How can I create a non-login user?
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box;
}
I'd like to create a user and a group both called subversion on a RHEL 5 system. I looked at the man page for useradd and I guess the command would be just be...
useradd subversion
However, not sure how to avoid creating a home dir. Also, I don't want it to be a user that can log in to the system.
The main purpose is just to provide an owner for a SVN repository.
linux user-accounts
edited Jul 16 '14 at 10:45
ᔕᖺᘎᕊ
5,27842441
asked Dec 2 '09 at 0:47
EthanEthan
1,39672430
add a comment |
I'd like to create a user and a group both called subversion on a RHEL 5 system. I looked at the man page for useradd and I guess the command would be just be...
useradd subversion
However, not sure how to avoid creating a home dir. Also, I don't want it to be a user that can log in to the system.
The main purpose is just to provide an owner for a SVN repository.
linux user-accounts
edited Jul 16 '14 at 10:45
ᔕᖺᘎᕊ
5,27842441
asked Dec 2 '09 at 0:47
EthanEthan
1,39672430
Have you really looked at man page of useradd and didn't find -M (do not create HOME directory)?
– inemanja
Oct 17 '18 at 11:42
add a comment |
I'd like to create a user and a group both called subversion on a RHEL 5 system. I looked at the man page for useradd and I guess the command would be just be...
useradd subversion
However, not sure how to avoid creating a home dir. Also, I don't want it to be a user that can log in to the system.
The main purpose is just to provide an owner for a SVN repository.
linux user-accounts
edited Jul 16 '14 at 10:45
ᔕᖺᘎᕊ
5,27842441
asked Dec 2 '09 at 0:47
EthanEthan
1,39672430
I'd like to create a user and a group both called subversion on a RHEL 5 system. I looked at the man page for useradd and I guess the command would be just be...
useradd subversion
However, not sure how to avoid creating a home dir. Also, I don't want it to be a user that can log in to the system.
The main purpose is just to provide an owner for a SVN repository.
linux user-accounts
linux user-accounts
edited Jul 16 '14 at 10:45
ᔕᖺᘎᕊ
5,27842441
asked Dec 2 '09 at 0:47
EthanEthan
1,39672430
edited Jul 16 '14 at 10:45
ᔕᖺᘎᕊ
5,27842441
asked Dec 2 '09 at 0:47
EthanEthan
1,39672430
edited Jul 16 '14 at 10:45
ᔕᖺᘎᕊ
5,27842441
edited Jul 16 '14 at 10:45
ᔕᖺᘎᕊ
5,27842441
edited Jul 16 '14 at 10:45
ᔕᖺᘎᕊ
5,27842441
5,27842441
asked Dec 2 '09 at 0:47
EthanEthan
1,39672430
asked Dec 2 '09 at 0:47
EthanEthan
1,39672430
asked Dec 2 '09 at 0:47
EthanEthan
1,39672430
1,39672430
Have you really looked at man page of useradd and didn't find -M (do not create HOME directory)?
– inemanja
Oct 17 '18 at 11:42
add a comment |
Have you really looked at man page of useradd and didn't find -M (do not create HOME directory)?
– inemanja
Oct 17 '18 at 11:42
Have you really looked at man page of useradd and didn't find -M (do not create HOME directory)?
– inemanja
Oct 17 '18 at 11:42
Have you really looked at man page of useradd and didn't find -M (do not create HOME directory)?
– inemanja
Oct 17 '18 at 11:42
add a comment |
6 Answers
6
active
oldest
votes
You can use the -M switch (make sure it's a capital) to ensure no home directory will be created:
useradd -M subversion
then lock the account to prevent logging in:
usermod -L subversion
answered Dec 2 '09 at 0:58
John TJohn T
144k20295331
53
This isn't a particularly strong answer, the user created by this means still has a shell. And you did not even warn the OP that this was the case. Retrospectively that would beusermod -s /bin/false subversion, or with--shell /bin/falsetouseradd
– Lee Hambley
Sep 14 '11 at 16:55
5
@beak the account is locked, having a shell is a moot point.
– John T
Sep 14 '11 at 22:55
12
@beak actually only the root user would be able to su to the locked account, but why bother if the person has gained root access already? And setting the shell doesn't do much when a user can runsu -s /bin/bash usernameand bypass that.
– John T
Sep 15 '11 at 22:44
9
thanks for taking the time to have the discussion, you are of course correct; but it pains me to see non-login users with shells defined, it strikes me as lazy, and incase someone is unfamiliar with the system, it's nice that they can't accidentally do something unintended; hackers are a different breed, if they already got a shell on the machine, I think it's basically game over
– Lee Hambley
Sep 16 '11 at 6:43
8
These comments covered exactly the things I was hoping to learn, thanks @Beaks && John T
– Rixius
Feb 14 '13 at 20:27
|
show 5 more comments
useradd -r subversion
per man useradd:
-r, --system create a system account
The -r flag will create a system user - one which does not have a password, a home dir and is unable to login.
answered Dec 6 '12 at 20:10
rynoprynop
2,080286
1
this command will even create a group for the user called the same. So the "subversion" user will be in the "subversion" group. Great for when you later want to do "sudo chown -R subversion:subversion /path/to/folder"
– s3v1
Aug 15 '13 at 12:07
40
with -r alone we can still login though. we need -s /bin/false to disable the user shell.
