As a Linux administrator or growing Linux user, you will come across plenty of sysadmin routines that seem general yet are a must-have skill. Once such routine/skill relates to user and group administration. Such skill is important in Linux user account management where permissions (access controls) and audits are enforced by a privileged system user.
This article will help us understand the implementation of the Linux sysadmin role related to adding a Linux user to multiple Linux groups. Therefore, to be fluent in this article guide’s walk-through, we will also need to briefly touch on user management and group management as separate modules in Linux user and group administration.
Managing Users in Linux
All Linux users need to adhere to some sort of authentication protocol before they can log into the system or access and use availed system resources. The /etc/passwd file is responsible for the storage of such user account information.
$ cat /etc/passwd
The output from the above screenshot can be put into syntax in the following manner:
username:password:UID:GID:comment:home:shell
- -username is the system user’s login identity.
- -password indicates the availability of an encrypted password entry associated with the system user.
- -UID is the user ID.
- -GID is the primary Group ID.
- -comment accommodates additional user info like phone number and address.
- -home points to the user’s home directory (its absolute path).
- -shell points to the shell associated with the user (its absolute path).
To search for a user in the /etc/passwd file, reference the implementation of the following command:
$ grep username /etc/passwd
The user password field is represented by x in the above screen capture indicates that the password hash associated with this user is stored in the /etc/shadow file and only readable to a user with root user privileges.
$ ls -l /etc/shadow
Linux provides a straightforward user accounts management process for sysadmins through the command:
- useradd (for adding a user account).
- usermod (for modifying a user account).
- userdel (for deleting a user account).
Managing Groups in Linux
User groups make it easier to assign specific Linux user accounts with the same access requirements. It dismisses the need of having to individually edit user accounts to manage/control their access requirements.
The groups account info in Linux can be found in the /etc/group file.
$ cat /etc/group
The syntax representation of the above screen capture output is as follows:
groupname:password:GID:group members
For instance, we could query the www-data group info in this file in the following manner.
$ grep www-data /etc/group
The commands associated with managing Linux groups are:
- groupadd (for adding a user group).
- groupmod (for modifying a user group).
- groupdel (for deleting a user group).
The usermod command in Linux
We now have a general understanding of Linux users and group management. To add a user to multiple Linux groups, we are going to need the help of the usermod utility, which is a part of the shadow-utils package and is primarily used in Linux to modify a user account.
The reference syntax is as follows:
$ sudo usermod -a -G group1,group2,… username
Option -G indicates that we are listing the secondary groups that will be associated with our users. We use -a to append the user to the mentioned groups. A user can only belong to a single primary group (-g) but can exist in multiple secondary groups (-G).
Adding a User to Multiple Linux Groups
Let us create a sample user:
$ sudo useradd newuser
Let us create some sample groups to link to this user:
$ sudo groupadd grp1 $ sudo groupadd grp2 $ sudo groupadd grp3
To add a newuser to grp1, grp2, and grp3, we will implement the following command:
$ sudo usermod -a -G grp1,grp2,grp3 newuser
Confirm that the user is associated with the multiple groups:
$ groups newuser
Hope you enjoyed this article guide. As usual, your comments and feedback will be appreciated.
