Groupadd Command in Linux/Unix With Examples | Code Factory


Donate : Link

Medium Blog : Link

Applications : Link

Groups in Linux refer to the user groups. In Linux, there can be many users of a single system, (normal user can take uid from 1000 to 60000, and one root user (uid 0) and 999 system users (uid 1 to 999)). In a scenario where there are many users, there might be some privileges that some users have and some don’t, and it becomes difficult to manage all the permissions at the individual user level. So using groups, we can group together a number of users, and set privileges and permissions for the entire group. groupadd command is used to create a new user group.

Usage: groupadd [options] GROUP

Options:
  -f, --force                   exit successfully if the group already exists,
                                and cancel -g if the GID is already used
  -g, --gid GID                 use GID for the new group
  -h, --help                    display this help message and exit
  -K, --key KEY=VALUE           override /etc/login.defs defaults
  -o, --non-unique              allow to create groups with duplicate
                                (non-unique) GID
  -p, --password PASSWORD       use this encrypted password for the new group
  -r, --system                  create a system account
  -R, --root CHROOT_DIR         directory to chroot into
  -P, --prefix PREFIX_DIR       directory prefix
      --extrausers              Use the extra users database

Every new group created is registered in the file “/etc/group“. To verify that the group has been created, enter the command.

~# tail /etc/group
crontab:x:105:
messagebus:x:106:
input:x:107:
kvm:x:108:
render:x:109:
syslog:x:110:
ubuntu:x:1000:
ssh:x:111:
systemd-coredump:x:999:
lxd:x:998:

The file shows group information in the following format:

group_name : password : group-id : list-of-members

Using groupadd with options:

1. -f, –force: This option forces the command to silently abort if the group with given already exists. If this option is used with the -g or –gid option and the group if given already exists, the command forcefully ignores the given group id and creates a new and unique group id.

~# groupadd ubuntu
groupadd: group 'ubuntu' already exists

~# groupadd -f ubuntu

2. -g, –gid GID: This option is used to provide a group id (numeric) to the new group, and it should be non-negative and unique unless explicitly created to be non-unique (using -o option). If this option is not used, the default id is assigned, which is greater than every other group already present.

~# groupadd -g 3400 cf

~# tail -1 /etc/group
cf:x:3400:

3. -h, –help: Display help message and exit.

4. -K, –key KEY=VALUE: Overrides /etc/login.defs defaults (GID_MIN, GID_MAX and others). Multiple -K options can be specified. GID_MIN and GID_MAX are the parameters set in /etc/login.defs which defines the minimum and maximum values that a group id can take.

~# groupadd -K GID_MIN=1000 -K GID_MAX=1500 test

~# tail /etc/group
input:x:107:
kvm:x:108:
render:x:109:
syslog:x:110:
ubuntu:x:1000:
ssh:x:111:
systemd-coredump:x:999:
lxd:x:998:
cf:x:3400:
test:x:1001;

5. -o, –non-unique: This option permits to add a group with a non-unique GID.

6. -p, –password PASSWORD: The encrypted password, as returned by crypt(3). The default is to disable the password. This password is visible to the users. You should make sure the password respects the system’s password policy. The group passwords are stored in “/etc/gshadow” file.

~# groupadd -p abc test2

~# tail -1 /etc/group
test2:x:3401:

~# tail -1 /etc/gshadow
test2:abc::

7. -r, –system: Create a system group. The numeric identifiers of new system groups are chosen in the SYS_GID_MIN-SYS_GID_MAX range, defined in login.defs, instead of GID_MIN and GID_MAX.

~# groupadd -r sys1

~# tail -1 /etc/group
sys1:x:997:

8. -R, –root CHROOT_DIR: Apply changes in the CHROOT_DIR directory and use the configuration files from the CHROOT_DIR directory.

Important Points:

  • To add a new user into the group, the group is mentioned using -g option in the command useradd.
sudo useradd -g group_name new_user_name
  • To add an existing user to a group, use the usermod command
usermod -g group_name existing_user_name

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s