     Create a group with the same name as the user, and add the user to this group.

     The default behavior (if the -g, -N, and -U options are not specified) is defined by the USERGROUPS_ENAB variable
     in /etc/login.defs.

 -Z, --selinux-user SEUSER
     The SELinux user for the user´s login. The default is to leave this field blank, which causes the system to select
     the default SELinux user.

관련 파일[edit | edit source]

  • /etc/login.defs : Shadow password suite configuration.
  • /etc/passwd : User account information.
  • /etc/shadow : Secure user account information.
  • /etc/group : Group account information.
  • /etc/gshadow : Secure group account information.
  • /etc/default/useradd : Default values for account creation.
  • /etc/skel/ : Directory containing default files.

관련 항목[edit | edit source]

chfn(1), chsh(1), passwd(1), crypt(3), groupadd(8), groupdel(8), groupmod(8), login.defs(5), newusers(8), userdel(8), usermod(8)