– c4il
Oct 25 '13 at 13:27
6
@c4il But the only one that can login into them is root, right? I mean, they don't have a password, so I would expect only root to be able to log into them.
– Camilo Martin
Jul 12 '14 at 20:48
add a comment |
Another solution to create a system user, using adduser :
adduser --system --no-create-home --group yourusername
You can remove --group if you don't need group yourusername, and --no-create-home if you do need a home for this user.
As mentionned by py4on in comments, on some systems one may need to use the --disabled-login option in order to, well, disable login for this user. It seems to be the default behaviour under Debian, though.
Beware that the numeric ID of the user will be of a system account. You can fix the uid using the --uid option, though.
Finally, note that on some systems (e.g. Fedora) adduser is a symlink to useradd, in which case this answer is not valid.
answered Mar 1 '15 at 20:04
Skippy le Grand GourouSkippy le Grand Gourou
1,17211217
3
To address "I don't want it to be a user that can log in" add the flag--disabled-loginas well (beforeyourusername)
– py4on
Jul 30 '15 at 10:37
@py4on : Though this option is documented in the manpage, it seems to be the default under Debian at least.
– Skippy le Grand Gourou
Aug 1 '15 at 19:59
add a comment |
The cleanest answer to the original question is to run the command:
adduser subversion --shell=/bin/false
And if you don't want the home directory either:
adduser subversion --shell=/bin/false --no-create-home
or, if you want an even more locked down system user (Normally this won't create a home directory - it has been reported that it will still create a home directory in linux mint as per comment below)
adduser subversion --system --group
All these commands will create a group with the same name as the user
answered May 17 '16 at 6:15
TimmyGeeTimmyGee
13114
On Mint the last command definitely creates a home dir:Creating home directory '/home/nodejs' ...
– jcollum
Feb 2 at 22:38
add a comment |
The safest form of doing this would be to use adduser like so:
$ adduser -r -s /bin/nologin subversion
NOTE: Be sure to include -s /sbin/nologin to disable any login shell from being made available to the account.
Confirmation of setup
$ grep subversion /etc/passwd /etc/shadow
/etc/passwd:subversion:x:496:496::/home/subversion:/bin/nologin
/etc/shadow:subversion:!!:17232::::::
However there's no directory:
$ ll /home | grep subversion
$
Confirm that the account is otherwise usable:
$ sudo -u subversion whoami
subversion
$ sudo -u subversion date
Tue Mar 7 08:58:57 EST 2017
Removal
If you need to remove this account:
$ userdel subversion -r
userdel: subversion mail spool (/var/spool/mail/subversion) not found
userdel: subversion home directory (/home/subversion) not found
$
And confirm:
$ grep rtim-hc-user /etc/passwd /etc/shadow
$
answered Mar 7 '17 at 14:04
slmslm
6,52563847
adduser doesn't recognize the -r option. I think you meant useradd.
– felwithe
Jul 29 '17 at 16:30
@felwithe no, every answer I write up I always test before posting. I checked and that switch shows on a CentOS 6.x system.
– slm
Jul 29 '17 at 20:10
Here is a pastebin of the result. I'm on Ubuntu 16 LTS. I don't know what version of adduser is installed but I never imagined it would change much over time or system to system. I then tried it with a --system flag instead, which created a homedir for the user (I didn't want one). Finally I just did it with useradd instead of adduser and it worked as planned. So I just assumed that you'd mistyped it as adduser when it was supposed to be useradd.
– felwithe
Jul 30 '17 at 0:18
@felwithe yeah I wasn't doubting you, just letting you know that I tried it 8-). I'm a mod on the Unix and Linux site and these cmds are notoriously different b/w distros. The OP mentions RHEL in the question hence why I answered it like so, but they didn't tag it as red hat specific, which is part of the confusion on this Q&A IMO.
– slm
Jul 30 '17 at 0:31
add a comment |
On a CentOS 7 machine
if the user does not exist:
useradd testuser --shell=/sbin/nologinif you want to modify an existing user:
usermod testuser --shell=/sbin/nologin
edited Sep 7 '16 at 18:53
Kamil Maciorowski
29.2k156288
answered Sep 6 '16 at 15:06
lauc.exon.nodlauc.exon.nod
111
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f77617%2fhow-can-i-create-a-non-login-user%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
6 Answers
6
active
oldest
votes
6 Answers
6
active
oldest
votes
active
oldest
votes
active
oldest
votes
You can use the -M switch (make sure it's a capital) to ensure no home directory will be created:
useradd -M subversion
then lock the account to prevent logging in:
usermod -L subversion
answered Dec 2 '09 at 0:58
John TJohn T
144k20295331
53
This isn't a particularly strong answer, the user created by this means still has a shell. And you did not even warn the OP that this was the case. Retrospectively that would beusermod -s /bin/false subversion, or with--shell /bin/falsetouseradd
– Lee Hambley
Sep 14 '11 at 16:55
5
@beak the account is locked, having a shell is a moot point.
– John T
Sep 14 '11 at 22:55
12
@beak actually only the root user would be able to su to the locked account, but why bother if the person has gained root access already? And setting the shell doesn't do much when a user can runsu -s /bin/bash usernameand bypass that.
