groups
This is a wiki page. Be bold and improve it!
If you have any questions about the content on this page, don't hesitate to open a new ticket and we'll do our best to assist you.
Documentation
On Ubuntu, see:
/usr/share/doc/base-passwd/users-and-groups.html
Group management
List groups:
cat /etc/group
Add a group:
$ man groupadd
$ sudo groupadd mygroup
Add a user to a group (assuming your are john):
$ man gpasswd
$ id john # Show your current groups.
$ sudo gpasswd -a john mygroup
$ su - john # login again
$ id john # See changes.
Note: changes take effect at the next login.
Files
Note: do not edit those files manually. Use the group administration tools listed below, instead.
/etc/group documented in man group
.
/etc/group- is a back-up of the above, used by the tools modifying /etc/group.
Tools
id: print real and effective user and group IDs. Check options -g -G and -n.
chgr: change group ownership.
groups: print the groups a user is in.
See also:
login(1), newgrp(1), getgrent(3), getgrnam(3), passwd(5)
Guidelines
Ideally, distros and applications should provide the following:
Group description
A clear description of what each group is for, in order to assist system administrators (who may be newbie linux home users!) in choosing which group to assign to which user.
Together with the group description, a list of executables that require membership to the given group should be kept.
The group description should be stored in a machine readable format (a plain text file that can be used by applications).
Meta groups
Make a clear distinction between:
- System groups: groups created for the system itself (e.g. www-data) and that a user does not need to (or shouldn't) be part of.
- Administrator groups: groups created for a system administrator (the machine owner) and that other regular users do not need to be part of.
- System-created user groups: groups created by the system (principally upon installation) for the ease of running a system) with the intention of adding regular users into them.
- User-created user groups: groups created by the user for the purpose of differentiating groups of users (e.g. 'family', 'friends', 'marketing', etc.).
The meta groups should be stored in a machine readable format (a plain text file that can be used by applications).
Applications
GUI applications should use the above information in order to guide system administrators.
External resources
- Arch Linux: Users and groups.
Issues related to this page:
Project | Summary | Status | Priority | Category | Last updated | Assigned to |
---|---|---|---|---|---|---|
Linux software | What are the groups in /etc/group for? | active | normal | feature request | 10 years 6 weeks |