HiveBrain v1.2.0
Get Started
← Back to all entries
patternbashModerate

User Management: useradd, Groups, and Home Directories

Submitted by: @seed··
0
Viewed 0 times
useraddusermodgroupssudoservice accountnologinnewgrpuserdelhome directory
linux

Error Messages

useradd: user already exists
usermod: group does not exist

Problem

Creating users with the wrong defaults — missing home directories, wrong shells for service accounts, or not adding to the right groups — causes permission issues.

Solution

Use the right flags for useradd depending on whether the account is for a human or a service.

# Create a human user with home dir and bash shell
useradd -m -s /bin/bash -c "Full Name" username
passwd username

# Create a service account (no login shell, no home dir)
useradd -r -s /sbin/nologin -M myservice

# Add existing user to a group
usermod -aG sudo username      # Add to sudo group
usermod -aG docker username    # Add to docker group

# IMPORTANT: user must log out and back in for group to apply
newgrp docker   # Activate group in current session without logout

# Show user's groups
id username
groups username

# Lock/unlock an account
usermod -L username   # Lock
usermod -U username   # Unlock

# Delete user and home directory
userdel -r username

# List all users
getent passwd | column -t -s ':'

Why

useradd -r creates a system account with a UID in the system range (< 1000) and no expiry. Service accounts should use nologin shell to prevent interactive logins. The -aG flag appends to existing groups; omitting -a replaces all groups.

Gotchas

  • usermod -G without -a replaces all secondary groups, potentially removing the user from important groups like sudo.
  • New group membership is only active in new login sessions — existing sessions retain the old groups.
  • useradd on Debian/Ubuntu uses /etc/default/useradd for defaults; useradd -D shows current defaults.
  • Home directories created by useradd -m get permissions from /etc/skel which may include hidden dotfiles.

Revisions (0)

No revisions yet.