– John T
Sep 15 '11 at 22:44
9
thanks for taking the time to have the discussion, you are of course correct; but it pains me to see non-login users with shells defined, it strikes me as lazy, and incase someone is unfamiliar with the system, it's nice that they can't accidentally do something unintended; hackers are a different breed, if they already got a shell on the machine, I think it's basically game over
– Lee Hambley
Sep 16 '11 at 6:43
8
These comments covered exactly the things I was hoping to learn, thanks @Beaks && John T
– Rixius
Feb 14 '13 at 20:27
|
show 5 more comments
You can use the -M switch (make sure it's a capital) to ensure no home directory will be created:
useradd -M subversion
then lock the account to prevent logging in:
usermod -L subversion
answered Dec 2 '09 at 0:58
John TJohn T
144k20295331
53
This isn't a particularly strong answer, the user created by this means still has a shell. And you did not even warn the OP that this was the case. Retrospectively that would beusermod -s /bin/false subversion, or with--shell /bin/falsetouseradd
– Lee Hambley
Sep 14 '11 at 16:55
5
@beak the account is locked, having a shell is a moot point.
– John T
Sep 14 '11 at 22:55
12
@beak actually only the root user would be able to su to the locked account, but why bother if the person has gained root access already? And setting the shell doesn't do much when a user can runsu -s /bin/bash usernameand bypass that.
– John T
Sep 15 '11 at 22:44
9
thanks for taking the time to have the discussion, you are of course correct; but it pains me to see non-login users with shells defined, it strikes me as lazy, and incase someone is unfamiliar with the system, it's nice that they can't accidentally do something unintended; hackers are a different breed, if they already got a shell on the machine, I think it's basically game over
– Lee Hambley
Sep 16 '11 at 6:43
8
These comments covered exactly the things I was hoping to learn, thanks @Beaks && John T
– Rixius
Feb 14 '13 at 20:27
|
show 5 more comments
You can use the -M switch (make sure it's a capital) to ensure no home directory will be created:
useradd -M subversion
then lock the account to prevent logging in:
usermod -L subversion
answered Dec 2 '09 at 0:58
John TJohn T
144k20295331
You can use the -M switch (make sure it's a capital) to ensure no home directory will be created:
useradd -M subversion
then lock the account to prevent logging in:
usermod -L subversion
answered Dec 2 '09 at 0:58
John TJohn T
144k20295331
answered Dec 2 '09 at 0:58
John TJohn T
144k20295331
answered Dec 2 '09 at 0:58
John TJohn T
144k20295331
answered Dec 2 '09 at 0:58
John TJohn T
144k20295331
144k20295331
53
This isn't a particularly strong answer, the user created by this means still has a shell. And you did not even warn the OP that this was the case. Retrospectively that would beusermod -s /bin/false subversion, or with--shell /bin/falsetouseradd
– Lee Hambley
Sep 14 '11 at 16:55
5
@beak the account is locked, having a shell is a moot point.
– John T
Sep 14 '11 at 22:55
12
@beak actually only the root user would be able to su to the locked account, but why bother if the person has gained root access already? And setting the shell doesn't do much when a user can runsu -s /bin/bash usernameand bypass that.
– John T
Sep 15 '11 at 22:44
9
thanks for taking the time to have the discussion, you are of course correct; but it pains me to see non-login users with shells defined, it strikes me as lazy, and incase someone is unfamiliar with the system, it's nice that they can't accidentally do something unintended; hackers are a different breed, if they already got a shell on the machine, I think it's basically game over
– Lee Hambley
Sep 16 '11 at 6:43
8
These comments covered exactly the things I was hoping to learn, thanks @Beaks && John T
– Rixius
Feb 14 '13 at 20:27
|
show 5 more comments
53
This isn't a particularly strong answer, the user created by this means still has a shell. And you did not even warn the OP that this was the case. Retrospectively that would beusermod -s /bin/false subversion, or with--shell /bin/falsetouseradd
– Lee Hambley
Sep 14 '11 at 16:55
5
@beak the account is locked, having a shell is a moot point.
– John T
Sep 14 '11 at 22:55
12
@beak actually only the root user would be able to su to the locked account, but why bother if the person has gained root access already? And setting the shell doesn't do much when a user can runsu -s /bin/bash usernameand bypass that.
– John T
Sep 15 '11 at 22:44
9
thanks for taking the time to have the discussion, you are of course correct; but it pains me to see non-login users with shells defined, it strikes me as lazy, and incase someone is unfamiliar with the system, it's nice that they can't accidentally do something unintended; hackers are a different breed, if they already got a shell on the machine, I think it's basically game over
– Lee Hambley
Sep 16 '11 at 6:43
8
These comments covered exactly the things I was hoping to learn, thanks @Beaks && John T
– Rixius
Feb 14 '13 at 20:27
53
53
This isn't a particularly strong answer, the user created by this means still has a shell. And you did not even warn the OP that this was the case. Retrospectively that would be
usermod -s /bin/false subversion, or with --shell /bin/false to useradd– Lee Hambley
Sep 14 '11 at 16:55
This isn't a particularly strong answer, the user created by this means still has a shell. And you did not even warn the OP that this was the case. Retrospectively that would be
usermod -s /bin/false subversion, or with --shell /bin/false to useradd– Lee Hambley
Sep 14 '11 at 16:55
5
5
@beak the account is locked, having a shell is a moot point.
