There are legit reasons to create a new user without a /home directory. Maybe you want a new user to have limited access to just a few things, or a dedicated user that runs a single application. This article will show you how.
See, I was reading a forum post on Linux.org about a member that had set up a bunch of Linux computers for some learning children. One of the things that came up was that the kids were already trying to guess the password so that they could install games.
That got me thinking about some security implications. What if they guessed the password and wanted to hide it? What if they used that password to create a new user, but one without a /home directory so that it wouldn’t be easily spotted by just using a file manager? It wouldn’t be impossible to find, but it’d not stand out immediately with a quick inspection. Besides, the new account’s password would remain the same even if the admin changed the password to the root account.
Well, if they get that advanced and guess that password, I kinda hope they read this article! Why? Because the world needs a little chaos and creativity! So, my fellow Linux.org forum user, this article is for you! Well, no… It’s for when the kids use a search engine to learn how to make a user account a little less obvious!
Create a New User Without /home:
This one will be short and easy, perfect for budding Linux users! There are two easy ways to create a user without automatically making a /home folder.
Both ways are done in the terminal, so you need to open it. To open the default terminal, use your keyboard and press CTRL + ALT + T.
Now, the first method is:
The second method is:
Those commands will both make a new user without a /home directory of their own. (Be sure to check ‘man useradd’ for more awesome things you can do.)
There are a couple more steps you can take, if you want. First, there’s no password assigned to the user you just created. So, let’s assign a password to them.
Follow the prompts to type in the password twice and you’re done with that step.
Next, the newly created user isn’t a member of sudoers – meaning it has no administrative rights. That’s easily fixed with the following command:
That command will make the new user a member of the sudoers group. Meaning they have administrative rights over the system. They can install software, remove software, delete files, create files, or even update the entire system.
The admin can still discover the new user by listing the users or poking around in the logs. However, the user won’t stand out immediately. There won’t be any new user folder in /home, so one may not have any reason to look. Additionally, changing the root password won’t matter. You’ll have to do something about the user they created.
And that, kids, is how you get started hiding stuff after you’ve discovered the root password! Use that account for your nefarious activities! You’re welcome!
Nah, there are legit reasons why you’d want a user without a home folder. You may want that user to only access a limited set of applications or whatever. A keen admin would likely notice this fairly rapidly, so it’s not a great long-term strategy for hiding your game installing.