0

Collection of users is called group.  There are multiple things can be accomplished using Group Administration. The group Administration contains creation of group deletion of group and modify it as per our requirement. These tutorial will demonstrate you how you will achieve this thing using the simple commands that is easy to understand using step by step mythology.

Step – 1 : Introduction to Group Administration

Just like user account, there are group accounts. Group accounts are created to group the user accounts. There are basically two categories of group account – Primary and Supplementary. Every user has exactly one primary group. Primary group owns new files created by the user.

Users may be a member of zero or more supplementary or secondary groups. Supplementary group membership is used to help ensure that users have access permissions to files and other resources on the system. Understanding Process of User Creation

When a new user account is created in Linux, following things happen.

[root@techbrown~]# useradd techbrown

User’s entry is written in two files – /etc/passwd and /etc/shadow.

[root@techbrown~]# cat /etc/passwd
[root@techbrown~]# cat /etc/shadow

User’s primary group is created with the same name as user does. This group’s entry is written in two files – /etc/group and /etc/gshadow.

[root@techbrown~]# id testuser

[root@techbrown~]#cat /etc/group

[root@techbrown~]#cat /etc/gshadow

User’s home directory is created in /home/ directory with same name as user does.

[root@techbrown~]# ls /home

BASH configuration files (skeleton contents) are copied from /etc/skel/ directory into user’s home directory.

[root@techbrown~]# ls -a /etc/skel

User’s mailbox file is created in  /var/spool/mail/ directory with same name as user does.

[root@techbrown~]# ls -a /home/techbrown

[root@techbrown~]# ls /var/spool/mail

Step – 2 : Understanding Important Files

/etc/group

There is one entry (one line) for every group account in this file. Each entry has 4 fields separated by colon.

GROUP:PASSWORD:GID:MEMBERS

  • GROUP – Group name
  • PASSWORD – Encrypted password of group. ‘x’ indicates that shadowing is enabled and that the password is stored in /etc/gshadow file.
  • GID – GID of Group
  • MEMBERS – Comma separated list of users who belongs to this group

/etc/gshadow

There is one entry (one line) for every group account in this file. Each entry has 4 fields separated by colon.

GROUP:PASSWORD:ADMINS:MEMBERS

  • GROUP – Group name
  • PASSWORD – Encrypted password of group. ‘!’ indicates that password is not set
  • ADMINS –  separated list of users who are administrators of this group
  • MEMBERS – separated list of users who belongs to this group

Step – 3 : Create Groups

Syntax – groupadd [options] group

The options of groupadd command used like this

[root@techbrown~]# groupadd group1

g – GID of group

[root@techbrown~]# groupadd -g 10002 group2

r – Create system group

[root@techbrown~]# groupadd -r group3

Step – 4 : Modify Groups

Syntax – groupmod [options] group

n – Change name of group

[root@techbrown~]# groupmod -n g1 group1

g – GID of group

[root@techbrown~]# groupmod -g 11002 group2

The options of groupmod command used above are

Step – 5 : Delete Groups

Syntax – groupdel [options] group

[root@techbrown~]# groupdel g1

Step – 6 : Manage group passwords, admins and members

Group password, administrators and members are managed with gpasswd command.

Syntax – gpasswd [options] group

The options of gpasswd command used like this

[root@techbrown~]# gpasswd group2

a – Add user to group

[root@techbrown~]# gpasswd -a user3 group2

d – Delete user from group

[root@techbrown~]# gpasswd -d user3 group2

M – Add multiple users to group

[root@techbrown~]# gpasswd -M user3,user4,user5 group2

A – Add group administrators

[root@techbrown~]# gpasswd -A user5,user6,user7 group2

Step – 7 : Change Primary Group to New Group

This command is use to change the primary group to the new group but new group should be exits and then this will change primary group to new group

[root@techbrown~]# newgrp
[root@techbrown~]# newgroup tech

This command will replace original primary group of the user

That’s all for now.

User Administration on CentOS / RHEL

Previous article

How to Analyze Logs using Journalctl and Rsyslog on CentOS / RHEL

Next article

You may also like

Comments

Leave a reply

Your email address will not be published. Required fields are marked *

More in Linux