– John T
Sep 14 '11 at 22:55
@beak the account is locked, having a shell is a moot point.
– John T
Sep 14 '11 at 22:55
12
12
@beak actually only the root user would be able to su to the locked account, but why bother if the person has gained root access already? And setting the shell doesn't do much when a user can run
su -s /bin/bash username and bypass that.– John T
Sep 15 '11 at 22:44
@beak actually only the root user would be able to su to the locked account, but why bother if the person has gained root access already? And setting the shell doesn't do much when a user can run
su -s /bin/bash username and bypass that.– John T
Sep 15 '11 at 22:44
9
9
thanks for taking the time to have the discussion, you are of course correct; but it pains me to see non-login users with shells defined, it strikes me as lazy, and incase someone is unfamiliar with the system, it's nice that they can't accidentally do something unintended; hackers are a different breed, if they already got a shell on the machine, I think it's basically game over
– Lee Hambley
Sep 16 '11 at 6:43
thanks for taking the time to have the discussion, you are of course correct; but it pains me to see non-login users with shells defined, it strikes me as lazy, and incase someone is unfamiliar with the system, it's nice that they can't accidentally do something unintended; hackers are a different breed, if they already got a shell on the machine, I think it's basically game over
– Lee Hambley
Sep 16 '11 at 6:43
8
8
These comments covered exactly the things I was hoping to learn, thanks @Beaks && John T
– Rixius
Feb 14 '13 at 20:27
These comments covered exactly the things I was hoping to learn, thanks @Beaks && John T
– Rixius
Feb 14 '13 at 20:27
|
show 5 more comments
useradd -r subversion
per man useradd:
-r, --system create a system account
The -r flag will create a system user - one which does not have a password, a home dir and is unable to login.
answered Dec 6 '12 at 20:10
rynoprynop
2,080286
1
this command will even create a group for the user called the same. So the "subversion" user will be in the "subversion" group. Great for when you later want to do "sudo chown -R subversion:subversion /path/to/folder"
– s3v1
Aug 15 '13 at 12:07
40
with -r alone we can still login though. we need -s /bin/false to disable the user shell.
– c4il
Oct 25 '13 at 13:27
6
@c4il But the only one that can login into them is root, right? I mean, they don't have a password, so I would expect only root to be able to log into them.
– Camilo Martin
Jul 12 '14 at 20:48
add a comment |
useradd -r subversion
per man useradd:
-r, --system create a system account
The -r flag will create a system user - one which does not have a password, a home dir and is unable to login.
answered Dec 6 '12 at 20:10
rynoprynop
2,080286
1
this command will even create a group for the user called the same. So the "subversion" user will be in the "subversion" group. Great for when you later want to do "sudo chown -R subversion:subversion /path/to/folder"
– s3v1
Aug 15 '13 at 12:07
40
with -r alone we can still login though. we need -s /bin/false to disable the user shell.
– c4il
Oct 25 '13 at 13:27
6
@c4il But the only one that can login into them is root, right? I mean, they don't have a password, so I would expect only root to be able to log into them.
– Camilo Martin
Jul 12 '14 at 20:48
add a comment |
useradd -r subversion
per man useradd:
-r, --system create a system account
The -r flag will create a system user - one which does not have a password, a home dir and is unable to login.
answered Dec 6 '12 at 20:10
rynoprynop
2,080286
useradd -r subversion
per man useradd:
-r, --system create a system account
The -r flag will create a system user - one which does not have a password, a home dir and is unable to login.
answered Dec 6 '12 at 20:10
rynoprynop
2,080286
edited Jul 14 '14 at 1:03
answered Dec 6 '12 at 20:10
rynoprynop
2,080286
answered Dec 6 '12 at 20:10
rynoprynop
2,080286
answered Dec 6 '12 at 20:10
rynoprynop
2,080286
2,080286
1
this command will even create a group for the user called the same. So the "subversion" user will be in the "subversion" group. Great for when you later want to do "sudo chown -R subversion:subversion /path/to/folder"
– s3v1
Aug 15 '13 at 12:07
40
with -r alone we can still login though. we need -s /bin/false to disable the user shell.
– c4il
Oct 25 '13 at 13:27
6
@c4il But the only one that can login into them is root, right? I mean, they don't have a password, so I would expect only root to be able to log into them.
– Camilo Martin
Jul 12 '14 at 20:48
add a comment |
1
this command will even create a group for the user called the same. So the "subversion" user will be in the "subversion" group. Great for when you later want to do "sudo chown -R subversion:subversion /path/to/folder"
– s3v1
Aug 15 '13 at 12:07
40
with -r alone we can still login though. we need -s /bin/false to disable the user shell.
– c4il
Oct 25 '13 at 13:27
6
@c4il But the only one that can login into them is root, right? I mean, they don't have a password, so I would expect only root to be able to log into them.
– Camilo Martin
Jul 12 '14 at 20:48
1
1
this command will even create a group for the user called the same. So the "subversion" user will be in the "subversion" group. Great for when you later want to do "sudo chown -R subversion:subversion /path/to/folder"
– s3v1
Aug 15 '13 at 12:07
this command will even create a group for the user called the same. So the "subversion" user will be in the "subversion" group. Great for when you later want to do "sudo chown -R subversion:subversion /path/to/folder"
– s3v1
Aug 15 '13 at 12:07
40
40
with -r alone we can still login though. we need -s /bin/false to disable the user shell.
