Groups in Linux refer to the user groups. In Linux, there can be many users of a single system, (a normal user can take uid from 1000 to 60000, and one root user (uid 0) and 999 system users (uid 1 to 999)). In a scenario where there are many users, there might be some privileges that some users have and some don’t, and it becomes difficult to manage all the permissions at the individual user level. So, using groups, we can group together a number of users, and set privileges and permissions for the entire group.
To create a new group, `groupadd` command is used.
Syntax:
groupadd [option] group_name
Example:
If we want to create a group named “developers”, we can use the following command.
sudo groupadd developers
Note: Every new group created is registered in the file “/etc/group“. To verify that the group has been created, enter the command.
sudo tail /etc/group
sudo tail /etc/group
The file shows group information in the following format:
group_name : password : group-id : list-of-members
Options Available in `groupadd` command
| Options |
Description |
| -f, –force |
- This option forces the command to silently abort if the group with the given name already exists.
- If used with the -g or –gid option and the specified group id already exists, the command forcefully ignores the given group id and assigns a new and unique group id.
|
| -g GID, –gid GID |
- This option assigns a specific numeric group id to the newly created group.
- The group id (GID) should be non-negative and unique, unless explicitly created to be non-unique using the -o or –non-unique option.
- If not specified, the command assigns a default group id greater than any existing group id.
|
| -h, –help |
- Displays a help message, providing information about the groupadd command and its available options.
- Useful for quickly accessing command documentation.
|
| -K KEY=VALUE, –key KEY=VALUE |
- Overrides the default values set in the /etc/login.defs file.
- Multiple -K options can be specified.
- Parameters like GID_MIN and GID_MAX, defined in /etc/login.defs, can be modified using this option.
|
| -o, –non-unique |
- Permits adding a group with a non-unique group id (GID).
- Useful when you want to create groups with duplicate GIDs.
|
| -p PASSWORD, –password PASSWORD |
- Sets an encrypted password for the group.
- The password, returned by crypt(3), is visible to users and is stored in the /etc/gshadow file.
- By default, the password is disabled, and it is crucial to ensure it adheres to the system’s password policy.
|
| -r, –system |
- Creates a system group.
- System groups have numeric identifiers chosen within the SYS_GID_MIN-SYS_GID_MAX range, as defined in the /etc/login.defs file, instead of GID_MIN and GID_MAX.
|
| -R CHROOT_DIR, –root CHROOT_DIR |
- Applies changes in the specified CHROOT_DIR directory and uses the configuration files from that directory.
- Useful when managing groups within a chroot environment.
|
Examples
Use of `-f, –force` option in `groupadd` command.
Syntax:
groupadd -f developers
groupadd -f developers
Specifying a Group ID
If we want to assign a specific group id to the newly created group, use the -g option.
Syntax:
sudo groupadd -g 1001 developers
This command will create a new group named “developer” with a GID of 1001. Specifying group ID is useful in case where we need to maintain consistency across systems.
Setting a Group Password
We can set an encrypted password for a group using the -p option.
Syntax:
sudo groupadd -p somepassword finance
This command creates a new group named “finance” and sets the password for the group as “somepassword”
Overriding Default Values
Suppose we want to modify the GID_MIN and GID_MAX values for a group creation. We can achieve this using the -K option
Syntax:
groupadd -K GID_MIN=500 -K GID_MAX=700 tester
groupadd -K GID_MIN=500 -K GID_MAX=700 tester
This command will create a new group named “tester” and set the minimum GID to 500 and the maximum GID to 700. This allows us to have finer control over the range of valid group IDs for the created group.
To add a new user into the group, the group is mentioned using -g option in the command useradd.
Syntax:
sudo useradd -g developers new_user
To add an existing user to a group, use the usermod command
Syntax:
usermod -g developers existing_user
usermod -g developers existing_user
Conclusion
In this article we have discussed `groupadd` command. By understanding and utilizing the options we have discussed in the `groupadd` command, we can effectively manage group IDs, create system groups, set group passwords, and customize default value according to our specific requirements and security policies.
Whether you're preparing for your first job interview or aiming to upskill in this ever-evolving tech landscape,
GeeksforGeeks Courses are your key to success. We provide top-quality content at affordable prices, all geared towards accelerating your growth in a time-bound manner. Join the millions we've already empowered, and we're here to do the same for you. Don't miss out -
check it out now!
Last Updated :
05 Jul, 2023
Like Article
Save Article