Open In App
Related Articles

How to Create a new group in Linux | groupadd command

Improve
Improve
Improve
Like Article
Like
Save Article
Save
Report issue
Report

In the Linux operating system, user management is a crucial aspect of system administration. One of the fundamental tasks is creating and managing user groups. Groups in Linux allow administrators to organize and control user access to various resources and files. The groupadd command is a powerful tool that facilitates the creation of new groups effortlessly. In this article, we will delve into the details of using the groupadd command to create a new group in Linux.

Understanding User Groups

Groups in Linux refer to the user groups. In Linux, there can be many users of a single system, (a normal user can take uid from 1000 to 60000, and one root user (uid 0) and 999 system users (uid 1 to 999)). In a scenario where there are many users, there might be some privileges that some users have and some don’t, and it becomes difficult to manage all the permissions at the individual user level. So, using groups, we can group together a number of users, and set privileges and permissions for the entire group. 

Before we dive into the practical aspects, let’s briefly understand the concept of user groups in Linux. A group is a collection of users with similar permissions or access levels. Groups make it easier to manage and assign permissions to multiple users at once, enhancing security and simplifying administrative tasks.

Syntax of the `groupadd` Command

The `groupadd` command follows a simple syntax:

groupadd [options] group_name

Here, `group_name` represents the name of the group you want to create. The command also allows you to specify various options to customize the group creation process.

How to create a new group in Linux

1. Open a terminal

Launch a terminal on your Linux system. This can usually be done by pressing `Ctrl + Alt + T` or searching for “Terminal” in the application menu.

2. Use the `groupadd` command:

To create a new group, type the following command in the terminal:

Example:  

If we want to create a group named “developers”, we can use the following command.

sudo groupadd developers 

Replace “mygroup” with the desired name for your new group. The sudo command is used to execute the groupadd command with administrative privileges.

3. Verify the creation of the new group:

Every new group created is registered in the file “/etc/group“. To verify that the group has been created, enter the command. 

sudo tail /etc/group
sudo tail /etc/group

sudo tail /etc/group

The file shows group information in the following format:  

group_name : password : group-id : list-of-members

Options Available in `groupadd` command

OptionsDescription
-f, –force
  • This option forces the command to silently abort if the group with the given name already exists.
  • If used with the -g or –gid option and the specified group id already exists, the command forcefully ignores the given group id and assigns a new and unique group id.
-g GID, –gid GID
  • This option assigns a specific numeric group id to the newly created group.
  • The group id (GID) should be non-negative and unique, unless explicitly created to be non-unique using the -o or –non-unique option.
  • If not specified, the command assigns a default group id greater than any existing group id.
-h, –help
  • Displays a help message, providing information about the groupadd command and its available options.
  • Useful for quickly accessing command documentation.
-K KEY=VALUE, –key KEY=VALUE
  • Overrides the default values set in the /etc/login.defs file.
  • Multiple -K options can be specified.
  • Parameters like GID_MIN and GID_MAX, defined in /etc/login.defs, can be modified using this option.
-o, –non-unique
  • Permits adding a group with a non-unique group id (GID).
  • Useful when you want to create groups with duplicate GIDs.
-p PASSWORD, –password PASSWORD
  • Sets an encrypted password for the group.
  • The password, returned by crypt(3), is visible to users and is stored in the /etc/gshadow file.
  • By default, the password is disabled, and it is crucial to ensure it adheres to the system’s password policy.
-r, –system
  • Creates a system group.
  • System groups have numeric identifiers chosen within the SYS_GID_MIN-SYS_GID_MAX range, as defined in the /etc/login.defs file, instead of GID_MIN and GID_MAX.
-R CHROOT_DIR, –root CHROOT_DIR
  • Applies changes in the specified CHROOT_DIR directory and uses the configuration files from that directory.
  • Useful when managing groups within a chroot environment.

Pratical Examples to Create New Group in Linux Using Options Available

1. Using`-f, –force` option to Create New User.

Syntax:

groupadd -f developers
groupadd -f developers

groupadd -f developers

2. Specifying a Group ID to Create New User

If we want to assign a specific group id to the newly created group, use the -g option. 

Syntax:

sudo groupadd -g 1001 developers

This command will create a new group named “developer” with a GID of 1001. Specifying group ID is useful in case where we need to maintain consistency across systems.

3. Setting a Group Password

We can set an encrypted password for a group using the -p option.

Syntax:

sudo groupadd -p somepassword finance

This command creates a new group named “finance” and sets the password for the group as “somepassword”

4. Overriding Default Values

Suppose we want to modify the GID_MIN and GID_MAX values for a group creation. We can achieve this using the -K option

Syntax:

 groupadd -K GID_MIN=500 -K GID_MAX=700 tester
 groupadd -K GID_MIN=500 -K GID_MAX=700 tester

 groupadd -K GID_MIN=500 -K GID_MAX=700 tester

This command will create a new group named “tester” and set the minimum GID to 500 and the maximum GID to 700. This allows us to have finer control over the range of valid group IDs for the created group.

5. To Create a new user into the group, the group is mentioned using -g option in the command useradd

Syntax:

sudo useradd -g developers new_user 

6. To add an existing user to a group, use the usermod command  

Syntax:

usermod -g developers existing_user  
usermod -g developers existing_user

usermod -g developers existing_user  

Frequently Asked Question

1. How can I check if a group has been successfully created?

You can verify the successful creation of a group by checking the “/etc/group” file or by using the `getent` command.

For example: running `getent group group_name` should display information about the newly created group, including its name and Group ID (GID).

2. What is the difference between a regular group and a system group created with the groupadd command using the -r option?

The `-r` option in the `groupadd` command is used to create a system group. System groups typically have lower Group IDs (GID) and are reserved for system processes and services. Creating a system group is often recommended for enhanced system security and to prevent accidental modification or removal by regular users.

3. What happens if I try to create a group with a name that already exists?

If you attempt to create a group with a name that already exists, the groupadd command will typically return an error, stating that the group already exists. To avoid this, you may use the `-f` option to force the creation of the group, though caution should be exercised to prevent unintentional overwriting of existing groups.

4. How can I specify a Group ID (GID) when creating a new group with the groupadd command?

Yes, the `groupadd` command allows you to specify a Group ID using the `-g` option. This can be useful for maintaining consistency in user and group management, especially in environments with specific GID requirements.

5. What is the purpose of creating a new group in Linux using the groupadd command?

The primary purpose of creating a new group in Linux is to organize and manage users with similar permissions. Groups enable administrators to assign common access levels to multiple users, facilitating efficient resource management and enhancing system security.

Conclusion

In this article we have discussed `groupadd` command. By understanding and utilizing the options we have discussed in the `groupadd` command, we can effectively manage group IDs, create system groups, set group passwords, and customize default value according to our specific requirements and security policies.



Last Updated : 03 Jan, 2024
Like Article
Save Article
Previous
Next
Share your thoughts in the comments
Similar Reads