- How to add existing user to an existing group?
- 8 Answers 8
- Explanation:
- 10 practical examples to add or remove user from group in Linux
- 1. Create a new user and add to existing primary group
- 2. Create a new user and add to existing supplementary group
- 3. Create a new user and add to existing primary and supplementary group
- 4. Change primary group of existing user
- 5. Add user to Group (Supplementary or Secondary) using usermod
- 6. Add user to multiple groups (Supplementary or Secondary) using usermod
- 7. Add user to Group (Supplementary or Secondary) using gpasswd
- 8. Add multiple users to same group
- 9. Remove user from Group (Supplementary or Secondary)
- 10. Remove multiple users from supplementary group
- 11. Remove user from all Groups (Supplementary or Secondary)
How to add existing user to an existing group?
I want to add the Apache user ( www-data ) to the audio group. I’ve read the man page for useradd , but I’m not having any luck. I’m running xubuntu 11.10. Here’s what I’m doing:
$ sudo useradd -G audio www-data useradd: user 'www-data' already exists $ sudo useradd audio www-data Usage: useradd [options] LOGIN Options: -b, --base-dir BASE_DIR base directory for the home directory. 8 Answers 8
The useradd command will try to add a new user. Since your user already exists this is not what you want.
Instead: To modify an existing user, like adding that user to a new group, use the usermod command.
sudo usermod -a -G groupName userName - The -a (append) switch is essential. Otherwise, the user will be removed from any groups, not in the list.
- The -G switch takes a (comma-separated) list of additional groups to assign the user to.
In general (for the GUI, or for already running processes, etc.), the user will need to log out and log back in to see their new group added. For the current shell session, you can use newgrp :
sudo usermod -a -G [group-name] [user-name] : Just a quickie for those who only glance at the answer after reading the headline
I think the preferred way now is sudo adduser user group . It is simpler and cleaner syntax. See the response from @Bai.
Is there a way to get around the «logout and back in» part? Some type of update-groups command, maybe?
@con-f-use, if you can run sudo login -f YOURUSERNAME , it will start a new shell session. Use the id command to verify that the new session is in the correct set of groups. However, this isn’t «global» — it doesn’t apply to terminals that are already open. So, really, logging out is the best option, where possible
You can use the newgrp [group-name] command to add a new group to the user of the current session without logging out and in again. Only the current session will be affected though.
Removing a user from a group:
@Tejendra’s comment seems to presuppose that using useradd is desirable/mandatory to answer OP’s question; Perhaps this answer is just missing words to indicate that adduser/deluser is a better alternative.
After adding to a existing user:
You may need to logout and login to get the groups permissions from /etc/group .
FYI: I think the id command should indicate you were added to the group without needing to exit. id myuser
sudo gpasswd -a myuser mygroup I’m posting this as an answer because I don’t have enough reputation to comment. As @dpendolino’s mentioned, for the effects of this command to persist:
sudo usermod -a -G groupName userName
. you need to logout/login again.
However, if you need a shortcut to start using your new group membership immediately (and you have the correct sudo privileges) I have found this work-around:
$ sudo su - # su [userName] $ groups - sudo su — will give you a root shell
- su [userName] returns you to a shell with your user
- groups when run now will show the group you added with the usermod -aG command
In my case I was trying to add the ‘docker’ group to my user
$ groups userName adm cdrom sudo dip plugdev lpadmin sambashare wireshark lxd $ groups userName adm cdrom sudo dip plugdev lpadmin sambashare wireshark lxd docker Another option to apply the group membership is sudo login -f
sudo usermod -a -G groupName userName will work just fine, but I had to reboot entirely, just log out and log in again did not do the job.
On Ubuntu, since logging in as root is not enabled, users in the sudo group can elevate privileges for certain restricted commands. Any restricted command must be prepended with sudo to elevate privilege.
sudo usermod -a -G group userwill add the existing user user to a supplemental group named group . The user’s primary group will remain unchanged.
To permanantely add a user to a group, run this command:
Then log out and log in again (or reboot if necessary).
Explanation:
The usermod command will modify the /etc/group file to list the specified username in the line relevant to that group. If you run grep /etc/group , you should see your username in the output.
In Linux, every process is assigned to a user and groups, and any child processes inherit the user and groups of the parent process. So, for this change to take effect and propogate, you need to log out and log in again (at which point /etc/group is read and used). On Wayland, I’ve found that a full reboot is necessary.
If you run the command groups , you can see if the current process has the expected groups or not.
10 practical examples to add or remove user from group in Linux
1. Create a new user and add to existing primary group
- By default when we create a new user, a new primary group is created by the same name as of the user.
- But we can also use useradd to create a user and add this user to any existing group
- So this group will not become the primary group of your new user
In this example I will create a new group » admin «
# getent group admin admin:x:1003: Next I will create a new user » user1 » and add this user to » admin » group using useradd -g
Verify the primary group of user1
# id user1 uid=1003(user1) gid=1003(admin) groups=1003(admin) 2. Create a new user and add to existing supplementary group
We want to create a new user and add him/her to supplementary group (please NOTE, we will add the user to supplementary group and not the primary group here)
I have below list of groups on my Linux server
# egrep 'admin|devops|qa_team' /etc/group admin:x:1003: devops:x:1004: qa_team:x:1005:
I will create a new user » user2 » and add this user to all these supplementary groups using useradd -G ,,..