– c4il
Oct 25 '13 at 13:27
with -r alone we can still login though. we need -s /bin/false to disable the user shell.
– c4il
Oct 25 '13 at 13:27
6
6
@c4il But the only one that can login into them is root, right? I mean, they don't have a password, so I would expect only root to be able to log into them.
– Camilo Martin
Jul 12 '14 at 20:48
@c4il But the only one that can login into them is root, right? I mean, they don't have a password, so I would expect only root to be able to log into them.
– Camilo Martin
Jul 12 '14 at 20:48
add a comment |
Another solution to create a system user, using adduser :
adduser --system --no-create-home --group yourusername
You can remove --group if you don't need group yourusername, and --no-create-home if you do need a home for this user.
As mentionned by py4on in comments, on some systems one may need to use the --disabled-login option in order to, well, disable login for this user. It seems to be the default behaviour under Debian, though.
Beware that the numeric ID of the user will be of a system account. You can fix the uid using the --uid option, though.
Finally, note that on some systems (e.g. Fedora) adduser is a symlink to useradd, in which case this answer is not valid.
answered Mar 1 '15 at 20:04
Skippy le Grand GourouSkippy le Grand Gourou
1,17211217
3
To address "I don't want it to be a user that can log in" add the flag--disabled-loginas well (beforeyourusername)
– py4on
Jul 30 '15 at 10:37
@py4on : Though this option is documented in the manpage, it seems to be the default under Debian at least.
– Skippy le Grand Gourou
Aug 1 '15 at 19:59
add a comment |
Another solution to create a system user, using adduser :
adduser --system --no-create-home --group yourusername
You can remove --group if you don't need group yourusername, and --no-create-home if you do need a home for this user.
As mentionned by py4on in comments, on some systems one may need to use the --disabled-login option in order to, well, disable login for this user. It seems to be the default behaviour under Debian, though.
Beware that the numeric ID of the user will be of a system account. You can fix the uid using the --uid option, though.
Finally, note that on some systems (e.g. Fedora) adduser is a symlink to useradd, in which case this answer is not valid.
answered Mar 1 '15 at 20:04
Skippy le Grand GourouSkippy le Grand Gourou
1,17211217
3
To address "I don't want it to be a user that can log in" add the flag--disabled-loginas well (beforeyourusername)
– py4on
Jul 30 '15 at 10:37
@py4on : Though this option is documented in the manpage, it seems to be the default under Debian at least.
– Skippy le Grand Gourou
Aug 1 '15 at 19:59
add a comment |
Another solution to create a system user, using adduser :
adduser --system --no-create-home --group yourusername
You can remove --group if you don't need group yourusername, and --no-create-home if you do need a home for this user.
As mentionned by py4on in comments, on some systems one may need to use the --disabled-login option in order to, well, disable login for this user. It seems to be the default behaviour under Debian, though.
Beware that the numeric ID of the user will be of a system account. You can fix the uid using the --uid option, though.
Finally, note that on some systems (e.g. Fedora) adduser is a symlink to useradd, in which case this answer is not valid.
answered Mar 1 '15 at 20:04
Skippy le Grand GourouSkippy le Grand Gourou
1,17211217
Another solution to create a system user, using adduser :
adduser --system --no-create-home --group yourusername
You can remove --group if you don't need group yourusername, and --no-create-home if you do need a home for this user.
As mentionned by py4on in comments, on some systems one may need to use the --disabled-login option in order to, well, disable login for this user. It seems to be the default behaviour under Debian, though.
Beware that the numeric ID of the user will be of a system account. You can fix the uid using the --uid option, though.
Finally, note that on some systems (e.g. Fedora) adduser is a symlink to useradd, in which case this answer is not valid.
answered Mar 1 '15 at 20:04
Skippy le Grand GourouSkippy le Grand Gourou
1,17211217
edited Aug 1 '15 at 20:03
answered Mar 1 '15 at 20:04
Skippy le Grand GourouSkippy le Grand Gourou
1,17211217
answered Mar 1 '15 at 20:04
Skippy le Grand GourouSkippy le Grand Gourou
1,17211217
answered Mar 1 '15 at 20:04
Skippy le Grand GourouSkippy le Grand Gourou
1,17211217
1,17211217
3
To address "I don't want it to be a user that can log in" add the flag--disabled-loginas well (beforeyourusername)
– py4on
Jul 30 '15 at 10:37
@py4on : Though this option is documented in the manpage, it seems to be the default under Debian at least.
– Skippy le Grand Gourou
Aug 1 '15 at 19:59
add a comment |
3
To address "I don't want it to be a user that can log in" add the flag--disabled-loginas well (beforeyourusername)
– py4on
Jul 30 '15 at 10:37
@py4on : Though this option is documented in the manpage, it seems to be the default under Debian at least.
– Skippy le Grand Gourou
Aug 1 '15 at 19:59
3
3
To address "I don't want it to be a user that can log in" add the flag
--disabled-login as well (before yourusername)– py4on
Jul 30 '15 at 10:37
To address "I don't want it to be a user that can log in" add the flag
--disabled-login as well (before yourusername)– py4on
Jul 30 '15 at 10:37
@py4on : Though this option is documented in the manpage, it seems to be the default under Debian at least.
