User accounts can be assigned to one or more groups on Linux. You can configure file permissions and other privileges by group. For example, on Ubuntu, only users in the sudo group can use the
sudo command to gain elevated permissions.
Create a New Group
If you want to create a new group on your system, use the
groupadd command following command, replacing new_group with the name of the group you want to create. You’ll need to use sudo with this command as well (or, on Linux distributions that don’t use
sudo, you’ll need to run the
su command on its own to gain elevated permissions before running the command).
sudo groupadd mynewgroup
Add an Existing User Account to a Group
To add an existing user account to a group on your system, use the
usermod command, replacing
examplegroup with the name of the group you want to add the user to and
exampleusername with the name of the user you want to add.
usermod -a -G examplegroup exampleusername
For example, to add the user
geek to the group
sudo , use the following command:
usermod -a -G sudo geek
Change a User’s Primary Group
While a user account can be part of multiple groups, one of the groups is always the “primary group” and the others are “secondary groups”. The user’s login process and files and folders the user creates will be assigned to the primary group.
To change the primary group a user is assigned to, run the
usermod command, replacing
examplegroup with the name of the group you want to be the primary and
exampleusernamewith the name of the user account.
usermod -g groupname username
-g here. When you use a lowercase g, you assign a primary group. When you use an uppercase
-G , as above, you assign a new secondary group.
View the Groups a User Account is Assigned To
To view the groups the current user account is assigned to, run the
groups command. You’ll see a list of groups.
To view the numerical IDs associated with each group, run the
id command instead:
To view the groups another user account is assigned to, run the
groups command and specfy the name of the user account.
You can also view the numerical IDs associated with each group by running the
id command and specifying a username.
The first group in the
groups list or the group shown after “gid=” in the
id list is the user account’s primary group. The other groups are the secondary groups. So, in the screenshot below, the user account’s primary group is
Create a New User and Assign a Group in One Command
You may sometimes want to create a new user account that has access to a particular resource or directory, like a new FTP user. You can specify the groups a user account will be assigned to while creating the user account with the
useradd command, like so:
useradd -G examplegroup exampleusername
For example, to create a new user account named jsmith and assign that account to the ftp group, you’d run:
useradd -G ftp jsmith
You’ll want to assign a password for that user afterwards, of course:
Add a User to Multiple Groups
While assigning the secondary groups to a user account, you can easily assign multiple groups at once by separating the list with a comma.
usermod -a -G group1,group2,group3 exampleusername
For example, to add the user named geek to the ftp, sudo, and example groups, you’d run:
usermod -a -G ftp,sudo,example geek
You can specify as many groups as you like—just separate them all with a comma.
View All Groups on the System
If you want to view a list of all groups on your system, you can use the
This output will also show you which user accounts are members of which groups. So, in the screenshot below, we can see that the user accounts syslog and chris are members of the adm group.
That should cover everything you need to know about adding users to groups on Linux.