# useradd -G admin,devops,qa_team user2
Verify the supplementary groups.
Please NOTE that since we did not specified primary group using -g , a new group user2 is created and assigned as primary group to the user
# id user2 uid=1003(user2) gid=1006(user2) groups=1006(user2),1003(admin),1004(devops),1005(qa_team) 3. Create a new user and add to existing primary and supplementary group
Now we will combine both the above arguments i.e. -g to add primary_group and -G to add supplementary_group
In this example i will create user3 with primary_group as admin and with supplementary_group of devops and qa_team
# useradd -g admin -G devops,qa_team user3
Verify the new user group details
# id user3 uid=1003(user3) gid=1003(admin) groups=1003(admin),1004(devops),1005(qa_team)
4. Change primary group of existing user
I have a user who is currently added to his own primary group
# id user4 uid=1004(user4) gid=1006(user4) groups=1006(user4) I will change the primary group of this user to admin using usermod
Verify the new primary group for user4
# id user4 uid=1004(user4) gid=1003(admin) groups=1003(admin) 5. Add user to Group (Supplementary or Secondary) using usermod
- To add user to group we can use use usermod or gpasswd command
- We can add user to supplementary groups only
- In this example I will add user4 to devops supplementary group
Syntax to add user to group: usermod -G
# id user4 uid=1004(user4) gid=1003(admin) groups=1003(admin),1004(devops) 6. Add user to multiple groups (Supplementary or Secondary) using usermod
We can also add user to multiple supplementary groups using syntax usermod -G ,,..
In this example I will add user4 to multiple supplementary groups ( devops and qa_team )
# usermod -G devops,qa_team user4
# id user4 uid=1004(user4) gid=1003(admin) groups=1003(admin),1004(devops),1005(qa_team)
7. Add user to Group (Supplementary or Secondary) using gpasswd
- Similar to usermod we can also user gpasswd to add user to group
- The syntax to add user to group is gpasswd -M
In this example I will add user4 to devops as supplementary group
# id user4 uid=1004(user4) gid=1006(user4) groups=1006(user4),1004(devops) Alternatively you can also user gpasswd -a
In this example I will add user4 to qa_team as supplementary group
# gpasswd -a user4 qa_team Adding user user4 to group qa_team
# id user4 uid=1004(user4) gid=1006(user4) groups=1006(user4),1005(qa_team) 8. Add multiple users to same group
We need to user gpasswd to add multiple users to same group
Currently I already have admin group which does not contain any users at the moment
# egrep admin /etc/group admin:x:1003: The syntax to add multiple users to single group would be gpasswd -M ,,..
In this example I will add my existing users i.e. user1 , user2 and user3 to admin as supplementary group
# gpasswd -M user1,user2,user3 admin
Verify the admin group details
# egrep admin /etc/group admin:x:1003:user1,user2,user3 9. Remove user from Group (Supplementary or Secondary)
Currently my user4 is part of three different supplementary groups
# id user4 uid=1004(user4) gid=1006(user4) groups=1006(user4),1003(admin),1004(devops),1005(qa_team)
gpasswd is the best tool to remove user4 from qa_team group
# gpasswd -d user4 qa_team Removing user user4 from group qa_team
We can also use usermod command to remove user from group. The problem with usermod is that you must define the complete list of supplementary group which the user is part of and only remove the group which you wat to remove the user from.
For example, my user4 is part of devops , admin and qa_team . So to remove user4 from qa_team we will re-add user to group devops and admin (not to qa_team )
# usermod -G devops,admin user4
# id user4 uid=1004(user4) gid=1006(user4) groups=1006(user4),1003(admin),1004(devops)
I would recommend using gpasswd to remove user from group
10. Remove multiple users from supplementary group
There is no single command to remove multiple users from single group but we can use a small script
Currently I have admin which has three users
# egrep admin /etc/group admin:x:1003:user1,user2,user3 I will write a small script to remove all the 3 users from admin group
11. Remove user from all Groups (Supplementary or Secondary)
- We can use gpasswd to remove user from group
- But if a user is part of multiple groups then you need to execute gpasswd multiple times
- Or write a script to remove user from all the supplementary groups
- Alternatively we can use usermod -G «»
Currently my user4 is part of multiple supplementary groups
# groups user4 user4 : user4 admin devops qa_team To remove user from all supplementary groups, use:
# id user4 uid=1004(user4) gid=1006(user4) groups=1006(user4)
# groups user4 user4 : user4
Lastly I hope the steps from the article to add user to group, remove user from group and difference between primary group and supplementary group on Linux was helpful. So, let me know your suggestions and feedback using the comment section.
Didn’t find what you were looking for? Perform a quick search across GoLinuxCloud
If my articles on GoLinuxCloud has helped you, kindly consider buying me a coffee as a token of appreciation.
For any other feedbacks or questions you can either use the comments section or contact me form.
Thank You for your support!!