Linux Commands – groupadd
Hello Everyone
Welcome to CloudAffaire and this is Debjeet.
In the last blog post, we have discussed date command in Linux which is used to displays the current time in the given FORMAT, or set the system date.
https://cloudaffaire.com/linux-commands-date/
In this blog post, we will discuss groupadd command in Linux. groupadd command is used to create a new group in Linux. A group represents a collection of users and is used to manage multiple users at once. Whenever you add a user into a group, the user inherits the group properties from the group. A user can be member of multiple groups at once. Each group has a name and id assosiated with it and optionally you can assign a password as well. Groups can be system generated or user defined. You need to have root or sudo privilege to create a group. A group name can be up to 32 characters long. Group configurations are stored in /etc/login.defs file.
Group Configuration:
- GID_MAX (number), GID_MIN (number): Range of group IDs used for the creation of regular groups by useradd, groupadd, or newusers. The default value for GID_MIN (resp. GID_MAX) is 1000 (resp. 60000).
- MAX_MEMBERS_PER_GROUP (number): Maximum members per group entry. When the maximum is reached, a new group entry (line) is started in /etc/group (with the same name, same password, and same GID). The default value is 0, meaning that there are no limits in the number of members in a group.
- SYS_GID_MAX (number), SYS_GID_MIN (number): Range of group IDs used for the creation of system groups by useradd, groupadd, or newusers.
Group Files:
- /etc/group: Group account information.
- /etc/gshadow: Secure group account information.
- /etc/login.defs: Shadow password suite configuration.
Linux Commands – groupadd:
You can use groupadd command to create a new group.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 |
############################### ## Linux Commands | groupadd ## ############################### ## Prerequisites: One Unix/Linux/POSIX-compliant operating system with bash shell ##--------- ## groupadd ##--------- ## groupadd [options] group ## create a new group named mygroup sudo groupadd mygroup sudo grep "mygroup" /etc/group ## returns mygroup:x:1001: sudo grep "mygroup" /etc/gshadow ## returns mygroup:!:: |
You can use groupadd -f or –force options to simply exit with success status if the specified group already exists. When used with -g, and the specified GID already exists, another (unique) GID is chosen (i.e. -g is turned off).
|
1 2 3 4 5 6 7 |
## groupadd -f or --force options sudo groupadd mygroup ## groupadd: group 'mygroup' already exists sudo groupadd -f mygroup ## simply exit with success status echo $? ## returns 0 |
You can use groupadd -g GID or –gid GID options to define a custom group id for your group. The GID value must adhere to group configuration defined in /etc/login.defs file. This value must be unique, unless the -o option is used. The value must be non-negative. The default is to use the smallest ID value greater than or equal to GID_MIN and greater than every other group.
|
1 2 3 4 5 6 7 |
## groupadd -g GID or --gid GID options sudo groupdel mygroup ## delete the group mygroup sudo groupadd -g 1111 mygroup ## create a group with GID 1111 sudo grep "mygroup" /etc/group ## returns mygroup:x:1111: |
You can use groupadd -K or –key KEY=VALUE options to override /etc/login.defs defaults (GID_MIN, GID_MAX and others). Multiple -K options can be specified.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 |
## groupadd -K or --key KEY=VALUE options ## view the current configuration sudo cat /etc/login.defs ## Min/max values for automatic gid selection in groupadd ## GID_MIN 1000 ## GID_MAX 60000 ## System accounts ## SYS_GID_MIN 201 ## SYS_GID_MAX 999 sudo groupdel mygroup ## delete the group mygroup sudo groupadd mygroup ## create the group with automatic gid selection sudo grep "mygroup" /etc/group ## returns mygroup:x:1001: sudo groupdel mygroup ## delete the group mygroup sudo groupadd --key GID_MIN=2000 mygroup ## create the group with GID_MIN=2000 sudo grep "mygroup" /etc/group ## returns mygroup:x:2000: sudo groupdel mygroup ## delete the group mygroup |
You can use groupadd -o or –non-unique options which permit to add a group with a non-unique GID.
|
1 2 3 4 5 6 7 8 9 10 11 12 |
## groupadd -o or --non-unique options sudo groupadd -g 1111 mygroup1 ## create a group with GID 1111 sudo groupadd -g 1111 mygroup2 ## groupadd: GID '1111' already exists sudo groupadd -o -g 1111 mygroup2 ## creates the group sudo grep "mygroup*" /etc/group ## both group has gid 1111 ## mygroup1:x:1111: ## mygroup2:x:1111: sudo groupdel mygroup1 ## delete both the groups sudo groupdel mygroup2 |
You can use groupadd -p or –password PASSWORD options to define a password for the group, default is to disable password for group. Please note that the password is secure and can be listed.
|
1 2 3 4 5 6 7 8 |
## groupadd -p or --password PASSWORD options sudo groupadd --password mypwd mygroup ## create a group with password sudo grep "mygroup" /etc/gshadow ## returns mygroup:mypwd:: ## not safe as its visible sudo groupdel mygroup ## delete the group mygroup |
You can use groupadd -r or –system options to define a system group. There is no difference between a normal group and system group, only the numeric identifiers of new system groups are chosen in the SYS_GID_MIN-SYS_GID_MAX range, defined in login.defs, instead of GID_MIN-GID_MAX.
|
1 2 3 4 5 6 |
## groupadd -r or --system options sudo groupadd -r mysysgroup ## create a system group sudo grep "mysysgroup" /etc/group ## returns mysysgroup:x:994: sudo groupdel mysysgroup ## delete the group mysysgroup |
Hope you have enjoyed this article. In the next blog post, we will discuss groupmod command in Linux.