User login

groups

This is a wiki page. Be bold and improve it!

If you have any questions about the content on this page, don't hesitate to open a new ticket and we'll do our best to assist you.

Table of Contents

Documentation
Group management
Files
Tools
Guidelines
External resources

Documentation

On Ubuntu, see:
/usr/share/doc/base-passwd/users-and-groups.html

Group management

List groups:

cat /etc/group

Add a group:

$ man groupadd
$ sudo groupadd mygroup

Add a user to a group (assuming your are john):

$ man gpasswd
$ id john             # Show your current groups.
$ sudo gpasswd -a john mygroup
$ su - john           # login again
$ id john             # See changes.

Note: changes take effect at the next login.

Files

Note: do not edit those files manually. Use the group administration tools listed below, instead.

/etc/group documented in man group.
/etc/group- is a back-up of the above, used by the tools modifying /etc/group.

Tools

id: print real and effective user and group IDs. Check options -g -G and -n.
chgr: change group ownership.
groups: print the groups a user is in.

See also:
login(1), newgrp(1), getgrent(3), getgrnam(3), passwd(5)

Guidelines

Ideally, distros and applications should provide the following:

Group description

A clear description of what each group is for, in order to assist system administrators (who may be newbie linux home users!) in choosing which group to assign to which user.

Together with the group description, a list of executables that require membership to the given group should be kept.

The group description should be stored in a machine readable format (a plain text file that can be used by applications).

Meta groups

Make a clear distinction between:

System groups: groups created for the system itself (e.g. www-data) and that a user does not need to (or shouldn't) be part of.
Administrator groups: groups created for a system administrator (the machine owner) and that other regular users do not need to be part of.
System-created user groups: groups created by the system (principally upon installation) for the ease of running a system) with the intention of adding regular users into them.
User-created user groups: groups created by the user for the purpose of differentiating groups of users (e.g. 'family', 'friends', 'marketing', etc.).

The meta groups should be stored in a machine readable format (a plain text file that can be used by applications).

Applications

GUI applications should use the above information in order to guide system administrators.

External resources

Arch Linux: Users and groups.

Issues related to this page:

Project	Summary	Status	Priority	Category	Last updated	Assigned to
Linux software	What are the groups in /etc/group for?	active	normal	feature request	9 years 27 weeks