[SOLVED] Adding a service user and creating Primary or Secondary Group
by dalacor from LinuxQuestions.org on (#6JVCN)
For the last 10 years or so, I have always used this command to create a group and user account for the proxy server service installed on my Slackware system.
Code:
groupadd servicename
useradd ig servicename servicenameThis has always worked perfectly with no issues until today! I have updated Slackware 15 with the latest updates today so I suspect that something may have changed since I last added a group or user, which was well over a year ago, maybe two!
groupadd servicename - This works and creates a group in the group file
useradd ig servicename servicename - this just returns the list of useradd options.
Research I have done so far seems to indicate the following.
groupadd servicename - is creating a secondary group. I suspect in the past, this command created a primary group.
useradd ig servicename servicename - This doesn't work because it's trying to add the user to a primary group.
I need answers to the following questions because Google is not providing the information I need.
This user account is a service account that runs the proxy server service. So it never needs to login at a console or gui. It doesn't need a home folder.
Should the group be a Primary or Secondary Group for a service account like this. They only need to belong to one group. But google search results don't really explain when a primary group is required etc. I think I need a secondary group, but the documentation on the differences between the two is very confusing. I assume that in the past, the groupadd created a primary group in slackware and that would be why the useradd -g option worked. I am assuming that recent update in Slackware changed how the groupadd works now? I don't know if I need a primary group for this service account?
Does it matter from a security point of view if no password is created - assuming that nobody can log in interactively as it were?
Should I be using useradd or adduser? What I like about useradd is that I can type just this - useradd ig servicename servicename and it does everything - or at least ways it used to work. With adduser, it asks me for home folder, expiry date etc.
Maybe a better way to ask the question would be this:
How do I create a new group and new user with no interactive login rights, no home folder, no expiry date and presumably no password and whatever else is appropriate for a user account that is only used by a program installed on Slackware.
Code:
groupadd servicename
useradd ig servicename servicenameThis has always worked perfectly with no issues until today! I have updated Slackware 15 with the latest updates today so I suspect that something may have changed since I last added a group or user, which was well over a year ago, maybe two!
groupadd servicename - This works and creates a group in the group file
useradd ig servicename servicename - this just returns the list of useradd options.
Research I have done so far seems to indicate the following.
groupadd servicename - is creating a secondary group. I suspect in the past, this command created a primary group.
useradd ig servicename servicename - This doesn't work because it's trying to add the user to a primary group.
I need answers to the following questions because Google is not providing the information I need.
This user account is a service account that runs the proxy server service. So it never needs to login at a console or gui. It doesn't need a home folder.
Should the group be a Primary or Secondary Group for a service account like this. They only need to belong to one group. But google search results don't really explain when a primary group is required etc. I think I need a secondary group, but the documentation on the differences between the two is very confusing. I assume that in the past, the groupadd created a primary group in slackware and that would be why the useradd -g option worked. I am assuming that recent update in Slackware changed how the groupadd works now? I don't know if I need a primary group for this service account?
Does it matter from a security point of view if no password is created - assuming that nobody can log in interactively as it were?
Should I be using useradd or adduser? What I like about useradd is that I can type just this - useradd ig servicename servicename and it does everything - or at least ways it used to work. With adduser, it asks me for home folder, expiry date etc.
Maybe a better way to ask the question would be this:
How do I create a new group and new user with no interactive login rights, no home folder, no expiry date and presumably no password and whatever else is appropriate for a user account that is only used by a program installed on Slackware.