Are you trying to add a user to Group in Linux?
This guide is for you.
Users and groups are used on GNU/Linux for access control—that is, to control access to the system's files, directories, and peripherals. Linux offers relatively simple/coarse access control mechanisms by default.
In Linux operating systems, groups allow certain user permissions to be available for group members.
For someone to access the system, one must add a user to a group in Linux.
Adding users to group can help you manage your system better as well as provide security by being able to control which users can read, alter, and execute commands.
Here at Ibmi Media, as part of our Server Management Services, we regularly help our Customers to perform Linux related tasks.
In this context, we shall look into how to add users to group in Ubuntu.
The Linux operating system allows for multiple users to use the system at one time. Users, logging in with their username, determine who initiates a process.
Files and directories are managed by a user and a group. Only the root user with sudo access can determine the extent of the permissions.
The root user is the only user who can add users to a group.
Groups in Linux are a collection of users.
There are two categories: primary and secondary.
i. A primary group is created when a user is added. This information is stored in /etc/groups and an additional entry can often be found in /etc/passwd.
ii. You must become part of a secondary group in order to inherit access to a file made by another user.
Every user can belong to exactly one primary group, and to as many secondary groups as necessary.
"Add user to a group" is an administrative function only available for root users. In other words, you have to become one to perform this function.
Use the special command, su which stands for "super-user" or "switch user" to login. Enter the password if you have it once prompted:
su -
You can also use sudo command, which stands for "super-user do":
sudo -i
Now that you’ve successfully logged in as a root user account, you can now add an existing user to the group using the usermod command:
sudo usermod -a -G group_to_add username
Where:
-a flag – prompts the usermod command to add a user to a group. If you fail to use -a, you cannot add a user to the groups listed after -G successfully.
-G flag – indicates which secondary group you want the new user to belong.
-g flag – used to change a user's primary group.
Let's say you want to add existing user "ibmimedia" to the group “mail”. You can do so with the following usermod command:
sudo usermod -a -G mail ibmimedia
There will be no output once you execute the command. You will however notice a change in privileges once you access the files associated to the Linux groups.
In any case, if the group name does not exist, it will display a prompt.
If you wish to add a user on multiple groups, "mail and sysadmin", separate the group names with a comma (,) as follows:
sudo usermod -a -G sudo,sysadmin ibmimedia
You might encounter cases where you want to create a new user and right then and there, make them part of a group.
You can easily do this with the useradd command:
sudo useradd -g primary_group -G secondary_group username
For example, you want to make a new user, "ibmimedia", and add him to the primary group “developers”, and secondary group “mail”. This is the command you would type in:
sudo useradd -g developers -G mail ibmimedia
To add a new user on multiple Linux groups, separate the user group names with a comma as follows:
sudo useradd -g developers -G mail,demo,news ibmimedia
To check whether or not you were able to successfully add a user to a group in Linux, you can do so with the user id command:
id username
Let's say for example we want to check the username "ibmimedia" in groups:
id ibmimedia
It should display an output of:
uid=501(ibmimedia) gid=20(developers) groups=20(developers),30(mail),67(news),...
This information states that ibmimedia's primary group is developers. It should display the user's long list of secondary groups, along with the primary after "groups".
If you just want the user's supplementary or secondary groups to be displayed, use the groups command:
groups ibmimedia
Output:
developers mail news adm demo
If you don't specify a username, the command will execute for the current logged in user's groups data.
If you wish to remove a user from a group, simply use the gpasswd command along with the -d option, which means you want to delete them. The command should look like this:
sudo gpasswd -d username groupname
For example, if you want to delete “ibmimedia” from the group “developers”:
sudo gpasswd -d ibmimedia developers
Again, there will be no output displayed.
If you want to make a new group, use the groupadd command and your assigned groupname:
sudo groupadd groupname
For example, to make a new group called “content”, you may do so with the following command:
sudo groupadd content
To delete an existing group, use the groupdel command followed by the group name you wish to delete:
sudo groupdel groupname
For example, if you want to delete the group, “developers”, you may do so with the following command:
$sudo groupdel developers
No outputs will be displayed for creating new groups and deleting groups once the command is executed.
To change a user primary group, enter the following on the command line:
sudo usermod -g groupname username
For this example, we changed the primary group of the user ibmimedia to developers:
sudo usermod -g developers ibmimedia
This article will guide you on how to add a #user to a #group in #Linux. The group permissions apply only to the group that has been assigned to the file or directory, they will not effect the actions of other users. The others permissions apply to all other users on the system, this is the permission group that you want to watch the most.
Groups can be thought of as levels of #privilege. A person who is part of a group can view or modify files belonging to that group, depending on the permissions of that file. User belonging to a group has privileges of that group, for example - sudo groups lets you run software as super user.
To view all groups present on the system simply open the /etc/group file. Each line in this file represents information for one group. Another option is to use the getent command which displays entries from #databases configured in /etc/nsswitch.
To Create a New Sudo User:
1. Log in to your server as the root user. #ssh root@server_ip_address.
2. Use the adduser command to add a new user to your system. Be sure to replace username with the user that you want to create.
3. Use the usermod command to add the user to the wheel group.
4. Test sudo access on new user account.
To List Users in Linux:
i. Get a List of All Users using the /etc/passwd File.
ii. Get a List of all Users using the getent Command.
iii. Check whether a user exists in the Linux system.
iv. System and Normal Users.