How to Add and Remove Users in Ubuntu
Learn how to add and remove users in Ubuntu in this guest post by Jay LaCroix, a Linux expert and the author of Mastering Ubuntu Server – Second Edition.
Creating users in Ubuntu can be done with either of the two commands: adduser and useradd. This can be a little confusing at first, because both of these commands do the same thing (in different ways) and are named very similarly. This tutorial will take you through the useradd command first and then it will explain how adduser differs.
First, here’s an example of the useradd command in action:
sudo useradd -d /home/jdoe -m jdoe
In the above example, you’re creating a user named jdoe. With the -d option, you’re clarifying that you would like a home directory created for this user. Following that, you’ve called out /home/jdoe as the user’s home directory. The -m flag tells the system that you would like the home directory created during the process; otherwise, you’d have had to create the directory yourself. Finally, you’ve called out the username for the new user (that is, jdoe).
If you list the storage of /home, you should see a folder listed there for your new user:
ls -l /home
What about creating the user’s password? You created a new user on your system, but you did not set a password. To create a password for the user, you can use the passwd command. The passwd command defaults to allowing you to change the password for the user you’re currently logged in as, but it also allows you to set a password for any other user if you run it as root or with sudo.
If you enter passwd by itself, the command will first ask you for your current password, then your new password, and then it will ask you to confirm your new password again. If you prefix the command with sudo and then specify a different user account, you can set the password for any user you wish. An example of the output of this process is as follows:
As you can see in the above screenshot, you won’t see any asterisks as you type a password while using the passwd command. This is normal. Although you won’t see any visual indication of input, your input is being recognized.
You now have a new user and you’ve also set a password for that user. The jdoe user will now be able to access the system with the password you’ve chosen.
As mentioned earlier, the adduser command has another way of creating a user. The difference (and convenience) of this command should become apparent immediately once you’ve used it. Go ahead and give it a try; execute adduser along with a username for a user you wish to create. Here’s an example:
In this process, you executed sudo adduser dscully (commands that modify users require sudo or root) and then you were asked a series of questions regarding how you wanted the user to be created. You were asked for the password (twice), Full Name, Room Number, Work Phone, and Home Phone. In the Other field, you entered the comment Trust no one, which is a great mindset to adopt while managing users. The latter prompts prior to the final confirmation were all optional. You didn’t need to enter a Full Name, Room Number, etc. You could’ve pressed Enter to skip those prompts if you wanted to. The only thing that’s really required is the username and the password.
From the output, you can see that the adduser command performed quite a bit of work for you. The command defaulted to using /home/dscully as the home directory for the user, the account was given the next available User ID (UID) and Group ID (GID) of 1002, and it also copied files from /etc/skel into your new user’s home directory. In fact, both the adduser and useradd commands copy files from /etc/skel, but adduser is more verbose regarding the actions it performs.
In a nutshell, the adduser command is much more convenient in the sense that it prompts you for various options while it creates the user without requiring you to memorize command-line options. It also gives you detailed information about what it has done. At this point, you may be wondering why someone would want to use useradd at all, considering how convenient adduser seems to be. Unfortunately, adduser is not available on all distributions of Linux. It’s best to familiarize yourself with useradd in case you find yourself on a Linux system that’s not Ubuntu.
It may be interesting for you to see what exactly the adduser command is. It’s not even a binary program—it’s a shell script. A shell script is simply a text file that can be executed as a program. The adduser script is written in Perl. Since it’s not binary, you can even open it in a text editor in order to view all the magic code that it executes behind the scenes. However, make sure you don’t open the file in a text editor with root privileges so as not to accidentally save changes to the file and break it. The following command will open adduser in a text editor on an Ubuntu Server system:
Use your up/down arrows as well as Page Up and Page Down keys to scroll through the file. When you’re finished, press Ctrl + X on your keyboard to exit the text editor.
Those of you with keen eyes will likely notice that the adduser script is calling useradd to perform its actual work. So either way, you’re using useradd either directly or indirectly.
Now that you know how to create users, it will be useful to understand how to remove them as well. After all, removing access is very important when a user no longer needs to access a system, as unmanaged accounts often become a security risk. To remove a user account, you can use the userdel command.
Before removing an account, though, there is one very important question you should ask yourself. Will you still need access to the user’s files? Most companies have retention policies in place that detail what should happen to a user’s data when he or she leaves the organization. Sometimes, these files are copied into an archive for long-term storage. Often, a manager, coworker, or new hire will need access to the former user’s files to continue working on a project from where they left off. It’s important to understand this policy ahead of managing users. If you don’t have a policy in place that outlines retention requirements for files when users resign, you should probably work with your management and create one.
By default, the userdel command does not remove the contents of the user’s home directory. Use the following command to remove dscully from the system:
sudo userdel dscully
As you can see, the files for the dscully user still exist:
ls -l /home
With the home directory for dscully still existing, you can move the contents of this directory anywhere you’d like to. For example, if you had a directory called /store/file_archive, you can easily move the files there:
sudo mv /home/dscully /store/file_archive
Of course, it’s up to you to create the directory where your long-term storage will ultimately reside, but you get the idea.
If you weren’t already aware, you can create a new directory with the mkdir command. You can create a directory within any other directory your logged-in user has access to. The following command will create the file_archive directory:
sudo mkdir -p /store/file_archive
The -p flag simply creates the parent directory if it didn’t already exist.
If you do actually want to remove a user’s home directory along with removing his/her account, just add the –r option. This will eliminate the user and their data in one shot:
sudo userdel -r dscully
To remove the home directory for the user after the account is already removed (if you didn’t use the –r parameter the first time), use the rm -r command to get rid of it, as you would any other directory:
sudo rm -r /home/dscully
It probably goes without saying, but the rm command can be extremely dangerous. If you’re logged in as root or using sudo while using rm, you can easily destroy your entire installed system if you’re not careful. For example, the following command (while seemingly innocent at first glance) will likely completely destroy your entire filesystem:
sudo rm -r / home/dscully
Notice the typo: there’s a space after the first forward slash. It literally tells the system to remove the contents of the entire filesystem. If the above command were executed, the server wouldn’t even boot the next time you attempt to start it. All user and program data would be wiped out. If there was ever any single reason for you to be protective about the root account, the rm command is certainly it!
That’s it! You’ve now learned how to add and remove users in Ubuntu. If you found this tutorial interesting and want to learn more about the Ubuntu Server, you can explore Mastering Ubuntu Server – Second Edition. The book is an advanced guide that will show you how to administer, manage, and deploy Ubuntu server and will also provide expert-level knowledge on advanced security and backup techniques.