How to Add Users to a Group in Linux
A group is a collection of users that simplifies the management of permissions and access to the system resources. Each group has a set of permissions that applies to all the members within the group, simplifying the management of system access.
Adding users to groups allows you to organize access control efficiently and also defines user privileges across the system.
This article explains how to add users to a group in Linux.
Prerequisites
Before you begin, you need to:
- Have access to an Ubuntu instance as a non-root sudo user.
View User Groups
To manage users and groups, it is important to understand the available groups in the system and the membership of individual users. Follow the steps below to view groups and their associated users.
List all the available user groups.
console$ cat /etc/group
The above command lists all available user groups including the group IDs (GIDs) and members.
Your output should be similar to the one below.
group1:x:101:user1 group2:x:102:user2 group3:x:103:user3 group4:x:104:user4, user1 ...Within the above output:
group: The name of the groupx: The password field placeholder101: The unique Group ID (GID) assigned to this groupuser: The member of the group.
View the groups associated with your actively logged-in user
console$ groupsThe above command displays all groups that the logged-in user belongs to.
Your output should be similar to the one below.
group1 group2 group3 group4View the groups associated with a specific user.
console$ groups username
Replace
usernamewith the name of the user to view their group membership.Your output should be similar to the one below.
group1 group2View the user and group membership.
console$ id username
This command displays the information about a user, including their user’s ID (UID), default group (GID), and supplementary groups.
Your output should be similar to the one below.
uid=10(username) gid=10(defaultgroup) groups=10(group1),4(group2),109(group3),110(group4)
Add a User to a Group
Adding a user to a group allows the user to inherit the group permissions. This enables the user to access files, directories, and system resources based on the group privileges.
Add a user to an existing group.
console$ sudo usermod -a -G groupname username
groupname: Replace this with the name of the group to which you want to add the user.username: Replace this with the name of the user you want to add.- The
-a(append) and-G(group) options ensure the user is added to the specified group while retaining membership in the existing groups.
Verify the user’s group membership.
console$ groups username
Your output should be similar to the one below.
username : group1 group2 group3 group4 group5If the
-aoption is omitted, then the user will be added to the specified group but removed from all other groups.console$ sudo usermod -G groupname username
Caution: This command replaces the user’s existing group memberships with only the specified group.
Verify the user's group membership.
console$ groups username
The above command lists the groups the user is a member of.
Your output should be similar to the one below.
username : group6
Add a User to Multiple Groups
You can add a user to multiple groups simultaneously, which is useful for granting access to multiple sets of resources and permissions in a single command.
Add an existing user to multiple groups
console$ sudo usermod -a -G group1,group2,group3 username
group1,group2,group3: Replace these with the names of the groups to which you want to add the user.username: Replace this with the name of the user you want to add.
This command adds the user to all specified groups without affecting their membership in existing groups.
Verify the user’s group membership
console$ groups username
This will display all the groups the user belongs to, including the newly added groups.
Your output should be similar to the one below.
username : group6 group1 group2 group3
Change the Default User Group
In Linux, every user is assigned a default group, which is often the same name as the username. You can change this group to assign different permissions and access control to the user.
Change the default group for a user
console$ sudo usermod -g newdefaultgroup username
newdefaultgroup: Replace this with the name of the group you want to set as the user’s default group.username: Replace this with the name of the user whose default group you want to change.- The
-goption setsnewdefaultgroupas the user’s default group while retaining membership in existing groups.
When a user’s default group is changed, the specified group becomes the user’s new default group, which is applied when creating files or directories. This means new files created by the user will have the new default group as the group owner, while the user retains membership in their existing groups.
Verify that the default group has been changed.
console$ id username
This command displays the user’s (UID), default group (GID), supplementary groups. The default group will now be the
newdefaultgroupyou specified.Your output should be similar to the one below.
uid=1000(username) gid=1000(newdefaultgroup) groups=1000(group1),4(group2),109(group3),110(group6)
Remove a User from a Group
Follow the steps below to remove a user from a group and revoke access to specific resources or permissions associated with the group.
Remove a user from a group.
console$ sudo gpasswd -d username groupname
username: Replace this with the name of the user you want to remove from the group.groupname: Replace this with the name of the group from which you want to remove the user.- The
-dflag is used to delete the user from the specified group.
This will revoke the user’s access to the group’s resources and permissions.
Verify the user has been removed from the group.
console$ groups username
Your output should be similar to the one below.
username : group1 group2 group3Based on the aco,will show the user’s group membership, confirming that the user is no longer part of the
groupname.
Conclusion
You have managed user groups in Linux, including adding users to one or more groups, changing a user's default group, and removing users from a group. These commands enable you to efficiently manage user access and permissions, ensuring a more organized and secure system.