Linux is a multiuser operating system, and thanks to this several people may be authenticated and working on a particular machine at the same time.
To ensure safety, as good practice users do not share credentials in the same account, and each person will have their own access user. This means that best practices dictate the use of as many user accounts as people need access to the machine.
But two or more users are expected to need to access certain system resources such as directories and files. Therefore, it is necessary to know how to create and manage users and groups in Linux, to achieve both goals - greater security with individual accounts, and resource sharing between users.
In this article you will see how to manage users and groups in Linux distributions based on Debian, such as Ubuntu and Mint, doing this with bash commands in console.
Add new group on Linux
Let’s start by adding a new group to the system.
The standard syntax is
groupadd <group-name>;
As an example we will create a group that we will later use to allow access to games installed in the system:
groupadd games
Add an existing group to a Linux user
Once you have created the group, or even for groups that already existed in the system, you can add users to it.
It is important that you know: A user may be inserted in several groups in the same system.
We use the usemod
command to add a user to an existing group, its syntax is:
usermod -a -G <groupname> <username>
The -a
means append, that is, you are requesting that the group information is added to the user, without the groups already associated with them being deleted or replaced.
The -g
parameter means Groups list, that is, allows you to pass a comma separately with the name of groups to be added to the user.
Continuing our example, let’s add the games group to the user mazer:
usermod -a -G games mazer
Change a users primary group
Linux users have a primary and secondary group.
The primary group is the one registered in the /etc/passwd
file, configured when an account is created. When a user creates a file, their primary or main group is associated with the file.
For example, a sequence of commands to check my user, read your /etc/passwd
entry, which shows the user’s guid, and then create a new empty file and list it to demonstrate that the main group (shown asname and not the guid) is associated as permission to the file:
whoami
mazer
grep mazer /etc/passwd
mazer:x:1066:1066:Ademir Mazer Junior:/home/mazer:/bin/bash
^
|
+-------- Main group
touch newfile
ls -l newfile
-rw-rw-r-- 1 mazer mazer 0 Jul 16 15:22 newfile
^
|
+-------- main group
Well, what if you want to change your user’s main group? You should use the usermod
command again, with the syntax:
usermod -g <groupname> <username>
Parameter -g
(lowercase) means group id
, that is, you are indicating the group to be defined as primary to the user.
If we want to change then the primary group from mazer to games:
usermod -g games mazer
Consulting a users groups
If we wish to check a user groups without their IDs, we use the syntax:
groups <username>
For example, to consult the user mazer and their groups:
groups mazer
mazer : mazer adm cdrom sudo dip www-data plugdev lpadmin sambashare games
If we wish to check the groups along with the IDs, we use the id
command:
id <username>
Example for our user mazer, show the names of their groups and the repetitives IDs:
id mazer
uid=1000(mazer) gid=1000(mazer) grupos=1000(mazer),4(adm),24(cdrom),27(sudo),30(dip),33(www-data),46(plugdev),108(lpadmin),110(sambashare)
Add a new user and define groups to them in a command
Finally, if you want to add a new user to the Linux system, and in a single control line assign a group, we can use the syntax:
useradd -g <groupname> username
An example would be to add the marcos user to the ftp group and then set your password:
useradd -G ftp marcos
passwd marcos
Conclusions
Managing groups and users in Linux is a common task for system administrators, and eventually necessary for more advanced users.
Although there are more situations and commands available, these presented in this article should cover the most common use of Linux group management by command line on the terminal console.
If you need an explanation for a different context, leave a comment for me to complement the article.
Comments