Cannot login to newly created user account

If you created the user account with useradd, you have to set up everything for it manually. This is why, when creating user accounts from the command-line, it is recommended to use adduser in Ubuntu (and Debian, and other Debian-based systems) instead. You might just want to remove the user with userdel or deluser and recreate it with adduser. Otherwise...

Fixing the Home Directory Location

If you want to keep the user account and fix the problem, then you need to look at:

• the name of the home directory the user account is actually configured for
• the name of the directory you actually created

These must be exactly the same. The error message you get with su -l penner is telling you that they are not the same.

To check the home directory the user account is actually configured for, run this command (see man 5 passwd and man grep for more information):

grep penner /etc/passwd

You should see a line like this:

penner:x:1000:1000:Eliah Kagan,,,:/home/penner:/bin/bash

That is, the sixth :-separated field (after the fifth :) contains the home directory. If it's not /home/penner, it should be. If the directory you created for the user is not /home/penner, it should be, too. If the two directories are the same but neither one is /home/penner, then that might theoretically work, but you should make them both /home/penner, because lots of software assumes that all non-root users' home directories are /home/username.

You can change penner's home directory to /home/penner by running this command:

sudo usermod -d /home/penner penner

• See man usermod for more information.

Ensuring it is a Directory, and that the User Has Access

If (or once) the names are both /home/penner, you should also make sure that the user has access to their own home directory. Run:

ls -ld /home/penner

You should see something that looks like this (though the date and time will be different):

drwxr-xr-x 43 penner penner 4096 2012-07-03 06:41 /home/penner

If instead of drwxr-xr-x, you have something that starts with - rather than d, then you created a file rather than a directory. Delete the file and make a directory there instead.

If instead of the first penner you have something else, then the user doesn't own their home directory, so make them own it:

sudo chown penner /home/penner

• See man chown for more information.

If instead of drwxr-xr-x there are dashes in the next three characters after the d, then the user doesn't have full access there. Fix that as follows:

sudo chmod u+rwx /home/penner

• See man chmod for more information.

(penner is capable of running this command if they own their home directory, so if you prefer, you can run this as: sudo -u penner u+rwx /home/penner)

Ensuring Other Users Don't Have Blanket Write Access

If instead of drwxr-xr-x, there are ws instead of -s in the last six letters, then users besides penner may have write access to penner's home directory. This is dangerous (unless you really know what you're doing and want it this way and have set things up so it won't be a problem). To fix it:

sudo chmod -R go-w /home/penner

Other Defaults

There are some other changes you may want to make. By default in Ubuntu (that is, if you create a user account with adduser or with a graphical tool, which you did not):

1. Home directories have read and write permissions for everyone, not just the user who owns them. Users can change this, either for the whole home directory or any files and subdirectories inside it. But if you do want this default, and you don't have the second and third r and x in drwxr-xr-x, run:

   sudo chmod 755 /home/penner
   

   (penner is capable of running this command if they own their home directory, so if you prefer, you can run this as: sudo -u penner chmod 755 /home/penner)

2. Each user has his/her own group, with the same name as the user, and this is the user's primary group. Their home directory is owned by this group. That's the meaning of the second penner in drwxr-xr-x 43 penner penner 4096 2012-07-03 06:41 /home/penner. It's OK to break with this default, if you know what you are doing. But if it's not your intention to do things differently, you should make sure penner is set up this way, since some possible primary group identities for a user, or group owners on the user's home directory, could lead to security problems.

   Run groups penner. (See man groups for more information.) You should see something like this:

   penner : penner adm dialout cdrom plugdev lpadmin sambashare
   

   Don't worry if it's not quite like that. I'll get to that soon. Instead, look at the first word after the :. That's the name of the user's primary group. Assuming you want it to be penner, make sure it is. If it isn't, change it:

   sudo usermod -g penner penner
   

   If you get an error saying that the group penner doesn't exist, then you'll have to create it with this command (and then run the above command again):

   sudo addgroup penner
   

   • See man addgroup for more information. (If you prefer, you can alternatively use the groupadd command to create groups.)

3. When you ran groups penner, you may have gotten a list of groups considerably shorter than my penner : penner adm dialout cdrom plugdev lpadmin sambashare. For desktop users, the adm, dialout, cdrom, plugdev, lpadmin, and sambashare provide abilities that desktop users should generally have. Therefore, unless you have a reason to do otherwise, penner should be in these groups. These are not primary groups, however, so they're set differently. Supposing penner is not in any of these groups and you want penner to be in all of them, run this command:

   sudo usermod -a -G adm,dialout,plugdev,lpadmin,sambashare penner
   

   In case you're interested, here's what all those groups mean:

   • adm users can view most system log files in /var/log.
   • dialout users can use dial-up modems.
   • plugdev users can mount and use external storage devices.
   • lpadmin users can set up and manage printers.
   • sambashare users can share files (via Samba) with other computers over a network.

   (Source: Privileges, in the Ubuntu documentation wiki.)

Making the User an Administrator

If you don't want penner to be an administrator, you probably don't need to do anything else. You can check if penner is an administrator with groups penner. If neither admin nor sudo is listed, then penner is not an administrator.

If you want penner to be an administrator, add penner to whichever of these groups exists. (You may as well add penner to both, if they both exist.) You can accomplish that by running these two commands separately--if either one succeeds, you've made penner an administrator:

sudo usermod -a -G admin penner
sudo usermod -a -G sudo penner

• The reason there are two groups is that, before Ubuntu 12.04 LTS, administrators were in the admin group. Starting with Ubuntu 12.04 LTS, administrators are in the sudo group. But if your 12.04 LTS system is upgraded from a previous release (and this should apply to later Ubuntu releases, such as 12.10 when it comes out, that are upgraded from Ubuntu 11.10 or earlier), then for backward compatibility, administrators are members of both sudo and admin. Generally, if one of these groups doesn't confer administrative abilities, it simply doesn't exist, so running both the above two commands (separately, not as sudo usermod -a -G admin,sudo penner) is generally a safe and effective way to make penner an administrator.

This mostly happens when you create the user without creating a home directory for the user. This can be solved by using this command when creating user

useradd -m the_username

The -m flag is what creates the home directory for the user. After creating the user check if the home directory exists for that user by doing

ls /home

If you can see that username listed there then the last thing to do is assign a password to that user

passwd the_username

You can now login with that username and password