Changing the group a user is
associated with is a fairly easy task, but not everyone knows the commands, especially for adding a user to a child group. We will walk through all the scenarios for you.
User accounts can be assigned to one or more groups on Linux. You can configure file permissions and other privileges on a per-group basis. For example, in Ubuntu, only users in the sudo group can use the sudo command to get elevated permissions.
If you’re
using a new Linux laptop, you might have some sort of GUI interface to configure these settings (depending on the distribution you’re running, at least), but realistically, it’s almost always easier to just go down to the terminal and type in a few commands, so that’s what we’re showing you today.
Add
a new group
RELATED: What’s the difference between Sudo and Su on Linux?
If you want to create
a new group on the system, use the groupadd command below, replacing it new_group with the name of the group you want to create. You’ll also need to use sudo with this command (or, on Linux distributions that don’t use sudo, you’ll need to run the su command on its own to get elevated permissions before running the command).
sudo groupadd mynewgroup Add an existing user account to a group To add
an
existing user account to a group on your system, use the usermod command, replacing examplegroup with the name of the group you want to add the user
to, and exampleusername with the name of the user you want to add. usermod -a -G examplegroup exampleusername
For example, To
add the geek user to the sudo group, use the following command: usermod -a -G sudo geek
RELATED: How to Add a User to the Sudoers File on Linux
Change
a user’s
parent group
While a user account can be part of multiple groups, one of the groups is always the “parent group” and the others are “child groups.” The user’s logon process and the files and folders that the user creates will be assigned to the parent group.
To change the parent group to
which a user is assigned, run the usermod command, replacing examplegroup with the name of the group you want to be the parent group and exampleusername with the name of the user account. usermod
-g groupname username
Note the -g here. When a lowercase g is used, a parent group is assigned. When a capital -G is used, as noted above, a new child group is assigned.
RELATED: How to Control Sudo Access on Linux
View the groups to which
a
user account
is assigned To view the groups to which the current user account is assigned, run the groups command. You’ll see a list of groups.
groups To view the numeric
identifiers associated with each group
, run the id command instead: id <img src="https://www.howtogeek.com/wp-content/uploads/2017/04/img_58fe4ba2082cf.png" alt="Check which groups
exist and what their numeric identifiers are.” />
To view the groups to which another user account is assigned, run the groups command and specify the name of the user account. groups
examplename
You can also view the numeric IDs associated with each group by running the id command and specifying a user name.
id exampleusername The first group in the group list or the group
displayed after “gid=” in the id list is the parent group of the user account. The other groups are the child groups. So, in the screenshot below, the main group of the user account is an example.
Create a new user
and assign a group in a single command
You may want to create a new user account that has access to a particular resource or directory, such as a new FTP user. You can specify the groups to which a user account will be assigned
when you create the user account with the useradd command, like this: useradd -G examplegroup exampleuser name For example, to create a new user account named jsmith and assign that
account to the ftp group, you would run:
useradd -G ftp jsmith
You’ll want to assign a password for that user afterward. Of course
: passwd jsmith
RELATED: How to Use FTP Command on Linux
Add
a User to Multiple Groups
By assigning child groups to a user account, you can easily assign multiple groups at once by separating the list with a comma.
usermod -a -G group1,group2,group3 exampleusername For example, to add the user named geek to the ftp, sudo, and example groups, you would run: usermod -a -G
ftp,sudo,geek example
You can specify as many groups as you want, just separate them all with a comma.
RELATED: Best Linux Distros for Beginners
View all groups on the system If you want to see a list of
all groups in your
system, You can use the command getent: getent
group
This output will also show you which user accounts are members of which groups. So, in the screenshot below, we can see that the syslog and chris user accounts are members of the adm group.
That should cover everything you need to know about adding users to groups in Linux.
RELATED: Best Linux Laptops of 2023
