What does adduser do that useradd doesn't?

Question

In addition to the more widespread useradd, Debian based systems also contain an additional adduser command which provides a higher level interface for adding users and some related tasks. There are various questions/answers on other SE sites which detail the basic differences between these commands, for example:

ServerFault - What's the difference between 'useradd' and 'adduser'?
Superuser - What's the difference between “adduser” and “useradd”?
Ask Ubuntu - What is the difference between adduser and useradd?

Most of the answers essentially say that adduser provides nicer interface for adding users interactively, but don't give much detail on what happens when adduser is run that doesn't compared to useradd. So:

What does adduser do that useradd doesn't?
What commands do I need to use to produce equivalent results?

score 96 · Accepted Answer · edited Nov 12 '20 at 08:31

First off, the respective man page snippets highlight the differences between the two commands and give some indication of what is going on. For adduser:

adduser and addgroup add users and groups to the system according to command line options and configuration information in /etc/adduser.conf. They are friendlier front ends to the low level tools like useradd, groupadd and usermod programs, by default choosing Debian policy conformant UID and GID values, creating a home directory with skeletal configuration, running a custom script, and other features.

Then for useradd:

useradd is a low level utility for adding users. On Debian, administrators should usually use adduser(8) instead.

Further investigation of adduser reveals that it is a perl script providing a high level interface to, and thus offering some of the functionality of, the following commands:

useradd
groupadd
passwd - used to add/change users passwords.
gpasswd - used to add/change group passwords.
usermod - used to change various user associated parameters.
chfn - used to add/change additional information held on a user.
chage - used to change password expiry information.
edquota - used to change disk usage quotas.

A basic run of the adduser command is as follows:

adduser username

This simple command will do a number of things:

Create the user named username.
Create the user's home directory (default is /home/username and copy the files from /etc/skel into it.
Create a group with the same name as the user and place the user in it.
Prompt for a password for the user.
Prompt for additional information on the user.

The useradd program can most of accomplish most of this, however it does not do so by default and needs additional options. Some of the information requires more commands:

useradd -m -U username
passwd username
chfn username

Note that adduser ensures that created UIDs and GIDs conform with the Debian policy. Creating normal users with useradd seems to be ok, provided UID_MIN/UID_MAX in /etc/login.defs matches the Debian policy. What is a problem though is that Debian specifies a particular range for system user UIDs which only seems to be supported in /etc/adduser.conf, so naively adding a system user with useradd and not specifying a UID/GUID in the correct range leaves the potential for serious problems.

Another common use for adduser is to simplify the process of adding a user to a group. Here, the following command:

adduser username newgroup

is equivalent to the following usermod command:

usermod -a -G newgroup username

The main drawback from usermod in this case is that forgetting to pass the append option (i.e.: -a) would end up removing the user from all groups before adding them to "newgroup" (i.e.: -G alone means "replace with").

One downside to using adduser here though is that you can only specify one group at a time.

This is cool! I didnt even know this was a question. Does it take hashed passwords as useradd does? This is very good work, by the way. — mikeserv, Mar 23 '14 at 23:47
I don't know if I completely agree with the "administrators should..." statement though... Personally, I believe the administrator should probably be putting together his/her own adduser according to a system-wide policy, but that's just armchair quarterbacking at best. — mikeserv, Mar 23 '14 at 23:51
@mikeserv, no there are no hashed passwords. There is another program you should know about though - chpasswd - this can accept hashed passwords on stdin. I will wait til tomorrow before I update that other answer though I think. — Graeme, Mar 24 '14 at 00:09
nice post. For me a little too much details. What I miss most is, that adduser was originally created for server admin's who frequently needed to create/modify/limit real users like on an email server at university. With adduser you can automate the process. This changed a little during the years so nowadays useradd can be to difficult for many admins and for them adduser has become the tool of choice. — , Mar 24 '14 at 00:29
On my Ubuntu 16.04, -U/--user-group seem to the default. — Franklin Yu, Aug 03 '16 at 05:49

score 5 · Answer 2 · answered Nov 06 '20 at 22:14

One significant difference I ran into (and did not see in an answer here), is the implications of creating a system user.

useradd --system seems to imply --shell /bin/bash, while adduser --system implies --shell /usr/sbin/nologin, which is what I wanted.

So if I want neither a shell nor a home directory, I could either use useradd like this

useradd --system --shell /usr/sbin/nologin foo

Which leads to e.g. the following entry in /etc/passwd

foo:x:994:991::/home/foo:/usr/sbin/nologin

Or use adduser like this

adduser --system --no-create-home foo

Which leads to e.g. the following entry in /etc/passwd

foo:x:110:65534::/home/foo:/usr/sbin/nologin

Also, adduser does not create a group (user 110 is in group 65534, aka no group). The accepted answer also mentions risks regarding (G)UID, so I'll definitely stick with adduser.

Source: Tested on Raspberry Pi OS (Debian Buster based).

score 2 · Answer 3 · answered Nov 04 '15 at 20:19

2

The adduser command by default also creates a /home/user directory for system users, which you cannot do with the useradd command. useradd only adds home directories for normal users not system users.

answered Nov 04 '15 at 20:19

MFPII

21
1

"The adduser command by default also creates a /home/user directory for system users, which you cannot do with the useradd command" Are you sure about that? From https://manpages.debian.org/jessie/passwd/useradd.8.en.html: "You have to specify the -m options if you want a home directory for a system account to be created". I tested on Artix and it works as stated. – kelvin Nov 11 '20 at 21:06

score 1 · Answer 4 · answered Jul 16 '17 at 12:26

1

The system administrator can do anything with useradd that can be done with adduser. It was stated here that you can't create a /home/user directory for system users with useradd, and you absolutely can, by modifying the files contained in /etc/skel. /etc/skel contains the set of files initially used to populate a new user's home directory.

answered Jul 16 '17 at 12:26

niten1

11

It creates the home dir by just passing the -m option; there's no need to modify /etc/skel for that. – kelvin Nov 11 '20 at 21:09

What does adduser do that useradd doesn't?

4 Answers4

Linked