groupadd command is used to add or create group in Linux. You will learn in this article how to create group in Linux by using simple command groupadd.
You are working in an organization as a system administrator of Linux. all users on system are belongs to 3 different-2 departments example, Sales, account, and HR. If we will not manage those users they can access each other’s data.
Accessing data of every user neither safe for the department nor for Organization. So managing those users are important and necessary.
- What is Group in Linux
- Basic Syntax of Groupadd command in Linux
- How to create group in Linux by Groupadd command
- How to add user to group
- Create a Group in Linux Specific GID
- Create a System Group in Linux
- Overriding the Default Values with in /etc/login.defs
- Create a Group in Linux with Password
What is Group in Linux
Groups in Linux refer to the user groups, Which are used to manage and administer user accounts. You can create many users on a single system.
You can understand, that normal user can take uid from 1000 to 60000. UID 0 is reserved for ‘root’ user and 1 to 999 for system users. UID stands for the User ID.
The primary purpose of groups is to define a set of privileges such as reading, writing, or executing permission for a given resource that can be shared among the users within the group.
In a scenario: there are many users who exist on the Linux system, Due to some privileges, some users can read, write and execute permission of a particular folder and some don’t or have different permission.
In this situation, it is very difficult to manage all the permissions at the individual user level.
So You can use a grouping of the users, which means we can group together a number of users, and set privileges and permissions for the entire group.
groupadd command in Linux is used to create a new user group
Basic Syntax of Groupadd command in Linux
You must know the basic syntax of the groupadd command. It is as follows:
#groupadd [option] group_name
Note: All command will be used with sudo privilege or Administrator User permission / root user.
How to create group in Linux by Groupadd command
As you have seen in groupadd command basic syntax in above section.
If you will run groupadd command without any option, It will create a new group.
You can use the following syntax without option
In the above example, I have created a new group with the name “sales”. You can use the following command to verify the newly created group.
[[email protected] ~]# groupadd sales [[email protected] ~]# tail /etc/group rpcuser:x:29: gnome-initial-setup:x:977: sshd:x:74: avahi:x:70: slocate:x:21: tcpdump:x:72: vijay:x:1000: vboxsf:x:976: student2:x:1003: sales:x:1004: [[email protected] ~]#
The file shows group information in the following format:
group_name : password : group-id : list-of-members
How to add user to group
You can add a new user into the group, the group is mentioned using -g option in the command useradd.
#useradd -g GroupName new_user
To add an existing user to a group, use the usermod command
#usermod -g GroupName existing_user
Create a Group in Linux Specific GID
GID means group ID, every group has a unique ID. n Linux and Unix-like operating systems, groups are identified by its name and a unique GID.
By default, when You create a new group, the system assigns the next available GID from the range of group IDs, Which are defined in the file name login.defs.
So if you want to create a group with specific GID then use groupadd command followed by -g or –gid and group name.
For example I will create a new group named “hr” with GID of 1111. The following command syntax will be used:
groupadd -g 1111 hr
[[email protected] ~]# groupadd -g 1111 hr [[email protected] ~]# tail /etc/group gnome-initial-setup:x:977: sshd:x:74: avahi:x:70: slocate:x:21: tcpdump:x:72: vijay:x:1000: vboxsf:x:976: student2:x:1003: sales:x:1004: hr:x:1111: [[email protected]ocalhost ~]#
Create a System Group in Linux
If you are thinking to create system group in Linux. Then you must know the difference between the system and regular (normal) groups. The answer is no deffernece, Yes there is no difference between system and regular groups.
Basically, You can use system groups for some special system operation purposes, For example, creating backups or doing system maintenance etc.
When you create a System group then you must choose the GID from the range of system group UDs. These UDs are specified in the login.defs file.These GIDs range is different than the range used for regular groups.
You can use the -r (–system) option to create a system group. For example, to create a new system group named ‘backupgroup’ you can run the following syntax for create system group:
groupadd -r backupgroup
[[email protected] ~]# groupadd -r backupsystem [[email protected] ~]# tail /etc/group sshd:x:74: avahi:x:70: slocate:x:21: tcpdump:x:72: vijay:x:1000: vboxsf:x:976: student2:x:1003: sales:x:1004: hr:x:1111: backupsystem:x:975: [[email protected] ~]#
Overriding the Default Values with in /etc/login.defs
As I have told yu already default values of UIDs and GIDs are specifid in /etc/login.defs file. If you want to override /etc/login.defs default values (GID_MIN, GID_MAX and others).
You can use -K or –key followed by KEY=VAL for overriding the default values specified in the /etc/login.defs file. The other options can be specified with groupadd command including GID_MIN and GID_MAX.
These are the parameters set in /etc/login.defs which defines the minimum and maximum values that a group id can take.
Basically, all you can override are the maximum and minimum values of the normal and system group IDs for automatic GID selection when creating a new group.
For Example, I want to create a new group with GID in the range between 700 and 1200. Then the following content will be used.
groupadd -K GID_MIN=700 -K GID_MAX=1200 account
Create a Group in Linux with Password
You can say there is no practical use to create a group with a password, It may cause a security problem since more than one user will need to know the password.
As you know, the password is disabled by default for a group, When you create a group with a password then this password is visible to the users.
The password is encrypted and returned by crypt(3). When you set the password make sure you should follow the strong password policy.
The group password is stored in “/etc/gshadow” file.
You can use the -p (–password) option followed by password to set a password for the new group
groupadd -p grouppassword securegroup
This article shows the basic commands that may help you to explore groupadd command in Linux to create a group. You have learned using the basics and the advanced syntax of Group command in Linux.
As I have told you already You may refer the man page of group command if you want to know more options.
Please share it if you find this article useful. If you find anything missing please leave in comment box.