ADDUSER.CONF(5) File Formats Manual ADDUSER.CONF(5)
NAME
/etc/adduser.conf - configuration file for adduser(8) and addgroup(8)
DESCRIPTION
The file /etc/adduser.conf contains defaults for the programs ad-
duser(8), addgroup(8), deluser(8) and delgroup(8). Each line holds a
single value pair in the form option = value. Double or single quotes
are allowed around the value, as is whitespace around the equals sign.
Comment lines must have a hash sign (#) in the first column.
The valid configuration options are:
STDERRMSGLEVEL , STDOUTMSGLEVEL , and LOGMSGLEVEL
Minimum priority for messages logged to syslog/journal and the
console, respectively. See LOGGING in adduser(8). Defaults to
warn for STDOUTMSGLEVEL and STDERRMSGLEVEL and info for LOGMS-
GLEVEL.
ADD_EXTRA_GROUPS
Setting this to something other than 0 will cause adduser to add
newly created non-system users to the list of groups defined by
EXTRA_GROUPS (below). Defaults to 0.
DIR_MODE
The permissions mode for home directories of non-system users
that are created by adduser(8). Defaults to 0700. Note that
there are potential configurations (such as ~/user web services,
or in-home mail delivery) which will require changes to the de-
fault. See also SYS_DIR_MODE.
DHOME The directory in which new home directories should be created.
Defaults to /home.
DSHELL The login shell to be used for all new users. Defaults to
/bin/bash.
EXTRA_GROUPS
This is the space-separated list of groups that new non-system
users will be added to. Defaults to users.
FIRST_SYSTEM_GID and LAST_SYSTEM_GID
specify an inclusive range of GIDs from which GIDs for system
groups can be dynamically allocated. Defaults to 100 - 999.
FIRST_GID and LAST_GID
specify an inclusive range of GIDs from which GIDs for non-system
groups can be dynamically allocated. Defaults to 1000 - 59999.
FIRST_SYSTEM_UID and LAST_SYSTEM_UID
specify an inclusive range of UIDs from which UIDs for system
users can be dynamically allocated. Defaults to 100 - 999.
Please note that system software, such as the users allocated by
the base-passwd package, may assume that UIDs less than 100 are
unallocated.
FIRST_UID and LAST_UID
specify an inclusive range of UIDs from which UIDs for non-system
users can be dynamically allocated. Defaults to 1000 - 59999.
GID_POOL
See UID_POOL.
GROUPHOMES
If this is set to yes, the home directories will be created as
/home/groupname/user. Defaults to no. This option is deprecated
and will be removed.
LAST_SYSTEM_GID
LAST_GID
LAST_SYSTEM_UID
LAST_UID
See the FIRST_ variants of the option.
LETTERHOMES
If this is set to yes, then the home directories created will
have an extra directory inserted which is the first letter of the
loginname. For example: /home/u/user. Defaults to no. This op-
tion is deprecated and will be removed.
NAME_REGEX
Non-system user- and groupnames are checked against this regular
expression. If the name doesn't match this regexp, user and
group creation in adduser(8) is refused unless --allow-bad-names
is set. With --allow-bad-names set, weaker checks are performed.
Defaults to the most conservative ^[a-zA-Z][a-zA-Z0-9_-]*\$?$.
See SYS_NAME_REGEX and Valid names, below, for more information.
QUOTAUSER
If set to a nonempty value, new users will have quotas copied
from that user using edquota -p QUOTAUSER newuser. Defaults to
the empty string.
RESERVE_UID_POOL and RESERVE_GID_POOL
Controls whether the UID and GID values that are listed in the
pool files are truly reserved. See UID AND GID POOLS in the
NOTES section. Defaults to yes.
SETGID_HOME
If this is set to yes, then home directories for users with their
own group (USERGROUPS = yes) will have the set-group-ID bit set.
Note that this feature is deprecated and will be removed in a fu-
ture version of adduser(8). Please use DIR_MODE instead. De-
faults to no.
SKEL The directory from which skeletal user configuration files will
be copied. Defaults to /etc/skel.
SKEL_IGNORE_REGEX
When populating the newly created home directory of a non-system
user, files in SKEL matching this regex are not copied. Defaults
to to (.(dpkg|ucf)-(old|new|dist)$), the regular expression
matching files left over from unmerged config files.
SYS_DIR_MODE
The permissions mode for home directories of system users that
are created by adduser(8). Defaults to 0755. Note that changing
the default permissions for system users may cause some packages
to behave unreliably, if the program relies on the default set-
ting. See also DIR_MODE.
SYS_NAME_REGEX
System user- and groupnames are checked against this regular ex-
pression. If the name doesn't match this regexp, system user and
group creation in adduser is refused unless --allow-bad-names is
set. With --allow-bad-names set, weaker checks are performed.
Defaults to the most conservative ^[a-zA-Z_][a-zA-Z0-9_-]*\$?$.
See NAME_REGEX, above, and Valid names, below, for more informa-
tion.
UID_POOL and GID_POOL
specify a file or a directory containing UID and GID pool files.
See UID AND GID POOLS in the NOTES section. Both default to
empty.
USERGROUPS
Specify whether each created non-system user will be given their
own group to use. Defaults to yes.
USERS_GID and USERS_GROUP
Defines the groupname or GID of the group all newly-created non-
system users are placed into. If USERGROUPS is yes, the group
will be added as a supplementary group; if USERGROUPS is no,, it
will be the primary group. If you don't want all your users to
be in one group, set USERGROUPS=yes, leave USERS_GROUP empty and
set USERS_GID to "-1". USERS_GROUP defaults to users, which has
GID 100 on all Debian systems since it's defined statically by
the base-passwd package. It is a configuration error to define
both variables even if the values are consistent.
NOTES
UID AND GID POOLS
Some installations desire that a non-system account gets preconfigured
properties when it is generated. Commonly, the local admin wants to
make sure that even without using a directory service, an account or a
group with a certain name has the same numeric UID/GID on all systems
where it exists.
To enable this feature, define configuration variables UID_POOL (for
user accounts) and/or GID_POOL (for groups) in /etc/adduser.conf and in-
stall the respective files in the configured places. The value is ei-
ther a file or a directory. In the latter case all files named *.conf
in that directory are considered.
The file format is similar to /etc/passwd: Text lines, fields separated
by a colon. The values are username/groupname (mandatory), UID/GID
(mandatory), comment field (optional, useful for user IDs only), home
directory (ditto), shell (ditto).
It is possible to use the same file/directory for UID_POOL and GID_POOL.
If an account / group is created, adduser(8) searches in all UID/GID
pool files for a line matching the name of the newly created account and
uses the data found there to initialize the new account instead of using
the defaults. Settings may be overridden from the command line.
In the default configuration, UID and GID values listed in the pool will
be reserved and thus not be used by the normal UID and GID selection
processes. This is usually what you'd want. With the RESERVE_UID_POOL
and RESERVE_GID_POOL configuration options, you can switch this behavior
off if you want pooled UIDs and GIDs used by regular accounts. This
might cause conflicts and cause your pool UIDs and GIDs to be used by
accounts that are not in the pool.
FILES
/etc/adduser.conf
SEE ALSO
deluser.conf(5), addgroup(8), adduser(8), delgroup(8), deluser(8)
Debian GNU/Linux ADDUSER.CONF(5)
Generated by dwww version 1.16 on Fri Dec 5 18:00:47 CET 2025.