– Skippy le Grand Gourou
Aug 1 '15 at 19:59
@py4on : Though this option is documented in the manpage, it seems to be the default under Debian at least.
– Skippy le Grand Gourou
Aug 1 '15 at 19:59
add a comment |
The cleanest answer to the original question is to run the command:
adduser subversion --shell=/bin/false
And if you don't want the home directory either:
adduser subversion --shell=/bin/false --no-create-home
or, if you want an even more locked down system user (Normally this won't create a home directory - it has been reported that it will still create a home directory in linux mint as per comment below)
adduser subversion --system --group
All these commands will create a group with the same name as the user
answered May 17 '16 at 6:15
TimmyGeeTimmyGee
13114
On Mint the last command definitely creates a home dir:Creating home directory '/home/nodejs' ...
– jcollum
Feb 2 at 22:38
add a comment |
The cleanest answer to the original question is to run the command:
adduser subversion --shell=/bin/false
And if you don't want the home directory either:
adduser subversion --shell=/bin/false --no-create-home
or, if you want an even more locked down system user (Normally this won't create a home directory - it has been reported that it will still create a home directory in linux mint as per comment below)
adduser subversion --system --group
All these commands will create a group with the same name as the user
answered May 17 '16 at 6:15
TimmyGeeTimmyGee
13114
On Mint the last command definitely creates a home dir:Creating home directory '/home/nodejs' ...
– jcollum
Feb 2 at 22:38
add a comment |
The cleanest answer to the original question is to run the command:
adduser subversion --shell=/bin/false
And if you don't want the home directory either:
adduser subversion --shell=/bin/false --no-create-home
or, if you want an even more locked down system user (Normally this won't create a home directory - it has been reported that it will still create a home directory in linux mint as per comment below)
adduser subversion --system --group
All these commands will create a group with the same name as the user
answered May 17 '16 at 6:15
TimmyGeeTimmyGee
13114
The cleanest answer to the original question is to run the command:
adduser subversion --shell=/bin/false
And if you don't want the home directory either:
adduser subversion --shell=/bin/false --no-create-home
or, if you want an even more locked down system user (Normally this won't create a home directory - it has been reported that it will still create a home directory in linux mint as per comment below)
adduser subversion --system --group
All these commands will create a group with the same name as the user
answered May 17 '16 at 6:15
TimmyGeeTimmyGee
13114
edited Feb 4 at 14:52
answered May 17 '16 at 6:15
TimmyGeeTimmyGee
13114
answered May 17 '16 at 6:15
TimmyGeeTimmyGee
13114
answered May 17 '16 at 6:15
TimmyGeeTimmyGee
13114
13114
On Mint the last command definitely creates a home dir:Creating home directory '/home/nodejs' ...
– jcollum
Feb 2 at 22:38
add a comment |
On Mint the last command definitely creates a home dir:Creating home directory '/home/nodejs' ...
– jcollum
Feb 2 at 22:38
On Mint the last command definitely creates a home dir:
Creating home directory '/home/nodejs' ...– jcollum
Feb 2 at 22:38
On Mint the last command definitely creates a home dir:
Creating home directory '/home/nodejs' ...– jcollum
Feb 2 at 22:38
add a comment |
The safest form of doing this would be to use adduser like so:
$ adduser -r -s /bin/nologin subversion
NOTE: Be sure to include -s /sbin/nologin to disable any login shell from being made available to the account.
Confirmation of setup
$ grep subversion /etc/passwd /etc/shadow
/etc/passwd:subversion:x:496:496::/home/subversion:/bin/nologin
/etc/shadow:subversion:!!:17232::::::
However there's no directory:
$ ll /home | grep subversion
$
Confirm that the account is otherwise usable:
$ sudo -u subversion whoami
subversion
$ sudo -u subversion date
Tue Mar 7 08:58:57 EST 2017
Removal
If you need to remove this account:
$ userdel subversion -r
userdel: subversion mail spool (/var/spool/mail/subversion) not found
userdel: subversion home directory (/home/subversion) not found
$
And confirm:
$ grep rtim-hc-user /etc/passwd /etc/shadow
$
answered Mar 7 '17 at 14:04
slmslm
6,52563847
adduser doesn't recognize the -r option. I think you meant useradd.
– felwithe
Jul 29 '17 at 16:30
@felwithe no, every answer I write up I always test before posting. I checked and that switch shows on a CentOS 6.x system.
– slm
Jul 29 '17 at 20:10
Here is a pastebin of the result. I'm on Ubuntu 16 LTS. I don't know what version of adduser is installed but I never imagined it would change much over time or system to system. I then tried it with a --system flag instead, which created a homedir for the user (I didn't want one). Finally I just did it with useradd instead of adduser and it worked as planned. So I just assumed that you'd mistyped it as adduser when it was supposed to be useradd.
– felwithe
Jul 30 '17 at 0:18
@felwithe yeah I wasn't doubting you, just letting you know that I tried it 8-). I'm a mod on the Unix and Linux site and these cmds are notoriously different b/w distros. The OP mentions RHEL in the question hence why I answered it like so, but they didn't tag it as red hat specific, which is part of the confusion on this Q&A IMO.
