Group Management

User/Group Relationship#

Primary Group#

When a user is created, a group with the same name is also created, which is the primary group.

grep soda /etc/passwd

soda:x:1001:1001:,,,:/home/soda:/bin/bash

The fourth field indicates the primary group ID 1001, which can also be viewed using the groups command.

groups soda

soda : soda

Secondary Groups#

Users can also belong to multiple secondary groups, used for permission access control.

ID Command#

The most practical command for viewing user group information.

id soda

uid=1001(soda) gid=1001(soda) groups=1001(soda)

gid indicates the primary group, and groups indicates the secondary groups.

/etc/group#

The configuration file for groups, modified using commands, do not manually edit, otherwise, it will be messed up.

-rw-r--r-- 1 root root 886 Aug 28 21:00 /etc/group

Group Information#

Viewing the information of the sudo group

grep sudo /etc/group

sudo:x:27:kuga

• Group Name: sudo
• Password: x
• Group ID: 27
• Member: kuga

Multiple group members are separated by commas: kuga,soda.

Creating a New Group#

sudo groupadd rocks

grep rocks /etc/group

rocks:x:1002:

Modifying Group Name#

sudo groupmod -n newrocks rocks

User Group Assignment#

Preserving Secondary Groups#

This method does not overwrite the list of secondary groups.

sudo usermod -aG rocks soda

id soda

... groups=1001(soda),1002(rocks)

Overwriting Secondary Groups#

Removing the -a (append) option will overwrite the entire secondary group list.

sudo usermod -G sudo soda

id soda

... groups=1001(soda),27(sudo)

Clearly, the soda group is gone.

Deleting Secondary Groups#

Deleting the sudo secondary group of the soda user.

sudo gpasswd -d soda sudo

Alternatively, you can use the overwrite method, keeping only the soda group.

sudo usermod -G soda soda