Managing user permissions is a crucial part of system administration on any Linux server or desktop. Rather than setting permissions user by user, Linux allows you to create groups and easily manage access for entire sets of users simultaneously. This guide will teach you all about Linux groups and how to add (or remove) users from them.
Let’s start with the basics – what exactly is a user group on Linux?
What is a User Group in Linux?
A user group in Linux is essentially a bundle of access permissions that can be applied to multiple user accounts at once. Instead of having to define permissions like read, write, and execute individually for each user, you can simply add or remove users from the appropriate group.
There are two main types of groups for users in Linux:
Primary Group
- This is the default group a user belongs to when the account is first created.
- It shares the same name as the username.
- Any new files or folders created by that user automatically belong to their primary group.
- A user can only have one primary group at a time.
Secondary Groups
- Secondary groups are any additional groups a user account is a member of beyond their primary.
- Users can belong to an unlimited number of secondary groups.
- Secondary groups are commonly used to grant (or deny) access to system resources like software, storage shares, printers, etc.
The real power of Linux groups comes from secondaries – your system’s primary groups are mainly just a formality when initially setting up user accounts. By granting group membership, you unlock capabilities that would otherwise require setting complex individual permissions.
Key Takeaways:
- Groups allow managing permissions for multiple users collectively
- Primary group comes by default with a new user account
- Secondary groups grant additional privileges based on membership
- Use groups to provide resource access instead of user-by-user permissions
Adding a User to an Existing Group on Linux
Now that we understand what user groups are in Linux, let’s look at how to actually add users to them using various common methods.
From the Command Line
You can add an existing user account to an existing group from the Linux terminal using tools like usermod, useradd, or the lower-level vigr editor. Here are some examples:
-
Using the usermod command:
sudo usermod -aG group_name user_name
The -a option tells usermod to append the user to the specified group. Leaving it out could potentially remove them from other existing groups.
-
With the useradd command:
sudo useradd -G group_name user_name
Note that useradd is usually for creating new user accounts, but can also modify group membership for existing users.
-
Using vigr to edit /etc/group directly:
sudo vigr
vigr opens the /etc/group file, which lists all the groups and their members. Once open, simply add the username to the end of the respective group line.
Tip: You can use the groups command to see which groups a user currently belongs to.
Creating a New Users and Adding Them to Groups
You can also create a brand new user account in Linux and add them to one or more groups simultaneously using useradd.
For example, to make a new user named ‘webadmin’ with secondary group membership like ‘sudo’ and ‘nginx’:
sudo useradd -G sudo,nginx webadmin
This is handy for provisioning new user accounts tied to specific application permissions right from the start.
Using GUI Tools
Linux desktops like GNOME, KDE, and others provide simple graphical user interfaces for managing local user accounts and groups as well.
For instance, on Ubuntu with the GNOME desktop, you can:
- Open the ‘Users’ settings
- Click the ‘Unlock’ button to allow editing
- Select a user and click the ‘User Groups’ button
- Check the box next to any groups you want to add the user to
The process is similar on other Linux desktops and distributions. Consult your documentation for the exact steps.
Also read: How to List Users in Ubuntu Linux VPS
How to Add a User to Multiple Groups in One Command
Sometimes you need to add a single user account to several groups at once. The easiest way is to separate the group names with commas when invoking the usermod command:
sudo usermod -aG group1,group2,group3 user_name
The user will be added as a new member to group1, group2, and group3 simultaneously.
How to Create a New Group in Linux
Of course, you’ll also need to know how to create new groups from scratch on your Linux system. The tooling is quite straightforward:
sudo groupadd new_group_name
Replace ‘new_group_name’ with whatever you want to call your group. The new group will be created and you can immediately start adding user members to it.
Example: Adding an Existing User to an Existing Group
Let’s put some of these commands in context with a practical example.
Imagine you have an existing Linux server with the following users and groups already set up:
Users:
- mfernandez
- bjohnson
- ansari
Groups:
- webdevs
- managers
- interns
If you wanted to add the user ‘bjohnson’ to the ‘managers’ group, you could run:
sudo usermod -aG managers bjohnson
Verify the change by checking which groups bjohnson now belongs to:
groups bjohnson bjohnson : bjohnson webdevs managers
Success! The bjohnson account is now a member of both the webdevs and managers groups.
