1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
|
.\" Someone tell emacs that this is an -*- nroff -*- source file.
.\" Copyright 1997, 1998, 1999 Guy Maor.
.\" Adduser and this manpage are copyright 1995 by Ted Hajek,
.\" With much borrowing from the original adduser copyright 1994 by
.\" Ian Murdock.
.\"
.\" This is free software; see the GNU General Public License version
.\" 2 or later for copying conditions. There is NO warranty.
.TH ADDUSER 8 "Version VERSION" "Debian GNU/Linux"
.SH NAME
adduser, addgroup \- add a user or group to the system
.SH SYNOPSIS
.BR adduser " [options] [\-\-home DIR] [\-\-shell SHELL] [\-\-no-create-home] [\-\-uid ID] [\-\-firstuid ID] [\-\-lastuid ID] [\-\-ingroup GROUP | \-\-gid ID] [\-\-disabled-password] [\-\-disabled-login] [\-\-gecos GECOS] [\-\-add_extra_groups] user"
.PP
.BR adduser " \-\-system [options] [\-\-home DIR] [\-\-shell SHELL] [\-\-no-create-home] [\-\-uid ID] [\-\-group | \-\-ingroup GROUP | \-\-gid ID] [\-\-disabled-password] [\-\-disabled-login] [\-\-gecos GECOS] user"
.PP
.BR addgroup " [options] [\-\-gid ID] group"
.PP
.BR addgroup " \-\-system [options] [\-\-gid ID] group"
.PP
.BR adduser " [options] user group"
.SS COMMON OPTIONS
.br
[\-\-quiet] [\-\-debug] [\-\-force-badname] [\-\-help|\-h] [\-\-version] [\-\-conf FILE]
.SH DESCRIPTION
.PP
.BR adduser " and " addgroup
add users and groups to the system according to command line options
and configuration information in
.IR /etc/adduser.conf .
They are friendlier front ends to the low level tools like
.BR useradd,
.BR groupadd " and " usermod
programs, by default choosing Debian policy conformant UID and GID values,
creating a home directory with skeletal configuration, running a custom
script, and other features.
.BR adduser " and " addgroup
can be run in one of five modes:
.SS "Add a normal user"
If called with one non-option argument and without the
.BR \-\-system " or " \-\-group " options, " adduser
will add a normal user.
.B adduser
will choose the first available UID from the range specified for
normal users in the configuration file. The UID can be overridden
with the
.B \-\-uid
option.
The range specified in the configuration file may be overridden with the
.B \-\-firstuid
and
.B \-\-lastuid
options.
By default, each user in Debian GNU/Linux is given a corresponding
group with the same name. Usergroups allow group writable
directories to be easily maintained by placing the appropriate users
in the new group, setting the set-group-ID bit in the directory, and ensuring
that all users use a umask of 002. If this option is turned off by setting
.B USERGROUPS
to
.IR no ,
all users' GIDs are set to
.BR USERS_GID .
Users' primary groups can also be overridden from the command line with the
.BR \-\-gid " or " \-\-ingroup
options to set the group by id or name, respectively. Also, users can be
added to one or more groups defined in adduser.conf either by setting
ADD_EXTRA_GROUPS to 1 in adduser.conf, or by passing
.B \-\-add_extra_groups
on the commandline.
.B adduser
will create a home directory subject to
.BR DHOME ", " GROUPHOMES ", and " LETTERHOMES .
The home directory can be overridden from the command line with the
.B \-\-home
option, and the shell with the
.B \-\-shell
option. The home directory's set-group-ID bit is set if
.B USERGROUPS
is
.I yes
so that any files created in the user's home directory will
have the correct group.
.B adduser
will copy files from
.B SKEL
into the home directory and prompt for finger (gecos) information and
a password. The gecos may also be set with the
.B \-\-gecos
option. With the
.B \-\-disabled-login
option, the account will be created but will be disabled until a
password is set. The
.B \-\-disabled-password
option will not set a password, but login is still possible (for example
with SSH RSA keys).
If the file
.B /usr/local/sbin/adduser.local
exists, it will be executed after the user account has been set
up in order to do any local setup. The arguments passed to
.B adduser.local
are:
.br
username uid gid home-directory
.br
The environment variable VERBOSE is set according to the following rule:
.TP
0 if
.B \-\-quiet
is specified
.TP
1 if neither
.B \-\-quiet
nor
.B \-\-debug
is specified
.TP
2 if
.B \-\-debug
is specified
(The same applies to the variable DEBUG, but DEBUG is deprecated and will be removed in a later version of
.BR adduser .)
.SS "Add a system user"
If called with one non-option argument and the
.BR \-\-system " option, " adduser
will add a system user. If a user with the same name already exists in
the system uid range (or, if the uid is specified, if a user with that
uid already exists), adduser will exit with a warning. This warning can be suppressed by adding
.BR \-\-quiet .
.B adduser
will choose the first available UID from the range specified for
system users in the configuration file (FIRST_SYSTEM_UID and LAST_SYSTEM_UID). If you want to have a specific UID, you can specify it using the
.B \-\-uid
option.
By default, system users are placed in the
.B nogroup
group. To place the new system user in an already existing group, use
the
.BR \-\-gid " or " \-\-ingroup
options. To place the new system user in a new group with the same ID, use
the
.B \-\-group
option.
