Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
useradd(1M)		System Administration Commands		   useradd(1M)

       useradd - administer a new user login on	the system

       useradd	[-c comment]  [-d dir]	[-e expire] [-f	inactive] [-g group] [
       -G group	[ , group...]] [ -m [-k	skel_dir]] [ -u	uid  [-o]]  [-s	shell]
       [-A authorization  [,authorization...]] [-P profile  [,profile...]] [-R
       role  [,role...]] [-p projname] login

       useradd -D [-b base_dir]	[-e expire] [-f	inactive] [-g group] [-p proj-

       useradd	adds  a	 new  user  to	the  /etc/passwd  and  /etc/shadow and
       /etc/user_attr files. The -A and	-P options respectively	assign	autho-
       rizations  and  profiles	 to the	user. The -R option assigns roles to a
       user. The -p option associates a	project	with a user.

       useradd also creates supplementary group	memberships for	the  user  (-G
       option)	and creates the	home directory (-m option) for the user	if re-
       quested.	The new	login remains locked until the	passwd(1)  command  is

       Specifying useradd -D with the -g, -b, -f, -e, -A, -P, -p, or -R	option
       (or any combination of these options) sets the default values  for  the
       respective  fields.  See	 the -D	option,	below. Subsequent useradd com-
       mands without the -D option use these arguments.

       The system file entries created with this command have a	limit  of  512
       characters  per	line. Specifying long arguments	to several options can
       exceed this limit.

       The login (login) and role (role) fields	accept a  string  of  no  more
       than  eight  bytes  consisting of characters from the set of alphabetic
       characters, numeric characters, period (.), underscore (_), and	hyphen
       (-). The	first character	should be alphabetic and the field should con-
       tain at least one lower case alphabetic character.  A  warning  message
       will be written if these	restrictions are not met. A future Solaris re-
       lease may refuse	to accept login	and role fields	that do	not meet these

       The  login and role fields must contain at least	one character and must
       not contain a colon (:) or a newline (\n).

       The following options are supported:

       -A authorization
	     One  or  more   comma   separated	 authorizations	  defined   in
	     auth_attr(4).   Only  a  user or role who has grant rights	to the
	     authorization can assign it to an account.

       -b base_dir
	     The default base directory	for the	system if -d dir is not	speci-
	     fied.  base_dir  is  concatenated with the	account	name to	define
	     the home directory. If the	-m option is not used,	base_dir  must

       -c comment
	     Any  text	string.	It is generally	a short	description of the lo-
	     gin, and is currently used	as the field for the user's full name.
	     This information is stored	in the user's /etc/passwd entry.

       -d dir
	     The  home	directory of the new user. It defaults to base_dir/ac-
	     count_name, where base_dir	is the base directory  for  new	 login
	     home directories and account_name is the new login	name.

       -D    Display  the default values for group, base_dir, skel_dir,	shell,
	     inactive, expire, proj and	projname. When used with the  -g,  -b,
	     -f, -e, -A, -P, -p, or -R options,	the -D option sets the default
	     values for	the specified fields. The default values are:

	     group other (GID of 1)



	     shell /bin/sh



	     auths null


	     proj  3


	     roles null

       -e expire
	     Specify the expiration date for a login. After this date, no user
	     will  be able to access this login. The expire option argument is
	     a date entered using one of the date formats included in the tem-
	     plate file	/etc/datemsk. See getdate(3C).

	     If	 the  date  format that	you choose includes spaces, it must be
	     quoted. For example, you can enter	10/6/90	or "October 6,	1990".
	     A	null  value (" ") defeats the status of	the expired date. This
	     option is useful for creating temporary logins.

       -f inactive
	     The maximum number	of days	allowed	between	uses of	a login	ID be-
	     fore  that	ID is declared invalid.	Normal values are positive in-
	     tegers. A value of	 0 defeats the status.

       -g group
	     An	existing group's integer ID or character-string	name.  Without
	     the -D option, it defines the new user's primary group membership
	     and defaults to the default group.	You  can  reset	 this  default
	     value by invoking useradd -D -g group.

