How to add user to a Group?
Changing the groups a user belongs to is a fundamental, and basic task, but not everyone is aware of how to. We will be going through this with you in this tutorial.
Linux Groups
Groups are organization units used by Linux, to organize and administer user accounts. The primary purpose of a group is to define privileges such as reading, writing, and executing permissions.
Groups are mainly of two types:
- Primary Group: When a file is created, the group specified in the
/etc/passwd file for the current user, is used as the owner group. Usually, it is a group of the same name as that of the user.
- Secondary Group: Useful when certain permissions are to be granted to set members of a group. For example, if a user is added to the
docker group, they will be able to execute docker commands now.
Each user belongs to only one primary group, but many secondary groups.
Only root or users with sudo access can edit the groups a user belongs to.
Adding an existing user to a Group
If we already have the user, and the group set up, and we want to add the user, we could use either of usermod, or gpasswd ( a safer option to avoid dangerous mistakes ). For example, we want to add the user dakksh, to the group docker, we would run
sudo usermod -a -G docker dakksh # -a represents append. Leaving out -a, will remove user from all other groups
sudo gpasswd -a dakksh docker # Add user to group docker
On success, there is no output, but an error message is displayed if the user or group does not exist.
Adding a user to multiple Groups
If we want to add a user to multiple groups, we provide a comma-separated list for the -G flag in the usermod command. Hence to add the user dakksh, to groups docker, and sambashare we run the following command
sudo usermod -a -G docker,sambashare dakksh
Removing a user from a Group
To remove a user from a group, we can run use the -d flag with the gpasswd command. Hence to remove the user dakksh from the group docker, we run
sudo gpasswd -d dakksh docker
Create a new Group
To create a new group, we run groupadd, in the following manner.
sudo groupadd groupName
Delete a Group
To delete a group, we run groupdel, in the following manner
sudo groupdel groupName
Change primary group of a user
To change the gid of a user, we use the usermod command, with the -g flag. The parameter passed to -g flag can be either a group name or a GID. Hence, to change the default group of the current user to sudo, we would do
sudo usermod -g sudo dakksh
Create a user and assign groups simultaneously
To create a user, we can use the useradd command, but we can not only create a user using this command. We can assign groups, and even specify the primary group of a user with this command. For example, we want to create a user vim assigned to the groups sudo, docker, sambashare, and having the primary group as dakksh (GID 1000), we would run the following command.
sudo useradd -g 1000 -G sudo,docker,sambashare vim
List user groups
Using id or groups we can list the user groups, both primary and secondary. id is run in the following format.
id [OPTIONS] [USER]
Running the id command alone gives uid, gid, and groups.
Using the options parameter, with either of -u, -g, or -G, combined or separate gives uid, gid, and groups respectively in their numerical form.
With the -n flag, we get the names of the numerical ids returned by id. To get groups of a specific user, we specify the username.
To get groups using the groups command, the format is the following.
groups [USER]
By default, if a user is not mentioned, id and groups both use the current user.
Conclusion
We have seen how to add a user to a secondary group or modify their primary group using the gpasswd, and the usermod commands.
Also covered is how to create a user and simultaneously assign groups, and how to list groups the user is a part of.
