Linux Group Management Explained with Examples

A group is a collection of user accounts that perform identical functions and require similar authorization and authentication on the file system. Linux group management includes creating, updating, managing, and removing groups.

On Linux, there are two types of groups: primary and secondary. The following table lists the differences between both groups.

Group management files

Linux saves group-related information in the following files. Each line in the following file represents an account or group.

Adding/creating groups

The groupadd command adds a new group. It uses the following syntax.

#groupadd [group name]

It adds a new entry at the end of the /etc/group file. The entry contains the group name, ID, and members' name. By default, it does not add any user account to the group.

Example

• Add a new group.
• Check the /etc/group and verify the group.

Creating and managing primary groups

A primary group is the user's private group. When we add a new user account, Linux makes a new group and adds the user account. It chooses the new group's name, which is the same as the user's username. For example, if the username is XYZ, the name of its primary group will also be XYZ.

The useradd command adds a new user account. It uses the following syntax.

#useradd [username]

Example

• Add a new user account.
• List the user account's entry from the /etc/passwd file.
• Note down the GID.
• List the entry containing the noted GID.
• Check the group name of the entry.
• Verify the user's primary group's name and the username are the same.

The -g option with the useradd command allows us to customize the user's primary group. If we use this option, the useradd command configures the specified group as the user's primary group. The selected group must exist. First, we create the desired group, then create the user account and specify the created group as the argument with the -g option.

Example

• Add a group named RedHat.
• Create a new user account named abc.
• Configure RedHat as the primary group for the user abc.
• Check the /etc/passwd and the /etc/group file.
• Verify the user gets the custom primary group.

Creating and managing secondary groups

Secondary groups are optional. We create them to fulfil specific requirements. For example, ten users need access to particular resources. We can configure the file permission to allow each user. But it will require ten times configuration, one time for each user. Alternatively, we can make a group of all ten users and configure the file permission to allow access to the group. All group member receives the group permission.

Example

• Add a group named developer.
• Add five user accounts and add them to the developer group.
• Verify group members

Changing group name

The groupmod command allows us to change the group properties. It uses the following syntax.

#groupmod [option] [group name]

The -n option changes the group name.

Example

• Change the previously created group's name to software
• Verify the new group name

Changing group ID

Linux automatically assigns an incremental group ID to the new group. The -g option changes the group ID.

Example

Change the default group ID of the previously created group to 2000.

Deleting a group

The groupdel command deletes the group. It uses the following syntax.

#groupdel [group name]

This command deletes only the group entry from the configuration files. Any file or directory created by a group member will remain intact.

Example

• Delete the software group.
• Verify the delete operation.

Conclusion

Creating and managing is an essential task. The groupadd command adds a new group. The groupmod command updates group properties. The groupdel command deletes a group.