This article shows how you can use the groups utility to add and modify existing groups in Linux. Further, it will also highlight how the Linux permissions system works in conjunction with the groups system.
How Do Groups and Permissions Work?
At its core, a Linux group is a collection of users that share the same permissions and privileges for a specific file or program. Every file in the system has a set of ownership and permission bits. One of the easiest ways to find this is to run ls -l on your home directory. That will list all the visible files and folders in the directory along with their ownership and permission bits. For the most part, the general format for this looks like: The first, third and fourth columns show both the permission and ownership bits of the current file. For example, the “rwxrwxr-x” valuetells the system that everyone can read this file, but only the user “ramces” and group “maketecheasier” can write to it. These two bits work hand in hand to create a finely tuned access control system in Linux. The permission bits tell the system how a file can be used by the users and groups in the ownership bits.
Viewing the Group Memberships for a User in Linux
The first step to modify a group in Linux is to know which are available to a user to give you an idea of the active groups in the system. Running the following command will list all the available groups for the current user:
Viewing the Available Groups in the System
Along with looking at user-specific groups, it is also possible to list every group in the system by running the following command: This will print the entire “/etc/group” file in your terminal screen. Scroll through the file by pressing J or K. By default, “/etc/group” is a colon-delimited file that contains both user and system-specific groups. Each line in thie file represents a currently active group in the machine. The general format for each line looks like:
The group-name is the label for the group. In most cases, system groups start with an underscore to differentiate them from regular groups.The password is an optional field to create secure groups, which is useful if you are sharing the system with multiple people.GID is the Group ID for that particular group.Lastly, the users field is a comma-separated list that contains all the users that are part of that group.
Note: even if you are not in the root group, you can still open files as root. Learn how to do that.
Creating a New Group in Linux
To create a new group in Linux, use the groupadd command. Unlike id, this is a utility that only deals with group creation. For example, I can run the following command to create a new group with the name “test.”
Creating a New User With a New Group
It is also possible to create both a new user and group in a single command, which is useful when you are setting up a shell scripting account with predetermined permissions. To do this, run the following command:
The –m flag tells useradd to create the new user’s home directory, as, by default, Linux does not create a home directory for the “test” user.The -G flag tells useradd to create and add the “test” user to the “maketecheasier” group.The -s flag sets the default login shell for the “test” user. In my case, I am telling the useradd utility to set the login shell for the “test” user to Bash.
Adding an Existing User to a New Group in Linux
Along with creating a group and its user, you can also add existing users to a group by running the following command:
Adding Multiple Users to a New Group
Lastly, it is also possible to include multiple users to your new group. To do this, run the following command: This will set the member roster for the “maketecheasier” group to include both “ramces” and “test.” However, it is important to note that the -M flag always replaces the users value in the “/etc/group” file. Appending new users to your group will also require you to include the users that are already in the group. For example, running the following command will append both “alice” and “bob” to the “maketecheasier” group: Tip: learn how to switch to another user account with the sudo command. Image credit: Unsplash. All alterations and screenshots by Ramces Red. To update your user’s group list, either log out from the current session or restart the entire machine.