A home directory is created by the same rules as for normal users.
The new system user will have the shell
.I /usr/sbin/nologin
(unless overridden with the
.B \-\-shell
option), and have logins disabled. Skeletal configuration files
are not copied.
.SS "Add a user group"
If
.BR adduser " is called with the " \-\-group " option and without the
.BR \-\-system " option, or " addgroup " is called respectively, a user
group will be added.
A GID will be chosen from the range specified for system GIDS in the
configuration file (FIRST_GID, LAST_GID). To override that mechanism you can give the GID using the
.B \-\-gid
option.
The group is created with no users.
.SS "Add a system group"
If
.BR addgroup " is called with the
.BR \-\-system " option, a system group will be added.
A GID will be chosen from the range specified for system GIDS in the
configuration file (FIRST_SYSTEM_GID, LAST_SYSTEM_GID). To override that mechanism you can give the GID using the
.B \-\-gid
option.
The group is created with no users.
.SS "Add an existing user to an existing group"
If called with two non-option arguments,
.B adduser
will add an existing user to an existing group.
.SH OPTIONS
.TP
.B \-\-conf FILE
Use FILE instead of
.IR /etc/adduser.conf .
.TP
.B \-\-disabled-login
Do not run passwd to set the password. The user won't be able to use
her account until the password is set.
.TP
.B \-\-disabled-password
Like \-\-disabled-login, but logins are still possible (for example using
SSH RSA keys) but not using password authentication.
.TP
.B \-\-force\-badname
By default, user and group names are checked against the configurable
regular expression
.B NAME_REGEX
specified in the configuration file. This option forces
.B adduser
and
.B addgroup
to apply only a weak check for validity of the name.
.B NAME_REGEX
is described in
.BR adduser.conf (5).
.TP
.B \-\-gecos GECOS
Set the gecos field for the new entry generated.
.B adduser
will not ask for finger information if this option is given.
.TP
.B \-\-gid ID
When creating a group, this option forces the new groupid to be the
given number. When creating a user, this option will put the user in
that group.
.TP
.B \-\-group
When combined with
.BR \-\-system ,
a group with the same name and ID as the system user is created.
If not combined with
.BR \-\-system ,
a group with the given name is created. This is the default action if
the program is invoked as
.BR addgroup .
.TP
.B \-\-help
Display brief instructions.
.TP
.B \-\-home DIR
Use DIR as the user's home directory, rather than the default specified by the
configuration file. If the directory does not exist, it is created
and skeleton files are copied.
.TP
.B \-\-shell SHELL
Use SHELL as the user's login shell, rather than the default specified by the
configuration file.
.TP
.B \-\-ingroup GROUP
Add the new user to GROUP instead of a usergroup or the default group
defined by
.B USERS_GID
in the configuration file. This affects the users primary group. To add additional
groups, see the
.B add_extra_groups
option.
.TP
.B \-\-no-create-home
Do not create the home directory, even if it doesn't exist.
.TP
.B \-\-quiet
Suppress informational messages, only show warnings and errors.
.TP
.B \-\-debug
Be verbose, most useful if you want to nail down a problem with adduser.
.TP
.B \-\-system
Create a system user or group.
.TP
.B \-\-uid ID
Force the new userid to be the given number.
.B adduser
will fail if the userid is already taken.
.TP
.B \-\-firstuid ID
Override the first uid in the range that the uid is chosen from (overrides
.B FIRST_UID
specified in the configuration file).
.TP
.B \-\-lastuid ID
Override the last uid in the range that the uid is chosen from (
.B LAST_UID
)
.TP
.B \-\-add_extra_groups
Add new user to extra groups defined in the configuration file.
.TP
.B \-\-version
Display version and copyright information.
.SH EXIT VALUES
.TP
.B 0
The user exists as specified. This can have 2 causes: The user was created by adduser or the user was already present on the system before adduser was invoked. If adduser was returning 0 , invoking adduser a second time with the same parameters as before also returns 0.
.TP
.B 1
Creating the user or group failed because it was already present with other UID/GID than specified. The username or groupname was rejected because of a mismatch with the configured regular expressions, see adduser.conf(5). Adduser has been aborted by a signal.
.br
Or for many other yet undocumented reasons which are printed to console then. You may then consider to remove
.B \-\-quiet
to make adduser more verbose.
.SH FILES
.TP
/etc/adduser.conf
Default configuration file for adduser and addgroup
.TP
/usr/local/sbin/adduser.local
Optional custom add-ons.
.SH "SEE ALSO"
.BR adduser.conf (5),
.BR deluser (8),
.BR groupadd (8),
.BR useradd (8),
.BR usermod (8),
Debian Policy 9.2.2.
.SH COPYRIGHT
Copyright (C) 1997, 1998, 1999 Guy Maor. Modifications by Roland
Bauerschmidt and Marc Haber. Additional patches by Joerg Hoh and Stephen Gran.
.br
Copyright (C) 1995 Ted Hajek, with a great deal borrowed from the original
Debian
.B adduser
.br
Copyright (C) 1994 Ian Murdock.
.B adduser
is free software; see the GNU General Public Licence version 2 or
later for copying conditions. There is
.I no
warranty.
|
