Linux add existing user to groups

10 practical examples to add or remove user from group in Linux

1. Create a new user and add to existing primary group

• By default when we create a new user, a new primary group is created by the same name as of the user.
• But we can also use useradd to create a user and add this user to any existing group
• So this group will not become the primary group of your new user

In this example I will create a new group » admin «

# getent group admin admin:x:1003:

Next I will create a new user » user1 » and add this user to » admin » group using useradd -g

Verify the primary group of user1

# id user1 uid=1003(user1) gid=1003(admin) groups=1003(admin)

2. Create a new user and add to existing supplementary group

We want to create a new user and add him/her to supplementary group (please NOTE, we will add the user to supplementary group and not the primary group here)

I have below list of groups on my Linux server

# egrep 'admin|devops|qa_team' /etc/group admin:x:1003: devops:x:1004: qa_team:x:1005:

I will create a new user » user2 » and add this user to all these supplementary groups using useradd -G ,,..

# useradd -G admin,devops,qa_team user2

Verify the supplementary groups.

Please NOTE that since we did not specified primary group using -g , a new group user2 is created and assigned as primary group to the user

# id user2 uid=1003(user2) gid=1006(user2) groups=1006(user2),1003(admin),1004(devops),1005(qa_team)

3. Create a new user and add to existing primary and supplementary group

Now we will combine both the above arguments i.e. -g to add primary_group and -G to add supplementary_group
In this example i will create user3 with primary_group as admin and with supplementary_group of devops and qa_team

# useradd -g admin -G devops,qa_team user3

Verify the new user group details

# id user3 uid=1003(user3) gid=1003(admin) groups=1003(admin),1004(devops),1005(qa_team)

4. Change primary group of existing user

I have a user who is currently added to his own primary group

# id user4 uid=1004(user4) gid=1006(user4) groups=1006(user4)

I will change the primary group of this user to admin using usermod

Verify the new primary group for user4

# id user4 uid=1004(user4) gid=1003(admin) groups=1003(admin)

5. Add user to Group (Supplementary or Secondary) using usermod

• To add user to group we can use use usermod or gpasswd command
• We can add user to supplementary groups only
• In this example I will add user4 to devops supplementary group

Syntax to add user to group: usermod -G

# id user4 uid=1004(user4) gid=1003(admin) groups=1003(admin),1004(devops)

6. Add user to multiple groups (Supplementary or Secondary) using usermod

We can also add user to multiple supplementary groups using syntax usermod -G ,,..
In this example I will add user4 to multiple supplementary groups ( devops and qa_team )

# usermod -G devops,qa_team user4

# id user4 uid=1004(user4) gid=1003(admin) groups=1003(admin),1004(devops),1005(qa_team)

7. Add user to Group (Supplementary or Secondary) using gpasswd

• Similar to usermod we can also user gpasswd to add user to group
• The syntax to add user to group is gpasswd -M

In this example I will add user4 to devops as supplementary group

# id user4 uid=1004(user4) gid=1006(user4) groups=1006(user4),1004(devops)

Alternatively you can also user gpasswd -a

In this example I will add user4 to qa_team as supplementary group

# gpasswd -a user4 qa_team Adding user user4 to group qa_team

# id user4 uid=1004(user4) gid=1006(user4) groups=1006(user4),1005(qa_team)

8. Add multiple users to same group

We need to user gpasswd to add multiple users to same group
Currently I already have admin group which does not contain any users at the moment

# egrep admin /etc/group admin:x:1003:

The syntax to add multiple users to single group would be gpasswd -M ,,..

In this example I will add my existing users i.e. user1 , user2 and user3 to admin as supplementary group

# gpasswd -M user1,user2,user3 admin

Verify the admin group details

# egrep admin /etc/group admin:x:1003:user1,user2,user3

9. Remove user from Group (Supplementary or Secondary)

Currently my user4 is part of three different supplementary groups

# id user4 uid=1004(user4) gid=1006(user4) groups=1006(user4),1003(admin),1004(devops),1005(qa_team)

gpasswd is the best tool to remove user4 from qa_team group

# gpasswd -d user4 qa_team Removing user user4 from group qa_team

We can also use usermod command to remove user from group. The problem with usermod is that you must define the complete list of supplementary group which the user is part of and only remove the group which you wat to remove the user from.

For example, my user4 is part of devops , admin and qa_team . So to remove user4 from qa_team we will re-add user to group devops and admin (not to qa_team )

# usermod -G devops,admin user4

# id user4 uid=1004(user4) gid=1006(user4) groups=1006(user4),1003(admin),1004(devops)

I would recommend using gpasswd to remove user from group

10. Remove multiple users from supplementary group

There is no single command to remove multiple users from single group but we can use a small script
Currently I have admin which has three users

# egrep admin /etc/group admin:x:1003:user1,user2,user3

I will write a small script to remove all the 3 users from admin group

11. Remove user from all Groups (Supplementary or Secondary)

• We can use gpasswd to remove user from group
• But if a user is part of multiple groups then you need to execute gpasswd multiple times
• Or write a script to remove user from all the supplementary groups
• Alternatively we can use usermod -G «»

Currently my user4 is part of multiple supplementary groups

# groups user4 user4 : user4 admin devops qa_team

To remove user from all supplementary groups, use:

# id user4 uid=1004(user4) gid=1006(user4) groups=1006(user4)

# groups user4 user4 : user4

Lastly I hope the steps from the article to add user to group, remove user from group and difference between primary group and supplementary group on Linux was helpful. So, let me know your suggestions and feedback using the comment section.

