How To Add a User to A Group in Linux: Easy Step-by-Step Guide

How To Add a User to A Group in Linux: Easy Step-by-Step Guide

How To Add a User to A Group in Linux: Easy Step-by-Step Guide

Learning how to use groups is essential if you want to give users permission to read files, modify them, or create their own.  

In this comprehensive tutorial, we walk you through the process of adding users to and removing them from a group in Linux. 

We also cover how you can create, view, and delete groups. 

Understanding Linux Groups and Group Types

Linux leverages groups as organizational units for managing user accounts effectively. 

Groups play a vital role in defining privileges such as reading and writing. Not to mention, users need permission to execute permissions too. 

All users in a group have all the permissions assigned to the group by its creator. 

When a user creates a group, it automatically becomes the user’s “primary” group. Typically, the primary group takes its creator’s username. 

But when a user adds someone to a group on Linux, it becomes that user’s secondary group. Every Linux user can be a member of several secondary groups, but every user has only one primary group. 

So, the permissions you set for a group you create – your primary group – are given to the users you add to the group. 

Bear in mind that the ability to add users to groups is limited to users with sudo or root access.

It’s interesting to note that information related to all user accounts is stored in specific files, including /etc/passwd, /etc/shadow, /etc/group, /etc/default/useradd, and /etc/login.defs.

It is crucial to avoid manually modifying these files. Instead, we rely on various commands to add users to groups in Linux.

How to Add an Existing User to a Group

The usermod command helps you add existing users to groups. You can use the command with the “-a -G” options, followed by the group name and username:

sudo usermod -a -G groupname username


For instance, to add the user “joel” to the “sudo” group, execute the following command:

sudo usermod -a -G sudo joel


It’s critical to note that you will need to use the append option (-a) any time you want to add a user to a group. 

If you don’t use the -a option with this command, the user will be removed from all groups they are in expect the ones you specify. 

In the example above, user “joel” would get removed from all groups expect “sudo” if the -a option were omitted from the command.

Note that the usermod command will only display a warning if the user or group doesn’t exist, and it won’t provide any output upon successful execution.

Adding a New User to Secondary Group Using Useradd

If you find yourself needing to add a new user to a group that exists already, you will find the following command useful:

# useradd -G {group-name} username


Let’s walk through an example where we create a new user named “emma” and add them to the “devops” group. First, ensure that the “devops” group exists by using the grep command:

# grep “^devops” /etc/group


If you don’t see any output, it means the group doesn’t exist, and you’ll need to create it using the groupadd command:

sudo groupadd devops


To verify that the user “emma” doesn’t already exist, execute the following command:

grep “^emma” /etc/passwd


If no output is displayed, proceed to add the new user “emma” to the “devops” group:

useradd -G devops emma


Set a password for the user “emma” using the passwd command:

passwd vivek


To ensure that the user has been added successfully to the “devops” group, use the id command:

id vivek


This command will provide output similar to the following:

uid=1122(emma) gid=1125(emma) groups=1125(emma),1124(devops)


Adding a User to Multiple Groups

If you need to add a user to multiple groups simultaneously, use the -G option followed by a comma-separated list of group names. 

For example, to add the user “nash” to the “devops,” “hr,” “ftp,” and “pr” groups, execute the following command:

useradd -G devops,hr,ftp,pr nash


Adding an Existing User to Multiple Groups in One Command

If you need to add an existing user to multiple secondary groups simultaneously, you can achieve this in a single command using usermod with the -G option.

Here’s what the syntax of this command looks like:

sudo usermod -a -G group1,group2 username


For instance, to add the user “emma” to both “ftp” and “hr,” execute the following command:

sudo usermod -a -G ftp,hr emma


Removing a User from a Group

To remove a user from a group, employ the gpasswd command with the -d option. 

The example below demonstrates how to remove the user “emma” from the group “ftp”:

sudo gpasswd -d emma ftp


Changing a User’s Primary Group

To change a user’s primary group, employ the usermod command with the -g option like so:

sudo usermod -g groupname username


For instance, to change the primary group of the user “nash” to “hr,” execute the following command:

sudo usermod -g hr nash


Displaying User Groups

To view comprehensive user information, including the groups to which a user belongs, utilize the id command followed by the username:

id username


If you exclude the username, the command will display information for the currently logged-in user. 

For example, to check the user “emma,” execute the following command:

id emma


Creating and Deleting Groups

Creating a new group is as simple as using the groupadd command with the name of the group:

sudo groupadd groupname


Deleting a group is equally easy. The syntax is the same as that of creating a group, except you have to use the groupdel command:

sudo groupdel groupname


Managing Group Membership in Linux

In addition to adding and removing users from groups, it is essential to understand how to manage group membership effectively in Linux. The following commands and techniques can help you in this process:

  1. List Group Members: To view the members of a specific group, you can use the members command followed by the group name. For instance, here’s the command you can use to list the members of the “devops” group: members devops.
  2. Remove a User from Multiple Groups: You can remove a user from multiple groups at once using the gpasswd command with the -d option. For example, to remove the user “emma” from the “devops” and “hr” groups simultaneously, run: sudo gpasswd -d emma devops,hr.
  3. Change Primary Group for Multiple Users: If you need to change the primary group for multiple users simultaneously, the usermod command can be used in combination with shell scripting techniques. You can create a script that iterates through a list of users and changes their primary group one by one.

By mastering these techniques, you can efficiently manage group membership and access privileges for users in Linux, providing a secure and organized environment for your system.