How to Manage User Groups With Groupadd on Linux (original) (raw)

User management is pretty straightforward if you're running Linux on your personal computer. But, for those who have a server with thousands of users, management becomes a serious issue that should be taken care of.

Luckily, Linux-based operating systems provide you with a way to control and manage users on your system. You can create groups and add users to them. Then, instead of assigning permissions to every user on the system, you can easily authorize user groups by providing them with privileges associated with the system workflow.

Create User Groups on Linux

Linux comes with a default command for creating user groups. You can use the groupadd command in order to add new groups to your system. The basic syntax of the command is:

    `groupadd [options] groupname`

To create a new user group 'writers':

    `groupadd writers`

Running the above-mentioned command will add a new entry to the /etc/group and /etc/gshadow files on your system. You can check the new group entry in the files by typing cat /etc/group and cat /etc/gshadow in your terminal.

Note that only users with administrative permissions can create user groups. Do not forget to switch to superuser before executing the groupadd command.

If you try to create a group with a name that already exists, you will see an error that states:

    `groupadd: group 'writers' already exists`

However, you can dismiss the error by using the -f or --force flag with the command.

    `groupadd --force writers  

groupadd -f writers`

Create User Groups With Unique GID

When you create a new user group, the system automatically assigns it a Group ID or GID. If you want your group to have a specific group ID, you can do that using the -g or --gid flag.

    `groupadd -g 600 writers  

groupadd --gid 600 writers`

If you try to assign a group ID that's already taken, the following error will occur.

    `groupadd: GID '600' already exists`

Although it is not recommended but you can add the -o or --non-unique flag to forcibly assign the group ID.

    `groupadd -o -g 600 writers`

Create User Groups With a Password

Although you can add a password to your groups, they are of no practical use to a user. The -p flag allows you to specify a password for your user group.

    `groupadd -p secretpassword writers`

Create System Groups in Linux

There is a slight difference between system groups and regular groups. System groups are special groups that include the users who are responsible for performing system operations such as backup and maintenance.

Use the -r or --system flag to create a system group on Linux:

    `groupadd -r hardwareteam  

groupadd --system hardwareteam`

Get List of Members in a User Group

To know how many members are part of a specific group, you can use the getent command from your terminal. The following command will display a list of all the members present in the 'writers' group:

    `getent group writers`

Add Users to Groups

Now that you have created a user group on your system, it is time to add some users to it. Usermod is a powerful command-line utility as it contains various options associated with user management and moderation. It also allows you to add users to your group easily. The basic syntax of the command is:

    `usermod [options] groupname username`

Add an Existing User to Groups

If you want to add an existing user to your group, the -a and -G flags are what you need. The -G flag stands for groups, whereas the -a stands for append, add, or addition.

    `usermod -a -G writers randomuser`

You can also add a user to multiple groups. All you have to do is enter the group names separated with comma.

    `usermod -a -G writers,admin,owner randomuser`

Add a New User to a Group

You can use the useradd command when you want to add a new user to your Linux system. Useradd provides you with a way to assign a group to the user at the time of its creation. The -G flag allows you to specify a group to the user.

    `useradd -G writers randomuser`

Adding a user to multiple groups is easy as well. Just pass the group names separated by comma character in the default command.

    `useradd -G writers,admin,owner randomuser`

Remove Users From a Group

You can also remove users from a group using usermod. Keep in mind that in a Linux system, multiple groups can be assigned to a user. One of those groups is declared as the Primary group, while others are termed as secondary groups.

If you are trying to remove a user from a group, make sure that it has at least one primary group after the removal. For example, user 'random' is a part of the groups admin, writers, and editors; where admin is the primary group, and the rest are secondary groups.

You can only remove the user from the group writers and editors. And in order to do so, you have to pass the group name that you want the user to remain a member of. This means, to remove the user 'random' from the group editors, the following command is used:

    `usermod -G writers random`

Notice that all you had to do was strip the append flag (-a) from the command you use to add a user to a group.

Delete Groups on Linux

When you do not want to keep a user group on your system anymore, you can delete the group using the groupdel command. The syntax of the command is:

    `groupdel [options] groupname`

For deleting the user group 'writers':

    `groupdel writers`

If you try to remove a group that doesn't exist, you will receive an error stating:

    `groupdel: group 'writers' does not exist`

Managing User Groups on Linux

User management can be tough if you are unaware of the Linux commands that you need to use. It becomes really easy once you know the in and out of the commands related to moderation and management.

Server administrators should try to use Linux distributions that are well-suited for their needs. This way, they will get all the tools and utilities required for server management right off the bat.