– slm
Jul 30 '17 at 0:31
add a comment |
The safest form of doing this would be to use adduser like so:
$ adduser -r -s /bin/nologin subversion
NOTE: Be sure to include -s /sbin/nologin to disable any login shell from being made available to the account.
Confirmation of setup
$ grep subversion /etc/passwd /etc/shadow
/etc/passwd:subversion:x:496:496::/home/subversion:/bin/nologin
/etc/shadow:subversion:!!:17232::::::
However there's no directory:
$ ll /home | grep subversion
$
Confirm that the account is otherwise usable:
$ sudo -u subversion whoami
subversion
$ sudo -u subversion date
Tue Mar 7 08:58:57 EST 2017
Removal
If you need to remove this account:
$ userdel subversion -r
userdel: subversion mail spool (/var/spool/mail/subversion) not found
userdel: subversion home directory (/home/subversion) not found
$
And confirm:
$ grep rtim-hc-user /etc/passwd /etc/shadow
$
answered Mar 7 '17 at 14:04
slmslm
6,52563847
adduser doesn't recognize the -r option. I think you meant useradd.
– felwithe
Jul 29 '17 at 16:30
@felwithe no, every answer I write up I always test before posting. I checked and that switch shows on a CentOS 6.x system.
– slm
Jul 29 '17 at 20:10
Here is a pastebin of the result. I'm on Ubuntu 16 LTS. I don't know what version of adduser is installed but I never imagined it would change much over time or system to system. I then tried it with a --system flag instead, which created a homedir for the user (I didn't want one). Finally I just did it with useradd instead of adduser and it worked as planned. So I just assumed that you'd mistyped it as adduser when it was supposed to be useradd.
– felwithe
Jul 30 '17 at 0:18
@felwithe yeah I wasn't doubting you, just letting you know that I tried it 8-). I'm a mod on the Unix and Linux site and these cmds are notoriously different b/w distros. The OP mentions RHEL in the question hence why I answered it like so, but they didn't tag it as red hat specific, which is part of the confusion on this Q&A IMO.
– slm
Jul 30 '17 at 0:31
add a comment |
The safest form of doing this would be to use adduser like so:
$ adduser -r -s /bin/nologin subversion
NOTE: Be sure to include -s /sbin/nologin to disable any login shell from being made available to the account.
Confirmation of setup
$ grep subversion /etc/passwd /etc/shadow
/etc/passwd:subversion:x:496:496::/home/subversion:/bin/nologin
/etc/shadow:subversion:!!:17232::::::
However there's no directory:
$ ll /home | grep subversion
$
Confirm that the account is otherwise usable:
$ sudo -u subversion whoami
subversion
$ sudo -u subversion date
Tue Mar 7 08:58:57 EST 2017
Removal
If you need to remove this account:
$ userdel subversion -r
userdel: subversion mail spool (/var/spool/mail/subversion) not found
userdel: subversion home directory (/home/subversion) not found
$
And confirm:
$ grep rtim-hc-user /etc/passwd /etc/shadow
$
answered Mar 7 '17 at 14:04
slmslm
6,52563847
The safest form of doing this would be to use adduser like so:
$ adduser -r -s /bin/nologin subversion
NOTE: Be sure to include -s /sbin/nologin to disable any login shell from being made available to the account.
Confirmation of setup
$ grep subversion /etc/passwd /etc/shadow
/etc/passwd:subversion:x:496:496::/home/subversion:/bin/nologin
/etc/shadow:subversion:!!:17232::::::
However there's no directory:
$ ll /home | grep subversion
$
Confirm that the account is otherwise usable:
$ sudo -u subversion whoami
subversion
$ sudo -u subversion date
Tue Mar 7 08:58:57 EST 2017
Removal
If you need to remove this account:
$ userdel subversion -r
userdel: subversion mail spool (/var/spool/mail/subversion) not found
userdel: subversion home directory (/home/subversion) not found
$
And confirm:
$ grep rtim-hc-user /etc/passwd /etc/shadow
$
answered Mar 7 '17 at 14:04
slmslm
6,52563847
answered Mar 7 '17 at 14:04
slmslm
6,52563847
answered Mar 7 '17 at 14:04
slmslm
6,52563847
answered Mar 7 '17 at 14:04
slmslm
6,52563847
6,52563847
adduser doesn't recognize the -r option. I think you meant useradd.
– felwithe
Jul 29 '17 at 16:30
@felwithe no, every answer I write up I always test before posting. I checked and that switch shows on a CentOS 6.x system.
– slm
Jul 29 '17 at 20:10
Here is a pastebin of the result. I'm on Ubuntu 16 LTS. I don't know what version of adduser is installed but I never imagined it would change much over time or system to system. I then tried it with a --system flag instead, which created a homedir for the user (I didn't want one). Finally I just did it with useradd instead of adduser and it worked as planned. So I just assumed that you'd mistyped it as adduser when it was supposed to be useradd.
– felwithe
Jul 30 '17 at 0:18
@felwithe yeah I wasn't doubting you, just letting you know that I tried it 8-). I'm a mod on the Unix and Linux site and these cmds are notoriously different b/w distros. The OP mentions RHEL in the question hence why I answered it like so, but they didn't tag it as red hat specific, which is part of the confusion on this Q&A IMO.
– slm
Jul 30 '17 at 0:31
add a comment |
adduser doesn't recognize the -r option. I think you meant useradd.
