The useradd command in Unix-like operating systems is used to create new user accounts. When combined with the -R or --root option followed by a CHROOT_DIR, it allows you to specify a directory as the root directory for the new user. This is particularly useful in environments where you want to restrict a user to a specific directory subtree, effectively isolating them from the rest of the filesystem.
Here are several examples demonstrating the usage of the -R option with the useradd command:
Example 1: Creating a user with a custom root directory:
$ sudo useradd -m -R /home/chroot/johndoe johndoe
This command creates a new user johndoe with the home directory set to /home/chroot/johndoe. The -m option ensures that the home directory is created if it doesn’t exist. To verify, check the user’s home directory:
$ ls /home/chroot/johndoe
Example 2: Specifying an existing directory as the root:
$ sudo useradd -m -R /srv/chroot/user1 user1
In this case, user1 is created with /srv/chroot/user1 as the home directory. Verify the directory:
$ ls /srv/chroot/user1
Example 3: Using a relative path for the root directory:
$ sudo useradd -m -R relative_chroot/user2 user2
This command creates user2 with a home directory of relative_chroot/user2 relative to the current directory. Verify the path:
$ ls relative_chroot/user2
Example 4: Creating a system user with a chroot directory:
$ sudo useradd -r -m -R /var/chroot/serviceuser serviceuser
This command creates a system user serviceuser with /var/chroot/serviceuser as the home directory. Check the directory:
$ ls /var/chroot/serviceuser
Example 5: Adding additional options with chroot:
$ sudo useradd -m -R /chroot/testuser -c "Test User" testuser
Here, testuser is created with a comment "Test User" and /chroot/testuser as the home directory. Verify the directory path:
$ ls /chroot/testuser
Example 6: Creating a user with a specific group and chroot:
$ sudo useradd -g users -m -R /chroot/user3 user3
This command adds user3 to the users group and sets /chroot/user3 as the home directory. Verify the directory path:
$ ls /chroot/user3
Example 7: Creating a user with a custom login shell and chroot:
$ sudo useradd -s /bin/bash -m -R /jail/user4 user4
In this example, user4 is created with /jail/user4 as the home directory and /bin/bash as the login shell. Verify the home directory:
$ ls /jail/user4
Example 8: Creating a user with restricted rights and chroot:
$ sudo useradd -r -s /sbin/nologin -m -R /home/jail user5
This command creates user5 as a system user with restricted login rights (/sbin/nologin) and /home/jail as the home directory. Verify the home directory:
$ ls /home/jail
Example 9: Creating a user with no home directory and chroot:
$ sudo useradd -M -R /var/chroot/user6 user6
Here, user6 is created without a home directory (-M) and /var/chroot/user6 is set as the chroot directory. Verify the chroot directory:
$ ls /var/chroot/user6
Example 10: Creating a user with a custom UID and GID and chroot:
$ sudo useradd -u 2001 -g 2001 -m -R /chroot/user7 user7
In this final example, user7 is created with a specific UID (2001), GID (2001), and /chroot/user7 as the home directory. Verify the home directory path:
$ ls /chroot/user7
Discussion about this post