mkhomedir_helper

mkhomedir_helper user [umask [path-to-skel [homemode_]]]

mkhomedir_helper is a helper program for the pam_mkhomedir PAM module. It creates home directories and populates them with the contents of the specified skeleton directory.
The tool copies files from the skeleton directory (typically /etc/skel) to the new home directory, applying the specified umask to file permissions. It sets ownership to the target user and creates standard configuration files like .bashrc and .profile.
The helper is architecturally separated from the PAM module for security reasons, allowing SELinux domain transitions during execution and preventing direct access from login domains to home directory contents.

user

Username for which to create the home directory

File creation mask for contents; default is 0022

Skeleton directory to copy contents from; default is /etc/skel

Permissions for the home directory itself; computed from umask if not specified

The tool never modifies existing home directories, preventing accidental overwrites. It requires root privileges to execute. The skeleton directory must exist and be readable. Users must already exist in the system before running this command.

mkhomedir_helper is part of the Linux-PAM (Pluggable Authentication Modules) project. It was designed as a security-conscious helper binary for the pam_mkhomedir module, enabling automatic home directory creation during user login for centrally-managed authentication systems like LDAP.

useradd(8), adduser(8), pam_mkhomedir(8)