Add user in multiple group in linux

10 practical examples to add or remove user from group in Linux

Table of Contents

In this article I will cover the below topics and share multiple practical examples cover these scenarios

• Different types of group in Linux
• Add user to group (single)
• Add user to multiple groups
• Change primary group of the user
• Remove user from group

So when you say Linux add user to group, which group do you mean? There are two types of group in Linux

• Primary Group
• Supplementary or Secondary Group

Difference between Primary vs Supplementary Group

Primary group:

• The group that is listed in the group membership field for a user in /etc/passwd .

For example here deepak is part of primary group with GID 1000 i.e. deepak (so primary group name is same as loginname)

• When we create user using useradd , depending upon USERGROUPS_ENAB variable in /etc/login.defs a primary group is created/assigned to user. If this variable is set to yes, a group will be created for the user, with the same name as her loginname . If the variable is set to no, useradd will set the primary group of the new user to the value specified by the GROUP variable in /etc/default/useradd , or 100 by default
• On Linux, every file and directory has a user owner and a group owner. Group ownership is set when files are created, and unless configured otherwise, it is set to the primary group of the user who creates the file.
• A user at a time can be part of only one primary group.

Supplementary (or Secondary) Group:

• A user can be part of multiple supplementary group
• A group that a user is a member of but which membership is not defined in the /etc/passwd file.
• When creating new files, the supplementary group will not automatically become the owner of those files.

1. Create a new user and add to existing primary group

• By default when we create a new user, a new primary group is created by the same name as of the user.
• But we can also use useradd to create a user and add this user to any existing group
• So this group will not become the primary group of your new user

In this example I will create a new group » admin «

Verify the group exists

Next I will create a new user » user1 » and add this user to » admin » group using useradd -g

Источник

Adding a user to multiple groups in Linux

In Linux, users are put into groups to control access to various files and devices. In many cases, the user will have to be in multiple groups. Did you know that you can add the user to multiple groups at once?

How to add a single user to multiple groups: To add a user to more than one group at a time you can use usermod: “usermod -a -G groupname, anothergroup username”. The -a switch, in usermod syntax, is important. As it tells usermod not to overwrite current groups.

Here is an example if we were to add the user max to the sudo group and the lpadmin group:

Note that the user will have to log out and back in again if he or she is currently logged in.

Another less common method is to use the gpasswd command to add a user to a group. But the gpasswd command will only allow you to add to one group at a time.

Add a user to multiple groups when creating the user

You can also add a user to the groups he should belong to while creating the user. Just add the -G argument to the useradd command. In the following example, we will add the user max and add him to the sudo and lpadmin groups.

This will also add the user to his primary group. The primary group is usually named after the user. So in the example above, the user max will belong to two groups: max and sudo. If you want to override this behaviour, you can specify the primary group with the lower case -g argument.

I have added some more commands below that can be useful when working with groups. Keep reading if you want to know more.

Not all groups are the same

When working with groups in Linux, it is important to note that the user will have two kinds of group assignments.

The primary group

The first type of group assignment is the primary group. This is the user’s main group. Every user must belong to one, and only one, primary group. This group is used as the default group of files that the user creates and is basically only meant for this user and users he wants to grant access to his files.

The primary group usually has the same name as the user. Like the user max, most likely has the primary group max. This is the most common configuration in Linux. Some systems, however, will have all regular users belong to some generic primary group like users and then have administrators belong to a generic admin group.

Secondary groups

The second type of group is a secondary group. Every user can be assigned to multiple secondary groups. The secondary group can be another user’s group or a special group that gives users some particular permissions. One example of a secondary group is the sudo group in Ubuntu and many other distros. Users that are assigned to the sudo group are allowed to use the sudo command to execute commands as the root user.

In the command examples above, the upper case -G always refers to the secondary groups and a lower case -g refers to the primary group. If only the upper case -G is specified, the command will not have any effect on the primary group and vice versa.

List groups a user belongs to

Before you add a user to some groups it could be helpful to know what groups he is already a member of. The quickest method to list all groups a particular user is a member of is to use the groups command. Here we will list all groups the user max belongs to:

If I just want to quickly get a list of groups I myself belong to. I can enter the group command without any arguments. It will then assume that I want the groups of the currently logged in user.

You could also get this from the /etc/group file. This file contains all the groups that exist in your system. As well as their members. The get all the groups the user max belongs to, use grep to extract all mentions of max in the group file.

List users in a group

What if you want it the other way around? To print all the users that are in some group.

