Skip to content

session-21-groupManagement.md

Latest commit

 

History

History
214 lines (160 loc) · 5.32 KB

session-21-groupManagement.md

File metadata and controls

214 lines (160 loc) · 5.32 KB

Session 21: Group Management in Linux

Managing groups in Linux is essential for organizing users and controlling access to system resources. In this session, we’ll explore how to create, manage, and delete groups, using the developers group in a company as our real-life example.

Adding a Group

To create a new group, use the groupadd command.

Command:

$ sudo groupadd <groupname>

Example: If you want to create a group called developers, you would run:

$ sudo groupadd developers

Tip

Real-Life Scenario: In a company, when a new development project is initiated, you might create a developers group to manage the team members working on this project.

Understanding the Group File

The /etc/group file lists all groups and their members on your system. Each line follows this format:

group_name:password:GID:user_list
  • group_name: The name of the group (e.g., developers).
  • password: Usually empty, but can be used to set a group password.
  • GID: The Group ID number, which is a unique identifier for the group.
  • user_list: Comma-separated usernames of group members.

Example:

developers:x:1005:atharv,ritesh

This means:

  • developers is the group name.
  • x indicates no password is set.
  • 1005 is the Group ID.
  • atharv and ritesh are members of the developers group.

Using the groups Command

The groups command shows which groups a user belongs to.

Command:

$ groups <username>

Example: To see which groups atharv belongs to:

$ groups atharv

atharv : atharv developers

Tip

Real-Life Scenario: If you need to verify which teams or projects an employee is part of, you can use this command to check that atharv is part of the developers group.

Using the id Command

The id command provides detailed information about a user’s UID (User ID) and GID, including the groups they belong to.

Command:

$ id <username>

Example: To check the IDs and groups for yash:

$ id yash

uid=1004(yash) gid=1004(yash) groups=1004(yash)

Tip

Real-Life Scenario: If you’re reviewing a team member’s profile to see their roles and associated groups, this command will show that yash is not a member of the developers group, among others.

Adding a User to a Group

There are several ways to add users to a group:

1. Via /etc/group File

You can manually edit the /etc/group file to add a user.

Steps:

  1. Open /etc/group with a text editor.
  2. Locate the line for the group you want to modify.
  3. Add the username to the end of the line, separated by a comma.

Example: To add yash to the developers group, modify the line:

developers:x:1001:atharv,ritesh

to:

developers:x:1001:atharv,ritesh,yash

2. Via usermod Command

You can use the usermod command to add a user to a group.

Command:

$ sudo usermod -a -G <groupname> <username>

Example: To add yash to the developers group:

$ sudo usermod -aG developers yash      # -aG = -a -G

Tip

Real-Life Scenario: When Atharv, the team lead, needs to include yash in the development team for a new project, he would use this command to ensure yash is part of the developers group.

3. Via groupmod Command

The groupmod command can modify group properties.

Command:

$ sudo groupmod [options] <groupname>

Options:

  • -a, --append – Add users without removing existing members.
  • -g, --gid GID – Change the group ID.
  • -n, --new-name NEW_GROUP – Rename the group.
  • -U, --users USERS – List the users in the group.

Example: To rename the group developers to software_engineers:

$ sudo groupmod -n software_engineers developers

Using gpasswd

The gpasswd command manages group memberships and administrative tasks.

Command:

$ sudo gpasswd [options] <groupname>

Common Options and Examples:

  • Add a User to a Group:

    $ sudo gpasswd -a <username> <groupname>

    Example: To add yash to the developers group:

    $ sudo gpasswd -a yash developers

  • Remove a User from a Group:

    $ sudo gpasswd -d <username> <groupname>

    Example: To remove ritesh from the developers group:

    $ sudo gpasswd -d ritesh developers

  • Make a User an Admin of the Group: You can use gpasswd to manage administrative tasks, although making a user an admin is often handled through specific configurations or policies.

Example: To make atharv an admin of the developers group (if applicable):

$ sudo gpasswd -A atharv developers

Tip

Real-Life Scenario: Atharv, as the senior developer or team lead, might be given administrative privileges to manage the developers group. This allows him to add or remove team members and handle group-related administrative tasks.

Deleting a Group

To remove a group that is no longer needed, use the groupdel command.

Command:

$ sudo groupdel <groupname>

Example: To delete the developers group:

$ sudo groupdel developers

Tip

Real-Life Scenario: If the developers team is restructured and the group is no longer needed, you would delete it to maintain system organization.