diff --git a/charmhelpers/core/host.py b/charmhelpers/core/host.py
index def403c51..8371daac3 100644
--- a/charmhelpers/core/host.py
+++ b/charmhelpers/core/host.py
@@ -357,7 +357,7 @@ def init_is_systemd(service_name=None):
     return os.path.isdir(SYSTEMD_SYSTEM)
 
 
-def adduser(username, password=None, shell='/bin/bash',
+def adduser(username, password=None, shell=None,
             system_user=False, primary_group=None,
             secondary_groups=None, uid=None, home_dir=None):
     """Add a user to the system.
@@ -389,11 +389,14 @@ def adduser(username, password=None, shell='/bin/bash',
         if home_dir:
             cmd.extend(['--home', str(home_dir)])
         if system_user or password is None:
-            cmd.append('--system')
+            cmd.extend([
+                '--system',
+                '--shell', shell if shell else '/usr/sbin/nologin'
+            ])
         else:
             cmd.extend([
                 '--create-home',
-                '--shell', shell,
+                '--shell', shell if shell else '/bin/bash',
                 '--password', password,
             ])
         if not primary_group:
diff --git a/tests/core/test_host.py b/tests/core/test_host.py
index 50c742c03..4cf04be5d 100644
--- a/tests/core/test_host.py
+++ b/tests/core/test_host.py
@@ -755,6 +755,7 @@ def test_adduser_with_groups(self, log, check_call, getpwnam, getgrnam):
     @patch.object(host, 'log')
     def test_adds_a_systemuser(self, log, check_call, getpwnam):
         username = 'johndoe'
+        shell = '/usr/sbin/nologin'
         existing_user_pwnam = KeyError('user not found')
         new_user_pwnam = 'some user pwnam'
 
@@ -766,6 +767,7 @@ def test_adds_a_systemuser(self, log, check_call, getpwnam):
         check_call.assert_called_with([
             'useradd',
             '--system',
+            '--shell', shell,
             username
         ])
         getpwnam.assert_called_with(username)
@@ -775,6 +777,7 @@ def test_adds_a_systemuser(self, log, check_call, getpwnam):
     @patch.object(host, 'log')
     def test_adds_a_systemuser_with_home_dir(self, log, check_call, getpwnam):
         username = 'johndoe'
+        shell = '/usr/sbin/nologin'
         existing_user_pwnam = KeyError('user not found')
         new_user_pwnam = 'some user pwnam'
 
@@ -789,6 +792,29 @@ def test_adds_a_systemuser_with_home_dir(self, log, check_call, getpwnam):
             '--home',
             '/var/lib/johndoe',
             '--system',
+            '--shell', shell,
+            username
+        ])
+        getpwnam.assert_called_with(username)
+
+    @patch('pwd.getpwnam')
+    @patch('subprocess.check_call')
+    @patch.object(host, 'log')
+    def test_adds_a_systemuser_with_different_shell(self, log, check_call, getpwnam):
+        username = 'johndoe'
+        shell = '/bin/bash'
+        existing_user_pwnam = KeyError('user not found')
+        new_user_pwnam = 'some user pwnam'
+
+        getpwnam.side_effect = [existing_user_pwnam, new_user_pwnam]
+
+        result = host.adduser(username, system_user=True, shell=shell)
+
+        self.assertEqual(result, new_user_pwnam)
+        check_call.assert_called_with([
+            'useradd',
+            '--system',
+            '--shell', shell,
             username
         ])
         getpwnam.assert_called_with(username)
@@ -801,6 +827,7 @@ def test_adds_a_systemuser_with_home_dir(self, log, check_call, getpwnam):
     def test_add_user_uid(self, log, check_call, getgrnam, getpwuid, getpwnam):
         user_name = 'james'
         user_id = 1111
+        shell = '/usr/sbin/nologin'
         uid_key_error = KeyError('user not found')
         getpwuid.side_effect = uid_key_error
         host.adduser(user_name, uid=user_id)
@@ -810,6 +837,7 @@ def test_add_user_uid(self, log, check_call, getgrnam, getpwuid, getpwnam):
             '--uid',
             str(user_id),
             '--system',
+            '--shell', shell,
             '-g',
             user_name,
             user_name