One way would be to use grep as we did above. But instead of searching for the user, we now search for the group name. Like in this example, where we try to find which users belong to the sudo group.

Some Linux distributions also include the groupmems utility. Groupmems is a tool to administrate groups on a system. Since it is not always included, I only mention it here as a second option:

Remove a user from a group

Surprisingly, usermod does not have any option to remove a user from a group. It does have the option of overwriting the current group memberships a user has. This is not very convenient, since you would have to list all the groups a user has and then enter them again on the command line. In which case you just need to skip the -a argument in the usermod command.

It is a lot easier to use the gpasswd command. You simply use the “–del username” argument. Here we will remove the user max from the sudo group:

List all existing groups

If I wanted to see all the groups that exist on a system, I would simply look at the /etc/group file. Using the cat command, that is quite easy to do:

It is also possible to use the getent command:

This will show you some extra information like the group id (GID) and a list of members of the group. If you just want the group names, the cut command can remove all the extra information:

That’s it for now

Hopefully, you know have a solid understanding of how to add users to groups now.

Источник

How to Add a User to a Linux Group

Home » SysAdmin » How to Add a User to a Linux Group

In Linux, a group is a unit in which you can manage privileges for several users simultaneously. Linux groups allow you to manage multiple user permissions quickly and easily.

In this tutorial learn how user groups work in Linux, and how to add users to specific groups.

• A system running Linux
• A user account with sudo or root privileges
• Access to a terminal window/command line (Ctrl-Alt-T, Ctrl-Alt-F2)

What is a User Group in Linux

In Linux, different users have different roles or responsibilities. Some users might need the ability to execute applications, while others are restricted from accessing specific files and folders.

Groups let you create categories of users with pre-set permissions. Instead of managing permissions for each user account, you can simply add a user to a group to grant the appropriate permissions.

Primary Group

The primary group is set to the logged-in user. Any files the user creates are automatically added to that group. A user can only belong to one primary group at a time. A primary group with the same name as the user is created, and any files created by the user are included in that group.

Secondary Groups

A user can belong to any number of secondary groups (including none). Secondary groups are created to manage individual files and software applications. Members of the group inherit the read, write, and execute privileges for that group.

Note: Refer to our in-depth guide on how to create users in Linux for more info on user management.

How to Create a User Group

1. To create a new group, enter the following:

2. Replace new_group with the name you want for your new group.

How to Add User to Group

Add an Existing User to an Existing Group

1. Use the adduser command to add a user to a group:

2. Use the useradd command to add a user:

3. You can also use the usermod command to add a user to a group:

The usermod command uses the –append and –group options to append the user to a particular group. Without using –append , the user could be dropped from other groups.

Add a User to Multiple Groups at Once

Use the usermod command to specify multiple groups to add to:

Create a User and Add to Group

1. This is useful for creating a new user on the fly for a specific software application. Enter the following:

2. Next, assign a password to the new user:

Change a Users Primary Group

All previous commands have been used to manage the secondary groups a user belongs to. In most cases, a user’s primary group is the same as their username.

To change a users primary group, enter the command:

The lower-case –g specifies the primary group. (Upper-case –G refers to a secondary group.) A user can only have one primary group, so the old primary group user_name won’t be primary anymore for this user.

How to Remove a User From a Group

The gpasswd tool is used for managing groups. To remove a user from a group:

Note: The gpasswd tool can also be used for other administrative tasks such as defining group administrators and setting a password for access to group resources. Use the Linux man command man gpasswd for details.

Delete a Group

To delete a group, use the command:

How to List Groups in Linux

Linux comes with several different groups by default. Some of these, like the sudo group, can be used to grant permissions. Others are hidden, used for system tasks.

1. To view a list of groups on your system by displaying the /etc/groups file:

2. To display the groups that a user belongs to with the groups command:

3. The image above shows the groups that the logged-in user ‘sofija’ belongs to. You can display groups for a different user by specifying the username:

4. Another method to display the groups a user belongs to, including user ID (uid) and group ID (gid), is to use the id command:

Other Common Groups

There are a several common group names you might encounter in Linux:

• sudo – A member of this group can use the sudo command to elevate their privileges
• wheel – This is an older method of granting sudo-like privileges
• cdrom – Allows the user to mount the optical drive
• adm – Allows the user to monitor Linux system logs
• lpadmin – Allows the user to configure printers
• plugdev – Allows the user to access external storage devices

You should now have a good understanding of Linux groups and how to add and remove members from those groups. For more information on specific commands, you can enter the man command to display a manual in your terminal window.

