How To Add a User to A Group in Linux: Easy Step-by-Step Guide

By
Ivory
How To Add a User to A Group in Linux: Easy Step-by-Step Guide

How To Add a User to A Group in Linux: Easy Step-by-Step Guide

Learning how to use groups is essential if you want to give users permission to read files, modify them, or create their own.  

In this comprehensive tutorial, we walk you through the process of adding users to and removing them from a group in Linux. 

We also cover how you can create, view, and delete groups. 

Understanding Linux Groups and Group Types

Linux leverages groups as organizational units for managing user accounts effectively. 

Groups play a vital role in defining privileges such as reading and writing. Not to mention, users need permission to execute permissions too. 

All users in a group have all the permissions assigned to the group by its creator. 

When a user creates a group, it automatically becomes the user’s “primary” group. Typically, the primary group takes its creator’s username. 

But when a user adds someone to a group on Linux, it becomes that user’s secondary group. Every Linux user can be a member of several secondary groups, but every user has only one primary group. 

So, the permissions you set for a group you create – your primary group – are given to the users you add to the group. 

Bear in mind that the ability to add users to groups is limited to users with sudo or root access.

It’s interesting to note that information related to all user accounts is stored in specific files, including /etc/passwd, /etc/shadow, /etc/group, /etc/default/useradd, and /etc/login.defs.

It is crucial to avoid manually modifying these files. Instead, we rely on various commands to add users to groups in Linux.

How to Add an Existing User to a Group

The usermod command helps you add existing users to groups. You can use the command with the “-a -G” options, followed by the group name and username:

sudo usermod -a -G groupname username

 

For instance, to add the user “joel” to the “sudo” group, execute the following command:

sudo usermod -a -G sudo joel

 

It’s critical to note that you will need to use the append option (-a) any time you want to add a user to a group. 

If you don’t use the -a option with this command, the user will be removed from all groups they are in expect the ones you specify. 

In the example above, user “joel” would get removed from all groups expect “sudo” if the -a option were omitted from the command.

Note that the usermod command will only display a warning if the user or group doesn’t exist, and it won’t provide any output upon successful execution.

Adding a New User to Secondary Group Using Useradd

If you find yourself needing to add a new user to a group that exists already, you will find the following command useful:

# useradd -G {group-name} username

 

Let’s walk through an example where we create a new user named “emma” and add them to the “devops” group. First, ensure that the “devops” group exists by using the grep command:

# grep “^devops” /etc/group

 

If you don’t see any output, it means the group doesn’t exist, and you’ll need to create it using the groupadd command:

sudo groupadd devops

 

To verify that the user “emma” doesn’t already exist, execute the following command:

grep “^emma” /etc/passwd

 

If no output is displayed, proceed to add the new user “emma” to the “devops” group:

useradd -G devops emma

 

Set a password for the user “emma” using the passwd command:

passwd vivek

 

To ensure that the user has been added successfully to the “devops” group, use the id command:

id vivek

 

This command will provide output similar to the following:

uid=1122(emma) gid=1125(emma) groups=1125(emma),1124(devops)

 

Adding a User to Multiple Groups

If you need to add a user to multiple groups simultaneously, use the -G option followed by a comma-separated list of group names. 

For example, to add the user “nash” to the “devops,” “hr,” “ftp,” and “pr” groups, execute the following command:

useradd -G devops,hr,ftp,pr nash

 

Adding an Existing User to Multiple Groups in One Command

If you need to add an existing user to multiple secondary groups simultaneously, you can achieve this in a single command using usermod with the -G option.

Here’s what the syntax of this command looks like:

sudo usermod -a -G group1,group2 username

 

For instance, to add the user “emma” to both “ftp” and “hr,” execute the following command:

sudo usermod -a -G ftp,hr emma

 

Removing a User from a Group

To remove a user from a group, employ the gpasswd command with the -d option. 

The example below demonstrates how to remove the user “emma” from the group “ftp”:

sudo gpasswd -d emma ftp

 

Changing a User’s Primary Group

To change a user’s primary group, employ the usermod command with the -g option like so:

sudo usermod -g groupname username

 

For instance, to change the primary group of the user “nash” to “hr,” execute the following command:

sudo usermod -g hr nash

 

Displaying User Groups

To view comprehensive user information, including the groups to which a user belongs, utilize the id command followed by the username:

id username

 

If you exclude the username, the command will display information for the currently logged-in user. 

For example, to check the user “emma,” execute the following command:

id emma

 

Creating and Deleting Groups

Creating a new group is as simple as using the groupadd command with the name of the group:

sudo groupadd groupname

 

Deleting a group is equally easy. The syntax is the same as that of creating a group, except you have to use the groupdel command:

sudo groupdel groupname

 

Managing Group Membership in Linux

In addition to adding and removing users from groups, it is essential to understand how to manage group membership effectively in Linux. The following commands and techniques can help you in this process:

  1. List Group Members: To view the members of a specific group, you can use the members command followed by the group name. For instance, here’s the command you can use to list the members of the “devops” group: members devops.
  2. Remove a User from Multiple Groups: You can remove a user from multiple groups at once using the gpasswd command with the -d option. For example, to remove the user “emma” from the “devops” and “hr” groups simultaneously, run: sudo gpasswd -d emma devops,hr.
  3. Change Primary Group for Multiple Users: If you need to change the primary group for multiple users simultaneously, the usermod command can be used in combination with shell scripting techniques. You can create a script that iterates through a list of users and changes their primary group one by one.

By mastering these techniques, you can efficiently manage group membership and access privileges for users in Linux, providing a secure and organized environment for your system.