Add a User to a Group (or Second Group) on Linux

By Chris Hoffman on May 1st, 2017

User accounts can be assigned to one or more groups on Linux. You can configure file permissions and other privileges by group. For example, on Ubuntu, only users in the sudo group can use the sudo command to gain elevated permissions.

Create a New Group

If you want to create a new group on your system, use the groupadd command following command, replacing new_group with the name of the group you want to create. You’ll need to use sudo with this command as well (or, on Linux distributions that don’t use sudo, you’ll need to run the su command on its own to gain elevated permissions before running the command).

sudo groupadd mynewgroup

Add an Existing User Account to a Group

To add an existing user account to a group on your system, use the usermod command, replacing examplegroup with the name of the group you want to add the user to andexampleusername  with the name of the user you want to add.

usermod -a -G examplegroup exampleusername

For example, to add the user geek to the group sudo , use the following command:

usermod -a -G sudo geek

Change a User’s Primary Group

While a user account can be part of multiple groups, one of the groups is always the “primary group” and the others are “secondary groups”. The user’s login process and files and folders the user creates will be assigned to the primary group.

To change the primary group a user is assigned to, run the usermod command, replacingexamplegroup  with the name of the group you want to be the primary and exampleusernamewith the name of the user account.

usermod -g groupname username

Note the -g here. When you use a lowercase g, you assign a primary group. When you use an uppercase -G , as above, you assign a new secondary group.

View the Groups a User Account is Assigned To

To view the groups the current user account is assigned to, run the groups  command. You’ll see a list of groups.

groups

To view the numerical IDs associated with each group, run the id  command instead:

id

To view the groups another user account is assigned to, run the groups command and specfy the name of the user account.

groups exampleusername

You can also view the numerical IDs associated with each group by running the id command and specifying a username.

id exampleusername

The first group in the groups list or the group shown after “gid=” in the id list is the user account’s primary group. The other groups are the secondary groups. So, in the screenshot below, the user account’s primary group is example.

Create a New User and Assign a Group in One Command

You may sometimes want to create a new user account that has access to a particular resource or directory, like a new FTP user. You can specify the groups a user account will be assigned to while creating the user account with the useradd command, like so:

useradd -G examplegroup exampleusername

For example, to create a new user account named jsmith and assign that account to the ftp group, you’d run:

useradd -G ftp jsmith

You’ll want to assign a password for that user afterwards, of course:

passwd jsmith

Add a User to Multiple Groups

While assigning the secondary groups to a user account, you can easily assign multiple groups at once by separating the list with a comma.

usermod -a -G group1,group2,group3 exampleusername

For example, to add the user named geek to the ftp, sudo, and example groups, you’d run:

usermod -a -G ftp,sudo,example geek

You can specify as many groups as you like—just separate them all with a comma.

View All Groups on the System

If you want to view a list of all groups on your system, you can use the getent command:

getent group

This output will also show you which user accounts are members of which groups. So, in the screenshot below, we can see that the user accounts syslog and chris are members of the adm group.

That should cover everything you need to know about adding users to groups on Linux.

Chris Hoffman is a technology writer and all-around computer geek. He's as at home using the Linux terminal as he is digging into the Windows registry. Connect with him on Google+.

  • Published 05/1/17
More Articles You Might Like