Linux group administration commands

Linux Group Administration

A collection of users is called as group. Each Linux group contains a unique ID value called GID. Information of a Linux group is found in "/etc/group" database file.

In Linux we have 2 types of groups available -

1) Primary Group : The user in this group can access all the resources with default permissions and have full access to all the resources.

2) Secondary group : The users in this group have limited access to the resources which is decided by the admin, who is one of the users in the primary group.

According to User Private Group (UPG) scheme, if we create any user, a primary group will be created with the same user name. Apart from that, we can also create a group manually. 

In group administration we use the following four commands -

1) groupadd  2) groupmod  3) groupdel  4) gpasswd

Lets take a look at each of them -

1) groupadd : With this command we can create a group account. If you want to create the group account with default options, the syntax is

$groupadd [-g ]  [-o] [-r] [-f] group 

-g --gid : This is the group id no and it must be unique. It must be above then 500 as 0-499 is reserved for system account.
- o --non-unique : This allows to add a group with non-unique GID.
-r --system : This allows to create a system user group.
-f : Force create

 e.g. $groupadd -g 888 employee

2)groupmod : The groupmod command modifies the system account files. It's syntax is,

$groupmod [-g ] [-o] [-n  ] group
e.g. $groupmod -g 999 sales
       $groupmod -n newsales sales

3) gpasswd : This command is used to do the following tasks -
                       i) Assign the password to the group.
                      ii) Add or remove the secondary users of the group.

It's syntax is,
$gpasswd <options> <group-name>

-a : To add single user 
 e.g. $gpasswd -a sales
-d: To delete a user
e.g. $gpasswd -d sales
-M : To add multiple users at a time
e.g. $gpasswd -M ul, ul1, ul2

4) groupdel : If the group is empty or if it is a secondary user group, then it can be deleted by the admin using this command. If the group has single primary user then you delete the group account. 
Its syntax is,

$groupdel <group-name>

Also see - Linux User administration