– felwithe
Jul 29 '17 at 16:30
@felwithe no, every answer I write up I always test before posting. I checked and that switch shows on a CentOS 6.x system.
– slm
Jul 29 '17 at 20:10
Here is a pastebin of the result. I'm on Ubuntu 16 LTS. I don't know what version of adduser is installed but I never imagined it would change much over time or system to system. I then tried it with a --system flag instead, which created a homedir for the user (I didn't want one). Finally I just did it with useradd instead of adduser and it worked as planned. So I just assumed that you'd mistyped it as adduser when it was supposed to be useradd.
– felwithe
Jul 30 '17 at 0:18
@felwithe yeah I wasn't doubting you, just letting you know that I tried it 8-). I'm a mod on the Unix and Linux site and these cmds are notoriously different b/w distros. The OP mentions RHEL in the question hence why I answered it like so, but they didn't tag it as red hat specific, which is part of the confusion on this Q&A IMO.
– slm
Jul 30 '17 at 0:31
adduser doesn't recognize the -r option. I think you meant useradd.
– felwithe
Jul 29 '17 at 16:30
adduser doesn't recognize the -r option. I think you meant useradd.
– felwithe
Jul 29 '17 at 16:30
@felwithe no, every answer I write up I always test before posting. I checked and that switch shows on a CentOS 6.x system.
– slm
Jul 29 '17 at 20:10
@felwithe no, every answer I write up I always test before posting. I checked and that switch shows on a CentOS 6.x system.
– slm
Jul 29 '17 at 20:10
Here is a pastebin of the result. I'm on Ubuntu 16 LTS. I don't know what version of adduser is installed but I never imagined it would change much over time or system to system. I then tried it with a --system flag instead, which created a homedir for the user (I didn't want one). Finally I just did it with useradd instead of adduser and it worked as planned. So I just assumed that you'd mistyped it as adduser when it was supposed to be useradd.
– felwithe
Jul 30 '17 at 0:18
Here is a pastebin of the result. I'm on Ubuntu 16 LTS. I don't know what version of adduser is installed but I never imagined it would change much over time or system to system. I then tried it with a --system flag instead, which created a homedir for the user (I didn't want one). Finally I just did it with useradd instead of adduser and it worked as planned. So I just assumed that you'd mistyped it as adduser when it was supposed to be useradd.
– felwithe
Jul 30 '17 at 0:18
@felwithe yeah I wasn't doubting you, just letting you know that I tried it 8-). I'm a mod on the Unix and Linux site and these cmds are notoriously different b/w distros. The OP mentions RHEL in the question hence why I answered it like so, but they didn't tag it as red hat specific, which is part of the confusion on this Q&A IMO.
– slm
Jul 30 '17 at 0:31
@felwithe yeah I wasn't doubting you, just letting you know that I tried it 8-). I'm a mod on the Unix and Linux site and these cmds are notoriously different b/w distros. The OP mentions RHEL in the question hence why I answered it like so, but they didn't tag it as red hat specific, which is part of the confusion on this Q&A IMO.
– slm
Jul 30 '17 at 0:31
add a comment |
On a CentOS 7 machine
if the user does not exist:
useradd testuser --shell=/sbin/nologinif you want to modify an existing user:
usermod testuser --shell=/sbin/nologin
edited Sep 7 '16 at 18:53
Kamil Maciorowski
29.2k156288
answered Sep 6 '16 at 15:06
lauc.exon.nodlauc.exon.nod
111
add a comment |
On a CentOS 7 machine
if the user does not exist:
useradd testuser --shell=/sbin/nologinif you want to modify an existing user:
usermod testuser --shell=/sbin/nologin
edited Sep 7 '16 at 18:53
Kamil Maciorowski
29.2k156288
answered Sep 6 '16 at 15:06
lauc.exon.nodlauc.exon.nod
111
add a comment |
On a CentOS 7 machine
if the user does not exist:
useradd testuser --shell=/sbin/nologinif you want to modify an existing user:
usermod testuser --shell=/sbin/nologin
edited Sep 7 '16 at 18:53
Kamil Maciorowski
29.2k156288
answered Sep 6 '16 at 15:06
lauc.exon.nodlauc.exon.nod
111
On a CentOS 7 machine
if the user does not exist:
useradd testuser --shell=/sbin/nologinif you want to modify an existing user:
usermod testuser --shell=/sbin/nologin
edited Sep 7 '16 at 18:53
Kamil Maciorowski
29.2k156288
answered Sep 6 '16 at 15:06
lauc.exon.nodlauc.exon.nod
111
edited Sep 7 '16 at 18:53
Kamil Maciorowski
29.2k156288
edited Sep 7 '16 at 18:53
Kamil Maciorowski
29.2k156288
edited Sep 7 '16 at 18:53
Kamil Maciorowski
29.2k156288
29.2k156288
answered Sep 6 '16 at 15:06
lauc.exon.nodlauc.exon.nod
111
answered Sep 6 '16 at 15:06
lauc.exon.nodlauc.exon.nod
111
answered Sep 6 '16 at 15:06
lauc.exon.nodlauc.exon.nod
111
111
add a comment |
add a comment |
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f77617%2fhow-can-i-create-a-non-login-user%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Have you really looked at man page of useradd and didn't find -M (do not create HOME directory)?
– inemanja
Oct 17 '18 at 11:42