Linux : should I create nologin user home dirs?

Solution 1:

On RedHat like systems you can create the users as system accounts using the ‘-r’ option:

   -r This flag is used to create a system account. That is, a user with a UID lower than the value of UID_MIN defined in
      /etc/login.defs and whose password does not expire. Note that useradd will not create a home directory for such an user,
      regardless of the default setting in /etc/login.defs. You have to specify -m option if you want a home directory for a system
      account to be created. This is an option added by Red Hat

Depending on whether this option is available on your distro, this may be what you want.

Solution 2:

As a systems administrator, I prefer that all my stub accounts use / as their home directory unless I have a compelling reason to have a real home directory.

The home directory can store authentication information. For instance, the .ssh/authorized_keys files can act as a vector to allow people onto the system unintentionally or maliciously.

Otherwise, the home directory may be useful if you plan on suing to another UID and plan on having local configurations for when doing stuff as that user (I've seen this with oracle setups). I'm not keen on that sort of thing -- I prefer to just have a script that I source that sets up the local environment for me, but different strokes...