Using the usermod command is one of the most flexible ways to modify group membership for existing user accounts on your Linux system or VPS server.
How to Remove a User from a Group in Linux
What if you need to revoke a user’s access by removing them from a particular group? Use the gpasswd command:
sudo gpasswd -d user_name group_name
For example, to remove bjohnson from the managers group again:
sudo gpasswd -d bjohnson managers
Tip: You can use gpasswd to assign group administrators and set passwords for accessing group resources as well.
Other Useful Group Management Commands
Here are a few more handy commands for working with Linux groups:
List all groups on the system:
getent group
Get info on a specific group and its members:
getent group group_name
Display groups a user belongs to:
id -nG user_name
List all group IDs for a user:
id -G user_name
Modify a user’s primary group:
sudo usermod -g new_primary_group user_name
Delete/remove a group entirely:
sudo groupdel group_name
FAQs About Linux User Groups
Still, have some lingering questions about how to use groups for managing user access on Linux? Let’s go through a few common queries:
Q: How do I list all groups on my Linux system?
A: Use the ‘getent group’ or ‘cat /etc/group’ commands to display a list of all existing groups.
Q: What groups do I belong to in my current Linux session?
A: Just run the ‘groups’ command to see your user’s group memberships. Add a username to check other users.
Q: How do I list members of a particular group?
A: Use ‘getent group group_name’ or ‘grep group_name /etc/group’ to list all users in a specified group.
Q: Can a user have multiple primary groups in Linux?
A: No, a Linux user account can only have one primary group at a time. But they can be a member of any number of secondary groups.
Q: How do I change a user’s primary group?
A: Use the ‘sudo usermod -g new_group user_name’ command to set a different primary group for a user.
Q: What is the ‘wheel’ group used for in Linux?
A: ‘Wheel’ is a legacy group used on some Linux distributions like RedHat to grant users sudo-like administrative privileges. It serves the same purpose as the ‘sudo’ group on modern distros.
Q: How can I delete or remove a group in Linux?
A: Use the ‘sudo groupdel group_name’ command to delete an existing group from your Linux system entirely.
Linux Group Best Practices
As you get comfortable adding users to groups on your Linux servers and desktops, keep a few key best practices in mind:
- Use descriptive, logical group names to easily identify their purpose
- Avoid creating unnecessary groups that don’t serve a real access need
- Remove users from groups when they no longer need those permissions
- Periodically review active group members and remove stale users
- Don’t add all users to the ‘sudo’ or other admin groups without good reason
- Create new secondary groups for applications instead of using system groups
- Document your user and group access structure for future reference
Taking a thoughtful, secure approach to managing users and group memberships in Linux will pay off through better access control and less potential for unauthorized actions or changes.
VpsWala: The Benefits of VPS Hosting with Reliable Linux Support
When evaluating Linux VPS hosting options, few providers match the combination of features, performance, and expertise offered by VpsWala. Their fully managed virtual private servers support all major Linux distributions including Ubuntu, CentOS, Debian and more with highly accessible support teams.
Key VpsWala advantages include:
✅ Top-tier infrastructure across multiple secure data centers
✅ Full root access and complete control over your Linux VPS
✅ Built-in backup solutions with offsite storage
✅ Scalable resource allocation with vertical and horizontal scaling
✅ High availability clustering options
✅ DDoS protection and enterprise-grade security
✅ 24×7 monitoring and OS and software updates
✅ Choice of operating system templates or custom ISO installation
✅ Migration services available
✅ 30-day money-back guarantee
For individuals, startups, small businesses and enterprises alike, VpsWala’s Linux VPS hosting solutions deliver an ideal balance of flexibility, security and ease of management. Plus, their technical support staff deeply understands Linux permissions, users, and groups.
Whether you’re a Linux guru or still learning, VpsWala empowers you to focus on running your applications rather than worrying about complex system administration. Groups make user and permission management easier – and VpsWala makes running Linux servers hassle-free.