Linux Add User to Group
Linux allows us to add users to a specific user group. A user account can be added to more than one group. For example, the users that have sudo rights can access the sudo commands to gain related permission. Moreover, we can configure the file permission and other rights to a group.
Adding a user to a group is a straight forward process, all we need to execute the appropriate command. We will walk through all the scenarios related to user and group, such as how to add, delete, remove users to a group. Moreover, we will also learn how to list groups. First, understand the Linux groups:
Linux groups are the community of the users that have the right to administrate and organize the users and file permission in a Linux system. The main motive of creating a group is to define the set of permissions such as read and write permission or allowing the shared resources of groups.
Types of Linux Groups
In Linux-based system, there are two types of groups, which are:
Primary group: When we create a file through a specific user account, by default, the filegroup is set to the user's primary group. It will provide the same name as the file user group as the user account name. The primary group stores the user information in /etc/passwd file.
Secondary or supplementary group: The main motive to create a secondary group
is to allow the specific permission to limited users. For example, if we want to add any user to the sudo group, the added user will inherit the sudo rights, and be able to run the sudo commands. If we add a user to the docker group, then it will inherit the properties of the docker group and be able to run the docker commands.
A user can be added to precisely one primary group. It is not necessary to add a user to a secondary group, so a user can be added to zero or more secondary groups.
Note: Only the root user has the right to add a user to a group.
Add a Group
To create a new user group on a Linux system, execute the groupadd command, followed by the group name. You will need the sudo access to gain the elevated permissions. Execute the command as follows:
The above command will ask for the system administrative password, type the password. Consider the below output:
How to add a user to a Group
Adding users to a group is a straight forward process. We can add users to a group by using usermod command. To add a user to a group, execute this command, followed by the group name and user name. The group name is the name of a group in which you want to add a particular user.
let's create two users, user1 and user2, execute the command as follows:
The above command will add the two users called user1 and user2. Consider the below output:
To add the user to a group, execute the following command:
The above command will add the user1 to jtpGroup. Consider the below output:
The -a option used to append the group; it is recommended to use this option when adding a new user to a group. If you do not use the -a option, the user will be removed from any group not specified after -G option.
If the usermod command executes successfully, it will not display any output, but in case of failure, it will post warning messages such as user or group does not exist.
Add a user to multiple groups
Linux system allows us to add a user to various groups. However, a user only can be added to one primary group, but it can be added to any number of the secondary group.
To assign a user to a secondary group, use the usermod command, followed by group names ( separate them by a comma) and user name.
let's create secondary groups named JtpGroup2 and JtpGroup3:
Now, add the user1 ( which is already added to JtpGroup, so its primary group is JtpGroup) to the secondary group jtpGroup2, JtpGroup3. Execute the below command.
The above command will add the user1 to JtpGroup2 and JtpGroup3 without removing it from JtpGroup. Consider the below output:
we can specify any numbers of groups, specify them by a comma after the primary group.
List the Groups in Linux
Many groups exist in Linux; these groups can be user-defined as well as pre-defined. We can list all the available groups by using getent command.
To list all the available groups in the Linux system, execute the command as follows:
The above command will display a large list of pre-defined and user-defined groups. Consider the below snap of the output:
The above snap of the output is taken from the last. At the starting of the output, there is an extensive list of pre-defined groups.
Remove a User from Group
The Linux system allows us to remove a user from a group. To remove a user from a group, execute the gpasswd command with -d option followed by group name and user name. Consider the below command:
The above command will remove the user from the JtpGroup. Consider the below output:
This group will be assigned a new group configuration at the next login. If the user is logged in, the changes cannot be seen immediately.
Change a User's Primary Group
A user can be added to more than one group. In such scenarios, there will be only one primary group, and the others will be secondary groups. The access permission of files will be assigned to the primary group. Sometimes we may need to change the primary group; it can be changed by using the usermod command.
To change the user's primary group, execute the usermod command as follows:
Consider the below output:
The above command will remove the user1 from JtpGroup and add it to JtpGroup2. The -g option is used to assign a user to a primary group, and -G option is used to assign a user to a secondary group.