User Management

User Management #

User Creation #

tl;dr #

On a new system, e.g., new Debian dev server, where we want to create new regular user, run the following to interactively create a new user:

adduser USERNAME

This command will prompt to provide some user details, such as Full Name, email, etc. that can be left empty (by default) if desired.

Initially, the new user will be a regular unprivileged user with uid >= 1000 and be a member of a single group (their own gid). If necessary, the user can be added to the sudoers group:

usermod -aG sudo USERNAME

Details #

In many linux systems, there are two commands available for user creation:

  • adduser (distro-specific account setup)
  • useradd (more generic, basic user creation)

Note On some systems, these could provide the same functionality by one being simply a symlink to another If I remember correctly, some systems from RedHat shiped like that. But, since I have not used recent versions of CentOS or Fedora, I cannot confirm this is still the case.

In general, adduser can be viewed as a disto-specific wrapper around useradd. If there is a need to create a service account, I think the generic useradd is better. Because, it can be scripted and the scripts will likely produce consistent results across distros.

Both commands come with good --help output and manpages.

Passwordless sudo #

Caution
Generally, we should not do this on any dev account where we may run complicated third-party scripts because passwordless sudo allows silently executing privileged actions that would normally trigger a password prompt from the user.

To add user to the list of sudoers, we need to edit /etc/sudoers by running visudo. In a root shell:

visudo

Note that, we cannot simply edit this file with, say, sudo vim /etc/sudoers, running that would still open the file in the read-only mode.

Append the following line to the bottom:

username ALL=(ALL) NOPASSWD: ALL
Previous Gnome Desktop Storage Usage Next