Groups in Linux refer to the user groups. In Linux, there can be many users of a single system, (normal user can take uid from 1000 to 60000, and one root user (uid 0) and 999 system users (uid 1 to 999)). In a scenario where there are many users, there might be some privileges that some users have and some don’t, and it becomes difficult to manage all the permissions at the individual user level. So using groups, we can group together a number of users, and set privileges and permissions for the entire group. groupadd command is used to create a new user group.
groupadd [option] group_name
sudo groupadd developers
- Every new group created is registered in the file “/etc/group“. To verify that the group has been created, enter the command
sudo tail /etc/group
- The file shows group information in the following format:
group_name : password : group-id : list-of-members
- -f, –force : This option forces the command to silently abort if the group with given already exists. If this option is used with the -g or –gid option and the group if given already exists, the command forcefully ignores the given group id and creates a new and unique group id.
- -g, –gid GID : This option is used to provide a group id (numeric) to the new group, and it should be non-negative and unique unless explicitly created to be non-unique (using -o option). If this option is not used, the default id is assigned, which is greater than every other group already present.
- -h, –help : Display help message and exit.
- -K, –key KEY=VALUE : Overrides /etc/login.defs defaults (GID_MIN, GID_MAX and others). Multiple -K options can be specified. GID_MIN and GID_MAX are the parameters set in /etc/login.defs which defines the minimum and maximum values that a group id can take.
groupadd -K GID_MIN=500 -K GID_MAX=700
- -o, –non-unique : This option permits to add a group with a non-unique GID.
- -p, –password PASSWORD : The encrypted password, as returned by crypt(3). The default is to disable the password. This password is visible to the users. You should make sure the password respects the system’s password policy. The group passwords are stored in “/etc/gshadow” file.
- -r, –system : Create a system group. The numeric identifiers of new system groups are chosen in the SYS_GID_MIN-SYS_GID_MAX range, defined in login.defs, instead of GID_MIN and GID_MAX.
- -R, –root CHROOT_DIR : Apply changes in the CHROOT_DIR directory and use the configuration files from the CHROOT_DIR directory.
- To add a new user into the group, the group is mentioned using -g option in the command useradd.
sudo useradd -g developers new_user
- To add an existing user to a group, use the usermod command
usermod -g developers existing_user