Linux

Linux Groups

In previous page you have learned Linux users, Consider you want a set of users have same type of permissions or same type of authorization. In this scenario, you will have to grant same type of rights to all users, and this will become gruelling task. In order to overcome this problem, Linux system uses another security concept, called groups. In Linux we make a group of users, grant all permissions to the group and that permissions are applicable to the users associated with group. Each group has a unique GID, which, like UIDs, is a unique numerical value on the system. Along with the GID, each group has a unique group name. Before start about group creation first we discuss the /etc/group file.

/etc/group

/etc/group
/etc/group

The above figure shows 4 fields. Where
  1. group_name: It is the name of group. If you run ls -l command, you will see this name printed in the group field.
  2. Password: Generally password is not used, hence it is empty/blank. It can store encrypted password.
  3. Group ID (GID): This is the group ID number..
  4. Group List: It is a list of users associated with the group. The user names, must be separated by commas.

The commands for working with group accounts are

groupadd

This groupadd creates the group. I want to create a new group intel.
Linux Adding user to group
Adding user to group

Open the file
The group intel is created
Open /etc/group
Linux View group in /etc/group
View group in /etc/group

Let us discuss some important options of groupadd command.

-g gid (group's ID)

You can assign any gid value by using -g option. The gid value must be greater than 500. Values between 0 and 499 are typically reserved for system accounts.
-g gid (group's ID)
-g gid (group's ID)

Open the file
/etc/group
-g gid (group's ID)
-g gid in /etc/group file

-o

For duplicate group id.
duplicate group id -o
duplicate group id

Open the file
/etc/group
amd and hit group have same id.
duplicate group id -o
duplicate group id

-r

If you want to assign group id less 500 to any group then use option -r. This flag instructs groupadd to add a system account. When you use -r, the available gid less than 500 will be automatically selected unless the -g option is also given on the command line.
gid less than 500
gid less than 500

Open the file
/etc/group
id is less then 499 as Shawn in fig below.
gid less than 500
gid less than 500

Modifying groups groupmod

This command is used for existing group.
gid change for existing group
gid change for existing group

To verify open the file /etc/group.
gid change for existing group
gid change for existing group

Delete a group using groupdel

To delete a group, use the command groupdel .
Syntax
# groupdel <group_name>
You cannot delete a user's primary group, Readers should read the man page of all command to practice for options.

Adding users to group

This can be done by command gpasswd
[root@localhost~ ]# gpasswd [-A user,...] [-M user,...] group
Every group can have administrators, members and a password. System administrator can use -A option to define group administrator(s) and -M option to define members and has all rights of group administrators and members. Group administrator can add and delete users using -a and -d options respectively. Administrators can use -r option to remove group password.
Adding users to group
Adding users to group

A view of /etc/group file
Adding users to group
Adding users to group

User wisdom is group administrator have rights to add and delete the members User wisdom add new user harsh to group thehard. User wisdom is group administrator have rights to add and delete the members User wisdom add new user harsh to group thehard.
Adding user to group by admin
Adding user to group by admin

User wisdom delete the user
deleting user to group by admin
deleting user to group by admin

For fun you can add more user by opening file /etc/group (login as root).





admin