Learn to manage groups in Linux with these group management commands. The article includes how to create, modify, delete, and administer groups.
Groups on the Linux system are a bunch of users created for easy access/permission management. One user can be a member of one or many groups. Users will have only one primary and one/many secondary groups. In our other article we have seen user management commands in Linux/Unix. In this article we will discuss group management. There are mainly 4 commands used to manage user groups on Linux systems :
- groupadd
- groupmod
- groupdel
- gpasswd
Let’s check all these commands and fields they are responsible in /etc/group file.
groupadd command
As the name suggests, it is used to create new groups on the Linux system. groupadd command needs a group name as an argument.
# groupadd sysadmins
# cat /etc/group
sysadmins:x:502:
This command creates a group named sysadmins. A newly created group can be verified in /etc/group file. Study fields in /etc/group file here.
Several common switches which works with groupadd are :
-g: Specify GID of your choice-o: Create a group with non-unique GID-r: Create a system group. (GID will be taken from system group GID range)
groupmod command
If you want to edit parameters like name, GID, uniqueness of group which already exist in the system then you can modify group using groupmod. Below the list of the switch with their desired values should feed to this command –
-g: new GID-o: Make it non-unique-n: New name
# groupmod -n newsysadmins sysadmins
# cat /etc/group |grep sys
newsysadmins:x:502:
# groupmod -g 9999 sysadmins
# cat /etc/group
sysadmins:x:9999:
# groupmod -o -g 3 sysadmins
# cat /etc/group |grep sys
sys:x:3:bin,adm
sysadmins:x:3:
Observe above outputs where we changed the name, gid of the group and lastly we assigned the same GID 3 (non-unique) to our group which was already existing.
groupdel command
That’s the command where group ends their life! Yes, group deletion is performed using this command. This command is pretty simple. Just supply your group name and it will be deleted from the system.
# groupdel sysadmins
gpasswd command
This command is used to administer group. Administering groups includes :
- Adding/removing users to/from group
- Setting and removing group password
- Making a user administrator/member of a group
Adding and removing user in the group is done with switch -a and -d followed by user name and lastly group name. Check below examples :
# gpasswd -a shri sysadmins
Adding user shri to group sysadmins
# cat /etc/group | grep sysadmin
sysadmins:x:3:shri
# gpasswd -d shri sysadmins
Removing user shri from group sysadmins
# cat /etc/group | grep sysadmin
sysadmins:x:3:
Password set is done without any switch while password removal is with -r switch as below :
# gpasswd sysadmins
Changing the password for group sysadmins
New Password:
Re-enter new password:
What is the use of group password in Linux?
This question comes to many of us. Hardly rather no one uses this feature at all. The idea must be to secure a group from non-member users. But since a group password should be known to all group members, it actually doesn’t make any sense to use it. Then you might ask then why group passwords exist in the first place? It may be just following the user (password security) model to groups as well to maintain symmetry in design. I mean it’s just my thought. Let me know if you have any other reason which suits group password existence!
Making any user administrator of the group grants him the privilege to administer the group. Member, the user is just a member of the group and can not administer it. You can make user administrator of the group with -A switch and member with -M. By default, the user is added to the group as a member
# gpasswd -A shri sysadmins
# gpasswd -M shri sysadmins
Those are all group management commands in Linux with their most used switches. Let us know any addition/correction/feedback in the comments!
Share Your Comments & Feedback: