How to Create Groups in Linux (groupadd Command)

[ad_1]

In Linux, groups are used to organize and administer user accounts. The primary purpose of groups is to define a set of privileges such as reading, writing, or executing permission
for a given resource that can be shared among the users within the group.

In this article, we will talk about how to create new groups in Linux, using the groupadd command.

groupadd Command Syntax #

The general syntax for the groupadd command is as follows:

groupadd [OPTIONS] GROUPNAME

Only the root or a user with sudo
privileges can create new groups.

When invoked, groupadd creates a new group using the options specified on the command line plus the default values specified in the /etc/login.defs
file.

Creating a Group in Linux #

To create a new group type groupadd followed by the new group name.

For example, to create a new group named mygroup you would run:

groupadd mygroup

The command adds an entry for the new group to the /etc/group and /etc/gshadow files.

Once the group is created, you can start adding users to the group
.

If the group with the same name already exist, the system will print an error message like the following:

groupadd: group 'mygroup' already exists

To suppress the error message if the group exist and to make the command exit successfully, use the -f (--force) option:

groupadd -f mygroup

Creating a Group with Specific GID #

In Linux and Unix-like operating systems, groups are identified by its name and a unique GID (a positive integer).

By default, when a new group is created, the system assigns the next available GID from the range of group IDs specified in the login.defs file.

Use the -g (--gid) option to create a group with a specific GID.

For example to create a group named mygroup with GID of 1010 you would type:

groupadd -g 1010 mygroup

You can verify the group’s GID, by listing all groups
and filtering the result with grep
:

getent group | grep mygroup
mygroup:x:1010:

If a group with the given GID already exist, you will get the following error:

groupadd: GID '1010' already exists

When used with the -o (--non-unique) option the groupadd command allows you to create a group with non-unique GID:

groupadd -o -g 1010 mygroup

Creating a System Group #

There is no real technical difference between the system and regular (normal) groups. Usually, system groups are used for some special system operation purposes, like creating backups or doing system maintenance.

System groups GIDs are chosen from the range of system group UDs specified in the login.defs file, which is different than the range used for regular groups.

Use the -r (--system) option to create a system group. For example, to create a new system group named mysystemgroup you would run:

groupadd -r mysystemgroup

Overriding the Default /etc/login.defs Values #

The -K (--key) option followed by KEY=VAL allows you to override the default values specified in the /etc/login.defs file.

Basically, all you can override are the maximum and minimum values of the normal and system group IDs for automatic GID selection when creating a new group.

Let’s say you want to create a new group with GID in the range between 1200 and 1500. To do that, specify the min/max values as shown below:

groupadd -K GID_MIN=1200 -K GID_MAX=1500 mygroup

Creating a System Group with Password #

Adding a password to a group has no practical use and may cause a security problem since more than one user will need to know the password.

The -p (--password) option followed by password allows you to set a password for the new group:

groupadd -p grouppassword mygroup

Conclusion #

In Linux, you can create new groups using the groupadd command.

The same instructions apply for any Linux distribution, including Ubuntu, CentOS, RHEL, Debian, Fedora, and Arch Linux.

Feel free to leave a comment if you have any questions.

[ad_2]

Source link

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.