Add a User to a Group on Linux

How can I add a user to a group under Linux operating system using command line options? How to add an existing user into a group in Linux using command line options?

You can use the useradd or usermod commands to add a user to a group. The useradd command creates a new user or update default new user information. The usermod command modifies a user account and it is useful to add user to existing groups. There are two types of groups under Linux operating systems:

  1. Primary user group
  2. Secondary or supplementary user group

All user account related information are stored in the following files:

  1. /etc/passwd - Contains one line for each user account
  2. /etc/shadow - Contains the password information in encrypted formatfor the system's accounts and optional account aging information
  3. /etc/group - Defines the groups on the system
  4. /etc/default/useradd - This file contains a value for the default group, if none is specified by the useradd command
  5. /etc/login.defs - This file defines the site-specific configuration for the shadow password suite stored in /etc/shadow file

useradd Example - Add a new user to secondary group

You need to the useradd command to add new users to existing group (or create a new group and then add user). If group does not exist, create it. The syntax is as follows:

useradd -G  username

In this example, create a new user called zero and add it to group called developers. First login as a root user (make sure group developers exists), enter:

grep developers /etc/group

Output:

developers:x:1124:

If you do not see any output then you need to add group developers using the groupadd command:

groupadd 
groupadd developers

Next, add a user called zero to group developers:

useradd -G  username
useradd -G developers zero

Setup password for user zero:

passwd zero

Ensure that user added properly to group developers:

id zero

Output:

uid=1122(zero) gid=1125(zero) groups=1125(zero),1124(developers)

Please note that capital G (-G) option add user to a list of supplementary groups. Each group is separated from the next by a comma, with no intervening whitespace. For example, add user lion to groups admins, ftp, www, and developers, enter:

useradd -G  username
useradd -G admins,ftp,www,developers lion

useradd example - Add a new user to primary group

To add a user tiger to group developers use the following command:

useradd -g  username
useradd -g developers tiger
id tiger

Sample outputs:

uid=1123(tiger) gid=1124(developers) groups=1124(developers)

Please note that small g (-g) option add user to initial login group (primary group). The group name must exist. A group number must refer to an already existing group.

usermod example - Add a existing user to existing group

Add existing user tiger to ftp supplementary/secondary group with the usermod command using the -a option ~ i.e. add the user to the supplemental group(s). Use only with -G option:

usermod -a -G  username
usermod -a -G ftp tiger

In this example, change tiger user's primary group to www, enter:

usermod -g  username
usermod -g www tiger

usermod command options summary

Option Purpose
-a --append Add the user to the supplementary group(s). Use only with the -G option
-g GROUP --gid GROUP Use this GROUP as the default group
-G GRP1,GRP2 --groups GRP1,GRP2 Add the user to GRP1,GRP2 secondary group

A note about security

If you add or delete user to existing group, you must change the owner of any crontab files or at jobs manually. You must make any changes involving NIS on the NIS server too

A note about GUI tool

You will probably find the use of the GUI tool easy. KDE user can use KUser tool and the GNOME user can use users-admin tool called system-config-users

Comments

Popular posts from this blog

Reduce TIME_WAIT Socket Connections