Didn’t find what you were looking for? Perform a quick search across GoLinuxCloud

If my articles on GoLinuxCloud has helped you, kindly consider buying me a coffee as a token of appreciation.

For any other feedbacks or questions you can either use the comments section or contact me form.

Thank You for your support!!

Источник

How to Add Users to a Group in Linux

Groups are the bread and butter of a Linux system. These are special lists that allow you to group multiple users into different categories. Along with securing your system’s application privileges, it allows you to finely control how each account in the system can access and share its files and folders.

This article shows how you can use the groups utility to add and modify existing groups in Linux. Further, it will also highlight how the Linux permissions system works in conjunction with the groups system.

Content

How Do Groups and Permissions Work?

At its core, a Linux group is a collection of users that share the same permissions and privileges for a specific file or program. Every file in the system has a set of ownership and permission bits. One of the easiest ways to find this is to run ls -l on your home directory.

That will list all the visible files and folders in the directory along with their ownership and permission bits. For the most part, the general format for this looks like:

-rwxrwxr-x 1 ramces maketecheasier 8.7k Oct 24 20:39 hello.txt

The first, third and fourth columns show both the permission and ownership bits of the current file. For example, the “rwxrwxr-x” valuetells the system that everyone can read this file, but only the user “ramces” and group “maketecheasier” can write to it.

These two bits work hand in hand to create a finely tuned access control system in Linux. The permission bits tell the system how a file can be used by the users and groups in the ownership bits.

Viewing the Group Memberships for a User in Linux

The first step to modify a group in Linux is to know which are available to a user to give you an idea of the active groups in the system.

Running the following command will list all the available groups for the current user:

Viewing the Available Groups in the System

Along with looking at user-specific groups, it is also possible to list every group in the system by running the following command:

This will print the entire “/etc/group” file in your terminal screen. Scroll through the file by pressing J or K .

By default, “/etc/group” is a colon-delimited file that contains both user and system-specific groups. Each line in thie file represents a currently active group in the machine.

The general format for each line looks like:

group-name:password:GID:users

• The group-name is the label for the group. In most cases, system groups start with an underscore to differentiate them from regular groups.
• The password is an optional field to create secure groups, which is useful if you are sharing the system with multiple people.
• GID is the Group ID for that particular group.
• Lastly, the users field is a comma-separated list that contains all the users that are part of that group.

Note: even if you are not in the root group, you can still open files as root. Learn how to do that.

Creating a New Group in Linux

To create a new group in Linux, use the groupadd command. Unlike id , this is a utility that only deals with group creation.

For example, I can run the following command to create a new group with the name “test.”

Creating a New User With a New Group

It is also possible to create both a new user and group in a single command, which is useful when you are setting up a shell scripting account with predetermined permissions.

To do this, run the following command:

sudo useradd -m -G maketecheasier -s /bin/bash test

• The – m flag tells useradd to create the new user’s home directory, as, by default, Linux does not create a home directory for the “test” user.
• The -G flag tells useradd to create and add the “test” user to the “maketecheasier” group.
• The -s flag sets the default login shell for the “test” user. In my case, I am telling the useradd utility to set the login shell for the “test” user to Bash.

Adding an Existing User to a New Group in Linux

Along with creating a group and its user, you can also add existing users to a group by running the following command:

sudo usermod -aG maketecheasier user

Adding Multiple Users to a New Group

Lastly, it is also possible to include multiple users to your new group. To do this, run the following command:

sudo gpasswd -M ramces,test maketecheasier

This will set the member roster for the “maketecheasier” group to include both “ramces” and “test.” However, it is important to note that the -M flag always replaces the users value in the “/etc/group” file.

Appending new users to your group will also require you to include the users that are already in the group. For example, running the following command will append both “alice” and “bob” to the “maketecheasier” group:

sudo gpasswd -M ramces,test,alice,bob maketecheasier

Frequently Asked Questions

Is it possible to edit the /etc/group file to modify a group in Linux?

While it is possible to modify the “/etc/group” file, it can potentially ruin the file’s internal format, leading to systems with non-functional groups and missing permissions. As such, it is not a good practice to edit the “/etc/group” file directly.

My new group does not show up on my user’s group list. Is my machine broken?

No! By default, the Linux groups system does not apply any changes that you make to online users. This approach protects these users from any sudden system changes that may prevent them from accessing a file or program.

To update your user’s group list, either log out from the current session or restart the entire machine.

Image credit: Unsplash. All alterations and screenshots by Ramces Red.

Ramces is a technology writer that lived with computers all his life. A prolific reader and a student of Anthropology, he is an eccentric character that writes articles about Linux and anything *nix.

Our latest tutorials delivered straight to your inbox

Источник