One of system administrator's job is to manage groups in Linux system. Manage groups task including create new group, assign users to group, remove users from group, delete group and manage group's permission. In this tutorial, we are going to look at some commands needed to manage groups in Linux system.

Linux groupadd command

The groupadd command is used to create a new group in the linux system. Here is a basic information in the groupadd manual page.

NAME
       groupadd - create a new group

SYNOPSIS
       groupadd [-g GID [-o]] [-f] [-K KEY=VALUE] group

DESCRIPTION
       The groupadd command creates a new group account using the values
       specified on the command line plus the default values from the system.
       The new group will be entered into the system files as needed.
     

From the synopsis above, the basic groupadd format can be as simple as groupadd <new group>. To create a new group, you must be root. Here is an example of how to create a new group using groupadd command:

In slackware, switch to root user to run the command:

     root@slackware:~$ groupadd technical      
     

In Ubuntu, you must add sudo to run the command as root:

     luzar@ubuntu:~$  sudo groupadd technical      
     

The groupadd command creates a new group account using the values specified on the command line and the default values from the system. The new group will be entered into the system files as needed.

All groups can be found in /etc/group file. To view /etc/group, type less /etc/group. The command is the same for Slackware and Ubuntu:

     bill@slackware:~$ less /etc/group
     

Linux groups command

Here is a part of groups command information in the manual page:

NAME
       groups - print the groups a user is in

SYNOPSIS
       groups [OPTION]... [USERNAME]...

DESCRIPTION
       --help display this help and exit

       --version
              output version information and exit

       Same as id -Gn.  If no USERNAME, use current process.
     

Type 'groups' without any option will display the current user's group name. Here are examples of Linux groups command:

Example 1 - Linux groups command with no options.

       bill@slackware:~$ groups 
       users   floppy   audio   video   cdrom 
       

luzar@ubuntu:~$ groups aura
aura
luzar@ubuntu:~$ groups luzar
luzar adm dialout cdrom floppy audio dip video plugdev fuse lpadmin admin
luzar@ubuntu:~$
       

If we mention a username after the groups command, it will display user's initial group.

Add user to a new group

We can use Linux usermod command to add user to a new group. Here is an example of how to do it in Ubuntu:

luzar@ubuntu:~$ sudo groups aura
[sudo] password for luzar:
aura
luzar@ubuntu:~$ sudo usermod -G techdept aura
luzar@ubuntu:~$ sudo groups aura
aura techdept
luzar@ubuntu:~$
     

Here are the explanation of the above commands. First we used groups username command to view current user's group. Then we use usermod (options) new_group username to add a user to a new group. Finally, we can check user's group again with the groups command.

The steps are the same for Slackware, except you must be root and you don't need sudo command. For more information on usermod command, check the Linux usermod command tutorial.

Linux newgrp command

The newgrp command is used to change the current group ID during a login session. Here is an information about newgrp command from the manual page:

NAME
       newgrp - log in to a new group

SYNOPSIS
       newgrp [-] [group]

DESCRIPTION
       The newgrp command is used to change the current group ID during a
       login session. If the optional - flag is given, the user´s environment
       will be reinitialized as though the user had logged in, otherwise the
       current environment, including current working directory, remains
       unchanged.
       

The current user's primary group is aura. Now we are going to change the primary group to the new group called techdept with newgrp command:

aura@ubuntu:~$ groups
aura techdept
aura@ubuntu:~$ newgrp techdept
aura@ubuntu:~$ groups
techdept aura
aura@ubuntu:~$
       

The newgrp changes the current group to the named group, or to the default group listed in /etc/passwd if no group name is given. The user will be prompted for a password if she does not have a password and the group does, or if the user is not listed as a member and the group has a password. The user will be denied access if the group password is empty and the user is not listed as a member.

Linux groupdel command

The last command you need to know to manage groups is the groupdel. Let's see some basic information about groupdel command in the manual:

NAME
       groupdel - delete a group

SYNOPSIS
       groupdel group

DESCRIPTION
       The groupdel command modifies the system account files, deleting all
       entries that refer to group. The named group must exist.

       You must manually check all file systems to insure that no files remain
       with the named group as the file group ID.

CAVEATS
       You may not remove the primary group of any existing user. You must
       remove the user before you remove the group.

Example of groupdel command.

Check whether the group is a primary group for any user:

luzar@ubuntu:~$ less /etc/group
luzar:x:1000:
admin:x:120:luzar
aura:x:1001:
jimi:x:1002:
alex:x:1003:
itdept:x:1004:
techdept:x:1005:aura

The user aura is in the techdept group. You can check whether it's a primary group for aura using groups command:

luzar@ubuntu:~$ groups aura
aura techdept

When it's confirm that the group you are going to delete is not a primary group for any user, you can safely remove it with groupdel command. See example below:

luzar@ubuntu:~$ sudo groupdel techdept
[sudo] password for luzar:
luzar@ubuntu:~$ cat /etc/group
luzar:x:1000:
admin:x:120:luzar
aura:x:1001:
jimi:x:1002:
alex:x:1003:
itdept:x:1004:

The techdept group has been removed.

Back to Linux basic commands main page.