Group Management

User/Group Relationship

Primary Group

When a user is created, a group with the same name is also created, which is the primary group.

grep soda /etc/passwd
soda:x:1001:1001:,,,:/home/soda:/bin/bash

The fourth field indicates the primary group ID 1001, which can also be viewed using the groups command.

groups soda
soda : soda

Secondary Groups

Users can also belong to multiple secondary groups, used for permission access control.

ID Command

The most practical command for viewing user group information.

id soda
uid=1001(soda) gid=1001(soda) groups=1001(soda)

gid indicates the primary group, and groups indicates the secondary groups.

/etc/group

The configuration file for groups, modified using commands, do not manually edit, otherwise, it will be messed up.

-rw-r--r-- 1 root root 886 Aug 28 21:00 /etc/group

Group Information

Viewing the information of the sudo group

grep sudo /etc/group
sudo:x:27:kuga
  • Group Name: sudo
  • Password: x
  • Group ID: 27
  • Member: kuga

Multiple group members are separated by commas: kuga,soda.

Creating a New Group

sudo groupadd rocks
grep rocks /etc/group
rocks:x:1002:

Modifying Group Name

sudo groupmod -n newrocks rocks

User Group Assignment

Preserving Secondary Groups

This method does not overwrite the list of secondary groups.

sudo usermod -aG rocks soda
id soda
... groups=1001(soda),1002(rocks)

Overwriting Secondary Groups

Removing the -a (append) option will overwrite the entire secondary group list.

sudo usermod -G sudo soda
id soda
... groups=1001(soda),27(sudo)

Clearly, the soda group is gone.

Deleting Secondary Groups

Deleting the sudo secondary group of the soda user.

sudo gpasswd -d soda sudo

Alternatively, you can use the overwrite method, keeping only the soda group.

sudo usermod -G soda soda