#Type Name ID GECOS Home directory Shell u user_name uid "User Description" /path/to/shell u user_name uid:gid - - u user_name /file/owned/by/user - - g group_name gid "Group Description" g group_name /file/owned/by/group - m user_name group_name r - lowest-highest
Files in /etc/sysusers.d override files with the same name in /usr/lib/sysusers.d and /run/sysusers.d. Files in /run/sysusers.d override files with the same name in /usr/lib/sysusers.d. Packages should install their configuration files in /usr/lib/sysusers.d. Files in /etc/sysusers.d are reserved for the local administrator, who may use this logic to override the configuration files installed by vendor packages. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same path, the entry in the file with the lexicographically earliest name will be applied. All later entries for the same user and group names will be logged as warnings.
If the administrator wants to disable a configuration file supplied by the vendor, the recommended way is to place a symlink to /dev/null in /etc/sysusers.d/ bearing the same filename.
#Type Name ID GECOS Home directory Shell u httpd 404 "HTTP User" u _authd /usr/bin/authd "Authorization user" u postgres - "Postgresql Database" /var/lib/pgsql /usr/libexec/postgresdb g input - - m _authd input u root 0 "Superuser" /root /bin/zsh r - 500-900
Empty lines and lines beginning with the "#" character are ignored, and may be used for commenting.
For further details about the syntax of user/group names, see User/Group Name Syntax.
It is strongly recommended to pick user and group names that are unlikely to clash with normal users created by the administrator. A good scheme to guarantee this is by prefixing all system and group names with the underscore, and avoiding too generic names.
For m lines, this field should contain the user name to add to a group.
For lines of type r, this field should be set to "-".
For m lines, this field should contain the group name to add to a user to.
For lines of type r, this field should be set to a UID/GID range in the format "FROM-TO", where both values are formatted as decimal ASCII numbers. Alternatively, a single UID/GID may be specified formatted as decimal ASCII numbers.
Only applies to lines of type u and should otherwise be left unset (or "-").
Only applies to lines of type u and should otherwise be left unset (or "-"). It is recommended to omit this, unless software strictly requires a home directory to be set.
Only applies to lines of type u and should otherwise be left unset (or "-"). It is recommended to omit this, unless a shell different /usr/sbin/nologin must be used.
Table 1. Specifiers available
|"%b"||Boot ID||The boot ID of the running system, formatted as string. See random(4) for more information.|
|"%H"||Host name||The hostname of the running system.|
|"%m"||Machine ID||The machine ID of the running system, formatted as string. See machine-id(5) for more information.|
|"%T"||Directory for temporary files||This is either /tmp or the path "$TMPDIR", "$TEMP" or "$TMP" are set to.|
|"%v"||Kernel release||Identical to uname -r output.|
|"%V"||Directory for larger and persistent temporary files||This is either /var/tmp or the path "$TMPDIR", "$TEMP" or "$TMP" are set to.|
|"%%"||Escaped "%"||Single percent sign.|
systemd-sysusers will do nothing if the specified users or groups already exist or the users are members of specified groups, so normally there is no reason to override sysusers.d vendor configuration, except to block certain users or groups from being created.
- User/Group Name Syntax