DEV Community

Wycliffe A. Onyango
Wycliffe A. Onyango

Posted on

100 Days of DevOps: Day 1

Add user with non-interactive shell

To create a user with a non-interactive shell in Linux, you should use the useradd command with the -s flag to specify the shell. The non-interactive shells most commonly used for this purpose are /sbin/nologin or /bin/false.

Here's the command you would run to create a user named kirsty with a non-interactive shell:

sudo useradd -s /sbin/nologin kirsty
Enter fullscreen mode Exit fullscreen mode

Explanation of the command:

  • sudo: This grants you administrative privileges, which are required to create new users.
  • useradd: This is the command to create a new user account.
  • -s /sbin/nologin: This flag specifies the user's login shell. /sbin/nologin is a program that politely refuses a login, displaying a message like "This account is currently not available" and then immediately exiting. This is the preferred method for creating accounts that should not be able to log in to an interactive shell.

To verify that the user was created correctly, you can use one of these commands:

  • id kirsty: This will show the user ID (UID) and group IDs (GID) for the new user.
  • grep kirsty /etc/passwd: This will display the entry for the kirsty user in the /etc/passwd file. The last field in the output should be /sbin/nologin, confirming the non-interactive shell.

-s option

The -s flag is a standard option used with many Linux commands, and its specific function depends on the command it's used with.

In the context of the useradd command, the -s flag stands for --shell.

Purpose with useradd:

When you use useradd -s <shell_path>, you are specifying the user's login shell. The login shell is the program that the system will run when the user logs in.

Example:

  • sudo useradd -s /bin/bash kirsty would create a user kirsty with the standard Bash shell.
  • sudo useradd -s /sbin/nologin kirsty would create a user kirsty with a non-interactive shell.

What about other commands?

While -s means --shell for useradd, it has a completely different meaning for other commands. It's important to always check the man page or the help documentation for the specific command you are using.

For example:

  • ls -s: Stands for --size and prints the size of each file in blocks.
  • grep -s: Stands for --no-messages or --silent and suppresses error messages about non-existent or unreadable files.
  • tar -s: Stands for --strip-components and strips a number of leading directory components from file names.
  • ssh -s: Stands for subsystem and requests to execute a subsystem on the remote host.

In summary, the -s flag is a common shorthand for various options, but its function is always command-specific. In the task of creating a user, it specifically refers to setting the user's shell.

Top comments (0)