useradd(1M)

NAME

useradd — add a new user login to the system

SYNOPSIS

useradd [-u uid [-o] ] [-g group] [-G group [, group...]] [-d dir] [-s shell] [-c comment] [-m [-k skel_dir]] [-f inactive] [-e expire] login

useradd -D [-g group] [-b base_dir] [-f inactive] [-e expire]

DESCRIPTION

The useradd command creates a user login on the system by adding the appropriate entry to the /etc/passwd file and any security files, modifying the /etc/group file as necessary, creating a home directory, and copying the appropriate default files into the home directory depending on the command line options. The new login remains locked until the passwd (see passwd(1)) command is invoked.

New Behavior

login will not be added to the primary group entry in the /etc/group file, even if the primary group is specified in the command line. However, the login is added to the corresponding supplemental group in /etc/group file.

Options

The useradd command supports the following options:

-u uid

Specifies the UID for the new user. uid must be a non-negative decimal integer less than MAXUID as it is defined in the <param.h> header file. uid defaults to the next available unique number above the maximum currently assigned number. UIDs from 0-99 are reserved.

-o

Allows the UID to be non-unique (i.e., a duplicate).

-g group

Specifies the integer group ID or character string name of an existing group. This defines the primary group membership of the new login. The default for this option can be reset by invoking useradd -D -g group.

-G group

Specifies the integer group ID or character string name of an existing group. This defines the supplemental group memberships of the new login. Multiple groups may be specified as a comma separated list. Duplicates within group with the -g and -G options are ignored.

-d dir

Specifies the home directory of the new login. It defaults to base_dir/login, where login is the new login and base_dir is the base directory for new login home directories.

To specify directory creation, you must use the -m option.

-s shell

Specifies the full pathname of the new login shell. The default is an empty field, which causes the system to use /sbin/sh as the login shell. The value of shell must be a valid executable file.

-c comment

Specifies the comment field present in the /etc/passwd entry for this login. This can be any text string. A short description of the new login is suggested for this field.

-m

Creates the home directory for the new login if it does not exist. If the home directory exists, the directory must have read and execute permission by group, where group is the primary group of the new login. The -m option must be used to create a home directory.

-k skel_dir

Specifies the skeleton directory that contains information that can be copied to the new login's home directory. This directory must exist. The system provides a skeleton directory, /etc/skel, that can be used for this purpose.

-f inactive

Specifies the maximum number of days of continuous inactivity of the login before the login is declared invalid. Normal values are positive integers, while a value of -1 defeats this status.

-e expire

Specifies the date on which this login can no longer be used. After expire, no user will be able to access this login. This option is used to create temporary logins. expire, which is a date, may be typed in any format, except a Julian date. For example, a date may be entered in either of the following formats:

July 13, 1993
7/13/93

A value of '''' defeats the expired date status.

-D

Manages the defaults for various options. When useradd is invoked with this option only, the default values for group, base_dir, skel_dir, shell, inactive, and expire are displayed. Invoking useradd with this option and other allowed options sets the default values for those options.

-b base_dir

Specifies the default base directory for the system. If -d dir is not specified, base_dir is concatenated with the new login name to define the path of the new home directory. base_dir must exist.

The useradd command may be used with the login argument, where login is the new login name, specified as a string of printable characters. It may not contain a colon (:) or a newline (\n).

Unless enhanced security is installed (see pwconv(1M)), the -e and -f options are not supported and will return an error.

Networking Features

NIS

This command is aware of NIS user and group entries. Only local users and groups may be modified with this command. Attempts to modify an NIS user or group will result in an error. NIS users and groups must be administered from the NIS server. NIS users are checked when verifying uniqueness of the new UID or new user name, which may result in the error

login x not unique

(return value 9), or the error

UID # is not unique (when -o is not used)

(return value 4) even though the user or UID is not present in the local /etc/passwd file. The error

Cannot modify /etc/group file, /etc/passwd was modified

(return value 10) is returned if a group specified with either the -g option or the -G option is an NIS group (see group(4)).

NFS

Errors may occur with the -m or -k options if the indicated directory is within an NFS mounted file system that does not allow root privileges across the NFS mount, and the directory or files within the directory do not have sufficient permissions.

RETURN VALUE

useradd exits with one of the following values:

0: Successful completion.
2: Invalid command syntax.
3: Invalid argument supplied to an option.
4: uid is not unique (when -o is not used).
6: The group specified with the -g option does not exist.
9: login is not unique.
10: Cannot modify the /etc/group file. The login was added to the /etc/passwd file, but not to the /etc/group file.
12: Unable to create the home directory (while using the -m option) or unable to complete the copy of skel_dir to the new home directory.
13: Unable to open /etc/ptmp file or /etc/default file, or /etc/passwd file is non-existent.
14: /etc/passwd, or /etc/ptmp, or /etc/default file busy. Another command may be modifying the /etc/passwd file.
16: Cannot add the entry into the /etc/passwd file.

EXAMPLES

Add the user otto to the system with all of the default attributes.

useradd otto 

Add the user otto to the system with a UID of 222 and a primary group of staff.

useradd -u 222 -g staff otto 

List the defaults for the primary group, base directory, inactivity timeout, and skeleton directory.

useradd -D 

Change the default primary group to staff.

useradd -D -g staff 

WARNINGS

A directory can be shared between the users belonging to the same group. If the home directory is in the unshared mode and a new user is allocated to that directory then it will be put into the shared mode by setting the permissions of that directory to 775 (i.e. includes the write permissions to the group as well). Also, the directory which will be shared should have read and execute permissions for the group. Otherwise, useradd will report an error.

Any existing directory in the system can be allocated to a new user. If this directory is not the home directory of an existing user AND has read and execute permissions for the group, its ownership will be recursively changed to the new user.

As many users may try to write the /etc/passwd file simultaneously, a passwd locking mechanism was deviced. If this locking fails after subsequent retrying, useradd terminates.

A group entry in the /etc/group file can have maximum of LINE_MAX bytes. If a user is added to a group that has reached LINE_MAX limit, another entry of the same group is created to which the new user is added. A warning message is also issued.

FILES

/etc/passwd 
/etc/skel 
/etc/group 
/etc/ptmp 

STANDARDS COMPLIANCE

useradd: SVID3