Источник

Linux add user to multiple groups through CLI: Explained with Examples!

In this tutorial let’s have a look at how to add a Linux user to multiple groups. If you are a beginner to user and group management I suggest reading my other tutorial that covers all the essential basics in the link below.

For those of you who are in a hurry, this is the short version of the answer!

The Short Answer

To add a user to groups that he is not yet part of you must use the command

For example, the screenshot below adds testuser1 to testgroup1

The command in the 3rd line in the above screenshot is the one you will need. The command groups testuser1 simply demonstrate this addition of group to testuser1

Okay now that we have seen the short version, let’s go ahead and have a look at the longer and more informative version of the answer next so that you can actually understand what happens behind the screen and that way you don’t have to memorize the command but you will actually remember it without trying!

If you are interested in a particular topic, you can skip to it using the table of contents below. Okay so let’s begin!

Need for adding the same user to multiple groups

The hierarchy of modern office environment is not simple anymore. Whichever company you are working for, the odds are you will find employees doing a bunch of different projects, and hence those employees belong to multiple teams/groups and need access to multiple sets of data.

For example, a project manager may be involved in multiple projects at a time and also be a part of the management. Hence he/she needs to be able to access all of the projects and also needs access to data that the management team uses.

In that case it makes sense to have a feature that will let us add those employees to all those groups and Linux has that functionality built-in. Graphical tools are usually built keeping beginners in mind and hence they only have the features to accomplish the simplest of tasks. In order to do the task we have in our hands, we need to go into the Linux terminal instead!

Let’s see how to do that in this tutorial!

The usermod command

The command to use to add a user to multiple groups is the usermod command. usermod stands for user modification and this command can be used to accomplish a bunch of different tasks like

• changing the user-related configuration parameters,
• locking and unlocking users,
• adding and removing groups that the user belongs to,
• changing their home directory,
• changing their default shell, etc.

The man page for the usermod command can be seen in the screenshot below. (to get this page type man usermod on your terminal)

Each of these options will help us do a specific task. The 2 options we are interested in are “-a” option and the “-G” option. These 2 options, when used together, will let us add a particular user to more groups than he already belongs to.

Let’s go ahead and test the command to make sure it works!

Testing the command

Let’s begin by creating a user named testuser for the purpose of this tutorial.

As you can see the testuser, by default is added to the testuser group as shown in the screenshot below. (the group command can be used to view the groups a particular user belongs to)

Next let’s create 2 new groups named testgrp1 and testgrp2.

Now let’s go ahead and add our testuser to these 2 newly created groups using the usermod command and the -aG options

And Voila! now the testuser belongs to 3 groups instead of 1!!

You can also verify the contents of /etc/group just to make sure

As you can see now testuser is part of 3 groups namely testuser, testgrp1 and testgrp2!

If the above does not work for you make sure you have not left space in between the group names as the syntax expects just a comma separator.

How to delete a group that a user belongs to

Okay so we have now learned how to add a group to a given user. What about deleting a user from a group? Obviously you can go ahead and edit the /etc/group file and delete the user, but that not the best way of doing it as you may break the file as you edit it! If there is an option to do it via a command always take that option, as any given information may need to be present in multiple files in Linux and editing a bunch of those always has the danger of missing one or 2 and leaving a broken system!

So for this we will use the usermod command again! This time with just the -G option! The process I recommend has 2 simple steps.

1. get the groups that the given user belongs to using the groups command.
2. Once you are done with that, you can add all the groups except the one you want to remove the user from and pass that with the -G option and you are done as shown in the screenshot below.

Here I have removed the user from testgrp2.

Reading in-built Documentation

I highly recommend getting used to reading the manual for these commands so that you will feel more comfortable using the command line! Next time before googling for answers, just type man and read the resulting page before you start searching for answers online.

If man pages feel cryptic then try the command info as these info pages are usually more verbose and you will understand them better! (though for some command the same text will be provided for both man and info pages!) If you have never read man pages before, I suggest starting with some familiar commands like ls and cd, so that you can understand the pattern of these files. Once you understand these patterns if you look at a man page for an unknown command you will feel more at home!

If you are interested in learning more about Linux, be sure to check out my step by step plan to master Linux here.

And with that, I will conclude this article!

I hope you guys enjoyed this article and learned something useful.

If you liked the post, feel free to share this post with your friends and colleagues!

Related Articles

Here are some of my other articles that might interest you!

Источник