How to create, modify, and delete local group accounts in Linux
A group must exist before a user can be added to that group. Several command-line tools are used to manage local group accounts. In this post, we will see how to create, modify, and delete local group accounts in Linux.
Creating Groups from the Command Line
1. The groupadd command creates groups. Without options the groupadd command uses the next available GID from the range specified in the /etc/login.defs file while creating the groups.
2. The -g option specifies a particular GID for the group to use.
[[email protected] ~]$ sudo groupadd -g 10000 group01
[[email protected] ~]$ tail /etc/group
...output omitted...
group01:x:10000:
3. The -r option creates a system group using a GID from the range of valid system GIDs listed in the /etc/login.defs file. The SYS_GID_MIN and SYS_GID_MAX configuration items in /etc/login.defs define the range of system GIDs.
[[email protected] ~]$ sudo groupadd -r group02
[[email protected] ~]$ tail /etc/group
...output omitted...
group01:x:10000:
group02:x:988:
Modifying Existing Groups from the Command Line
1. The groupmod command changes the properties of an existing group. The -n option specifies a new name for the group.
[[email protected] ~]$ sudo groupmod -n group0022 group02
[[email protected] ~]$ tail /etc/group
...output omitted...
group0022:x:988:
Notice that the group name is updated to group0022 from group02.
2. The -g option specifies a new GID.
[[email protected] ~]$ sudo groupmod -g 20000 group0022
[[email protected] ~]$ tail /etc/group
...output omitted...
group0022:x:20000:
Notice that the GID is updated to 20000 from 988.
Deleting Groups from the Command Line
The groupdel command removes groups.
[[email protected] ~]$ sudo groupdel group0022
Changing Group Membership from the Command Line
1. The membership of a group is controlled with user management. Use the usermod -g command to change a user’s primary group.
[[email protected] ~]$ id user02
uid=1006(user02) gid=1008(user02) groups=1008(user02)
[[email protected] ~]$ sudo usermod -g group01 user02
[[email protected] ~]$ id user02
uid=1006(user02) gid=10000(group01) groups=10000(group01)
2. Use the usermod -aG command to add a user to a supplementary group.
[[email protected] ~]$ id user03
uid=1007(user03) gid=1009(user03) groups=1009(user03)
[[email protected] ~]$ sudo usermod -aG group01 user03
[[email protected] ~]$ id user03
uid=1007(user03) gid=1009(user03) groups=1009(user03),10000(group01)