In Linux, groups are collections of users. Creating and managing groups is one of the simplest ways to deal with multiple users simultaneously, especially when dealing with permissions. The /etc/group file stores group information and is the default configuration file.
[ Keep your most commonly used commands handy with the Linux commands cheat sheet. ]
Linux admins use groups to assign access to files and other resources. Every group has a unique ID listed in the /etc/group file, along with the group name and members. The first groups listed in this file are system groups because the distribution maintainers preconfigure them for system activities.
Each user may belong to one primary group and any number of secondary groups. When you create a user on Linux using the useradd command, a group with the same name as the username is also created, and the user is added as the group's sole member. This group is the user's primary group.
Create and modify groups
To add a group in Linux, use the groupadd command:
$ sudo groupadd demo
When a group is created, a unique group ID gets assigned to that group. You can verify that the group appears (and see its group ID) by looking in the /etc/group file.
If you want to create a group with a specific group ID (GID), use the --gid or -g option:
$ sudo groupadd -g 1009 demo1
If group ID 1009 is already allocated to another group, you're alerted that the GID is unavailable and the operation aborts. Rerun it with a different group ID number:
$ sudo groupadd -g 1010 demo1
[ No-cost online course: Red Hat Enterprise Linux technical overview. ]
Change the group ID
You can change the group ID of any group with the groupmod command and the --gid or -g option:
$ sudo groupmod -g 1011 demo1
Rename a group
You can rename a group using groupmod with the --new-name or -n option:
$ sudo groupmod -n test demo1
Verify all these changes from the /etc/group file.
Add and remove users from a group
Suppose you have existing users named user1 and user2, and you want to add them to the demo group. Use the usermod command with the --append --groups options (-a and -G for short):
$ sudo usermod --append --groups demo user1
$ sudo usermod -aG demo user2
Look in the /etc/group file or use the id command to confirm your changes:
$ id user1
uid=1005(user1) gid=1005(user1) groups=100(users),1009(demo)
To remove a specific user from a group, you can use the gpasswd command to modify group information:
$ sudo gpasswd --delete user1 demo
Alternatively, manually edit the /etc/group file and remove the user from any number of groups.
Delete a group
When a group is no longer needed, you delete it by using the groupdel command:
$ sudo groupdel demo
Use groups
Groups are a useful way of classifying users. They are an essential part of the Linux permission structure and a powerful and straightforward way to manage file access on your system.
[ Want to test your sysadmin skills? Take a skills assessment today. ]