       -G group
	     An	 existing  group's integer ID or character-string name.	It de-
	     fines the new user's supplementary	group  membership.  Duplicates
	     between  group  with  the	-g and -G options are ignored. No more
	     than NGROUPS_MAX groups can be specified.

       -k skel_dir
	     A directory that contains skeleton	information (such as .profile)
	     that  can be copied into a	new user's home	directory. This	direc-
	     tory must already exist. The system provides the /etc/skel	direc-
	     tory that can be used for this purpose.

       -m    Create  the  new user's home directory if it does not already ex-
	     ist. If the directory already exists, it must have	 read,	write,
	     and  execute permissions by group,	where group is the user's pri-
	     mary group.

       -o    This option allows	a UID to be duplicated (non-unique).

       -P profile
	     One  or  more  comma-separated  execution	profiles  defined   in

       -p projname
	     Name  of the project with which the added user is associated. See
	     the projname field	as defined in project(4).

       -R role
	     One  or  more  comma-separated  execution	profiles  defined   in
	     user_attr(4).  Roles cannot be assigned to	other roles.

       -s shell
	     Full  pathname  of	the program used as the	user's shell on	login.
	     It	defaults to an empty field causing the system to  use  /bin/sh
	     as	 the  default.	The  value of shell must be a valid executable

       -u uid
	     The UID of	the new	user. This UID must be a non-negative  decimal
	     integer  below  MAXUID  as	defined	in <sys/param.h>.  The UID de-
	     faults to the next	available (unique) number  above  the  highest
	     number currently assigned.	For example, if	UIDs 100, 105, and 200
	     are assigned, the next default UID	number will be 201. (UIDs from
	     0-99 are reserved for possible use	in future applications.)








       See attributes(5) for descriptions of the following attributes:

       |      ATTRIBUTE	TYPE	     |	    ATTRIBUTE VALUE	   |
       |Availability		     |SUNWcsu			   |

       passwd(1),     profiles(1),    roles(1),	   users(1B),	 groupadd(1M),
       groupdel(1M),   groupmod(1M),	grpck(1M),    logins(1M),    pwck(1M),
       userdel(1M),   usermod(1M),   getdate(3C),   auth_attr(4),   passwd(4),
       prof_attr(4), project(4), user_attr(4), attributes(5)

       In case of an error, useradd prints an error message and	exits  with  a
       non-zero	status.

       The following indicates that login specified is already in use:

       UX: useradd: ERROR: login is already in use. Choose another.

       The  following  indicates  that the uid specified with the -u option is
       not unique:

       UX: useradd: ERROR: uid uid is already in use. Choose another.

       The following indicates that the	group specified	with the -g option  is
       already in use:

       UX: useradd: ERROR: group group does not	exist. Choose another.

       The following indicates that the	uid specified with the -u option is in
       the range of reserved UIDs (from	0-99):

       UX: useradd: WARNING: uid uid is	reserved.

       The following indicates that the	uid specified with the -u  option  ex-
       ceeds MAXUID as defined in <sys/param.h>:

       UX: useradd: ERROR: uid uid is too big. Choose another.

       The  following  indicates  that the /etc/passwd or /etc/shadow files do
       not exist:

       UX: useradd: ERROR: Cannot update system	files -	login cannot be	created.

       The useradd utility adds	definitions  to	 only  the  local  /etc/group,
       etc/passwd,  /etc/passwd, /etc/shadow, /etc/project, and	/etc/user_attr
       files. If a network name	service	such as	NIS or NIS+ is being  used  to
       supplement  the local /etc/passwd file with additional entries, useradd
       cannot change information supplied by the network name service. However
       useradd	will verify the	uniqueness of the user name (or	role) and user
       id and the existence of any group names specified against the  external
       name service.

SunOS 5.9			  18 Sep 2001			   useradd(1M)


Want to link to this manual page? Use this URL:

home | help