A user group is a way to assign permissions to several users at once on a Linux system.
User groups make it easier to configure permissions in systems with multiple users or services, where controlling permissions individually would be impractical. Keep in mind that Unix-based systems are designed for multi-user environments.
Even if your Raspberry Pi is a local machine and only has one human user, the system constantly uses groups to give access to devices, folders, and services. Sooner or later you will have to deal with user groups, but do not worry, it is much simpler than it looks.
All the commands in this article refer to user management. Therefore, to use them, we must be logged in as Super User or use the sudo command.
Why User Groups?
If you have a system with 1 or 2 users, you might be able to manage permissions at an individual level. But as the number of users grows, with tens or hundreds of users, management will become a bit impractical.
Imagine a company, where workers are constantly coming and going, changing departments… chaos. Now imagine a server with thousands of users. It would be impossible to configure permissions individually!
For that, the normal approach is to work with user groups and grant permissions to folders or program execution at the user group level. Afterwards, you only have to make sure each user belongs to the appropriate groups and they will have the corresponding permissions.
User groups can serve an organizational purpose. For example, the ‘Marketing’ group has different permissions than ‘Finance’. Or, to give a domestic example, the ‘Family’ group is different from the ‘Guests’ group.
Another quite common approach in some applications is to create a group that has permission to execute a program, access a device, or a folder. For example, when installing application ‘A’, it creates a group ‘A-Users’, which has permission to run it. To grant execution permissions to a user, you have to add them to this group.
Manage User Groups
Add/Remove User Groups
To create a new user group, we simply write:
groupadd group_name
Where group_name is the name of the group we want to create. If we want to delete an existing user group, we use:
groupdel group_name
To rename a user group, we have the command:
groupmod -n new_name old_name
Add/Remove Users from Groups
To add the current user to a group, we can use this command:
newgrp group_name
If we want to add another user to a group, we will use the command:
adduser username group_name
Alternatively, we can use the following command (useful if we want to add them to more than one group in a single command):
usermod -a -G group_name1, group_name2, group_name3 username
Finally, to remove a user from a user group, we use the command:
deluser username group_name
This will only remove the user from the user group, it will not delete the user itself.
List User Groups
To list all the groups the current user belongs to, we simply use:
groups
We can also show the groups another user belongs to with:
groups username
Finally, if we want to list all existing groups on the current machine, we use the command:
cut -d: -f1 /etc/group
That easy! In the upcoming posts, we will see how to manage permissions for both users and user groups. If you have any questions or know other commands, you can leave us a comment.
