ADDUSER(8) System Manager's Manual ADDUSER(8)
adduser - procedure for adding new users
To add an account for a new user, the system administrator (or super-
o Create an entry for the new user in the system password
o Create a home directory for the user, and change ownership so
the new user owns that directory.
o Optionally set up skeletal dot files for the new user
(.cshrc, .login, .profile...).
o If the account is on a system running the Network Information
Service (NIS), take additional measures.
Making an Entry in the Password File
To add an entry for the new login name on a local host, first edit the
/etc/passwd file -- inserting a line for the new user. This must be
done with the password file locked, for instance, by using vipw(8), and
the insertion must be made above the line containing the string:
This line indicates that additional accounts can be found in the NIS
To add an entry for the new login name into the NIS service, add an
identical line to the file /etc/passwd on the NIS master server, and
run make(1) in the directory /var/yp (see ypmake(8) for details) to
propagate the change.
The new user is assigned a group and user ID number (GID and UID
respectively). UIDs should be unique for each user and consistent
across the NFS domain, since they control access to files. GIDs need
not be unique. Typically, users working on similar projects will
assigned to the same group. The system staff is group 10 for histori-
cal reasons, and the super-user is in this group.
An entry for a new user francine would look like this:
Fields in each password-file entry are delimited by colons, and have
the following meanings:
o Login name (francine). The login name is limited to eight
characters in length.
o Encrypted password or the string ##name if encrypted pass-
words are stored in the password adjunct file. Typically, if
passwords are to be stored in the main password file, this
field is left empty, so no password is needed when the user
first logs in. If security demands a password, it should be
assigned by running passwd(1) immediately after exiting the
editor. The number of significant characters in a password is
eight. (See passwd(1).)
o User ID. The UID is a number which identifies that user
uniquely in the system. Files owned by the user have this
number stored in their data blocks, and commands such as ls
(1V) (see ls(1V)), use it to look up the owner's login name.
For this reason, you cannot randomly change this number. See
passwd(5) for more information.
o Group ID. The GID number identifies the group to which the
user belongs by default (although the user may belong to
additional groups as well). All files that the user creates
have this number stored in their data blocks, and commands
such as ls(1V) (see ls(1V), use it to look up the group name.
Group names and assignments are listed in the file /etc/group
(which is described in group(5)) or in the NIS group map.
o This field is called the GCOS field (from earlier implementa-
tion of the operating system) and is traditionally used to
hold the user's full name. Some installations have other
information encoded in this field. From this information we
can tell that Francine's real name is `Francine Featherstone-
haugh'. The && in the entry is shorthand for the user's login
o User's home directory. This is the directory in which that
user is "positioned" when they log in.
o Initial shell which this user will see on login. If this
field is empty, sh(1) is used as the initial shell.
An entry for a new user francine would look like this:
Fields in each password adjunct file entry are delimited by colons, and
have the following meanings:
o Login name (francine). This name must match the login name
in the password file.
o Encrypted password. Typically, this field is left empty when
adding the line using the editor. passwd(1) should be run
immediately after exiting the editor.
o The next three fields are the minimum label, the maximum
label, and the default label. These fields should be left
empty, since they are reserved for future use.
o The next two fields are for the always-audit flags and the
never-audit flags. Always-audit flags specify which events
are guaranteed to be audited for that user. Never-audit
flags specify which events are guaranteed not to be audited
for that user. For a description of audit flags, see
Making a Home Directory
As shown in the password file entry above, the name of Francine's home
directory is to be /usr/francine. This directory must be created using
mkdir(1), and Francine must be given ownership of it using chown(8), in
order for her profile files to be read and executed, and to have con-
trol over access to it by other users:
example# mkdir /usr/francine
example# /usr/etc/chown francine /usr/francine
If running under NFS, the mkdir(1) and chown(8) commands must be per-
formed on the NFS server.
Setting Up Skeletal Profile Files
New users often need assistance in setting up their profile files to
initialize the terminal properly, configure their search path, and per-
form other desired functions at startup. Providing them with skeletal
profile files saves time and interruptions for both the new user and
the system administrator.
Such files as .profile (if they use /usr/bin/sh as the shell), or
.cshrc and .login (if they use /usr/bin/csh as the shell), can include
commands that are performed automatically at each login, or whenever a
shell is invoked, such as tset(1). The ownership of these files must
be changed to belong to the new user, either by running su(1V) before
making copies, or by using chown(8).
/etc/passwd password file
/etc/group group file
csh(1), ls(1V), make(1), mkdir(1), passwd(1), sh(1), su(1V), tset(1),
audit(2), audit_control(5), audit_data(5), passwd.adjunct(5), group(5),
passwd(5), passwd.adjunct(5) audit(8), auditd(8), chown(8), vipw(8),
The Network Information Service (NIS) was formerly known as Sun Yellow
Pages (YP). The functionality of the two remains the same; only the
name has changed.
7 September 1989 ADDUSER(8)