User groups on Linux systems are often set up to provide access permissions to specific groups of users who share some responsibility. For example, a particular group of users may be allowed to run commands with superuser privilege or access a group of shared files. Another group may be given permission to add, update or remove user accounts. User groups provide a way to give specific people common access privileges for system functions and resources, such as files, directories, and peripheral devices.
User groups are managed with the groupadd and groupdel commands, which allow you to add or remove users from specific groups. These commands, however, do require superuser (root) permissions – generally through use of the sudo command.
You can get a list of all the groups defined on a system by listing the contents of the /etc/group file (cat /etc/group). Some of the groups may include a list of users (e.g., wheel:x:10:fedora,shs} while most will list none. Many groups will be associated with individual accounts. For example, when you list the home directories in the /home directory, you’ll notice entries like these that show that the user account and primary group have identical names.
drwx------. 1 cookie cookie 148 Sep 27 12:20 cookie
drwx------. 1 lola lola 204 Jul 22 2024 lola
Groups like the wheel group include a list of those who are members, as this is the way these privileges are assigned.
To create a group, you first need to have root access. Either you need to switch to using the root account or, most commonly, be able to use sudo privilege to run commands with root authority.
Creating a new group
To create a new user group, you would use the groupadd command as in this example:
$ sudo groupadd -g 1111 techs
In this case, a specific group ID (1111) is being assigned. Omit the -g option to use the next available group ID (e.g., sudo groupadd techs). Once a group is added, you will find it in the /etc/group file.
$ grep techs /etc/group
techs:x:1111:
Adding or removing users from groups
To add a member to a secondary group file, use a command like this that adds jdeo to the techs group:
$ sudo usermod -aG techs jdoe
Check the /etc/group file for the addition with a command like this:
$ grep techs /etc/group
techs:x:1111:shs,jdoe
To remove a user from a group, use a command like this where the -a (add) is replaced with the -r options:
$ sudo usermod -rG techs jdoe
Removing a group
To remove a group, use the groupdel command as in the example below.
$ sudo groupdel techs
Wrap-up
Setting up and managing groups on Linux systems can help when you need to assign specific privileges to particular groups of people.
Source:: Network World