Groups in Linux System Administration

Each group in a Linux system is uniquely identified by a group identification number or GID. All the information listing groups in a system are stored in /etc/group file. The hashed passwords for groups are stored in /etc/gshadow file. 

Every user has a primary user group and zero or more supplementary groups. On login, the group membership is set to the primary group of user. This can be changed to any other supplementary group using newgrp or chgrp commands. 
 

This file is readable by any user but only root as read and write permissions for it. This file consists of the following colon separated information about groups in a system:  

1. Group name field
2. Password field 
   • If this field is empty, no password is needed.
3. Group Identification number or GID
4. Comma separated list of usernames of users that belong to the group.

Syntax:  

[group_name]:[group_password]:[GID]:[users]

Example:

This file is readable and writable by only by root user. Each entry of this file contains each group’s encrypted password, group membership and administrator information separated by a colon.  

1. Group name field
2. Password field 
   • It contains an encrypted password.The password is used when a user who is not a member of the group wants to gain the permissions of this group. Members can access the group without being prompted for a password. 
      
   • If no password is set, it is indicated by ‘!’ or ‘!!’.It implies only members can access the group. There’s no way other users can use the group.’!!’ indicates that no password has ever been set on the group. 
      
3. Comma separated list of user-names who are group administrators. 
   • Administrators can change the password or the members of the group. 
      
4. Comma separated list of user-names who are group members.

Syntax:  

[group_name]:[group_password]:[administrators]:[users]

Example: