Linux Groups are the collection of some Linux users. As above the user, it gives common permissions to the user. Different users which belong to a group has same group permissions. So how can we manage different Linux groups? How to add a new group in Linux? How to assign a user to a group? How to list existing Linux groups? In this lesson of Linux Course, we will answer these questions one by one.
Before going deeply on groups, let’s start with the types of groups. There are two types of groups in Linux. These are:
Primary Groups is the group which is assigned to the user created files. Every user must have a primary group and this is generally the group which has the same name with user. For example, is your user is john, then your primary group is john also. But this can be changed. Primary groups are stored in /etc/passwd file like users.
Secondary group is the groups that are different than the primary group. There can be multiple secondary groups of a user. Or a user can have no secondary group. Secondary groups are stored in /etc/group file.
Table of Contents
To create a Linux group, we will use groupadd command. With this command, we will add a new group to Linux system. We can use this command with the name of the group to create a group. Here, we will add ipciscoLinux and ipciscoLinuxxx groups.
Let’s list last five groups of all the groups with tail command. We will see our new two groups, ipciscoLinux and ipciscoLinuxxx.
We can remove a linux group from the system with groupdel command. To delete a group, we will use groupdel command with the name of the group.
Let’s delete one of the groups above. We will delete ipciscoLinuxxx group.
And let’s list last five groups of all the groups with tail command.
In Linux, to add a group to a user, we will use linux usermod command. With linux usermod command, we can add primary and secondary groups to a user. We can add one primary group as we have mentined above and multiple secondary groups separated with commas after this command. Here, the key point is using -g and -G options. -g option is used to assign a primary group to a user and -G is used to assign secondary groups to a user.
Let’s first see a user’s groups. To do this, we will use groups command with the username.
Here, gokhan’s primary group is also gokhan as you can see below:
Now, let’s change it with ipcisco. And after this command, new primary group will be ipcisco and group gokhan will be removed under user gokhan.
As you can see, user gokhan has one primary and two secondary groups. Now, let’s add another secondary group to this user. And this new secondary group is ipciscoLinux. Here, there is two points, one of them is using -a option for adding this group, not override other secondary groups. And the other is using capital G (-G) option to add secondary group. If we do not use -a option, we have to add all the secondary groups with the new one. This is not feasible.
This command will add user gokhan also under ipciscoLinux group, withour removing other secondary groups.
We can use both -g and -G options to change primary and secondary groups of a user together.
Let’s use usermod -G command without -a and see what happens.
As you can see bellow, all secondary groups are removed, because we override new secondary group over others.
Now, let’s add our secondary groups again and see how to add multiple secondary groups.
As we have mentioned above, primary groups are stored in /etc/passwd file and secondary groups are stored in /etc/group file. With cat, less or tail commands, we can open these files and list linux groups.
Linux groups command is an important command for group listing in Linux. With this command, we can list current user’s groups or a specific user’s groups. So, how can we use Linux groups command?
If we use groups command without any option, it shows the current user’s groups.
If we use groups command with a specific user, then it gives the users with its groups only. This is listing groups of a user.
Linux getent command is another way to list all Linux groups. To do this, we will use getent command like below:
If you would like to list only the names of the groups, then you can use the below commands:
We can list linux groupsn with also compgen command. We can use compgen command with -g option to list groups.
To check only latest created groups, we can use this command with tail command. This is more practical. You can find an example below.
To list the members of a group, we will use getent command with the name of the group. For example, if we would like to list the users under ipciscoNetwork group, we will use the below command:
As you can see here, gokhan and arwen are in the IPCiscoNetwork group.