How to Add a User to Multiple Linux Groups

As a Linux administrator or growing Linux user, you will come across plenty of sysadmin routines that seem general yet are a must-have skill. Once such routine/skill relates to user and group administration. Such skill is important in Linux user account management where permissions (access controls) and audits are enforced by a privileged system user.

This article will help us understand the implementation of the Linux sysadmin role related to adding a Linux user to multiple Linux groups. Therefore, to be fluent in this article guide’s walk-through, we will also need to briefly touch on user management and group management as separate modules in Linux user and group administration.

Managing Users in Linux

All Linux users need to adhere to some sort of authentication protocol before they can log into the system or access and use availed system resources. The /etc/passwd file is responsible for the storage of such user account information.

$ cat /etc/passwd
Linux User Access Information
Linux User Access Information

The output from the above screenshot can be put into syntax in the following manner:

username:password:UID:GID:comment:home:shell
  • -username is the system user’s login identity.
  • -password indicates the availability of an encrypted password entry associated with the system user.
  • -UID is the user ID.
  • -GID is the primary Group ID.
  • -comment accommodates additional user info like phone number and address.
  • -home points to the user’s home directory (its absolute path).
  • -shell points to the shell associated with the user (its absolute path).

To search for a user in the /etc/passwd file, reference the implementation of the following command:

$ grep username /etc/passwd
Get User Information
Get User Information

The user password field is represented by x in the above screen capture indicates that the password hash associated with this user is stored in the /etc/shadow file and only readable to a user with root user privileges.

$ ls -l /etc/shadow
User Password Information
User Password Information

Linux provides a straightforward user accounts management process for sysadmins through the command:

  • useradd (for adding a user account).
  • usermod (for modifying a user account).
  • userdel (for deleting a user account).

Managing Groups in Linux

User groups make it easier to assign specific Linux user accounts with the same access requirements. It dismisses the need of having to individually edit user accounts to manage/control their access requirements.

The groups account info in Linux can be found in the /etc/group file.

$ cat /etc/group
Linux Groups Account Information
Linux Groups Account Information

The syntax representation of the above screen capture output is as follows:

groupname:password:GID:group members

For instance, we could query the www-data group info in this file in the following manner.

$ grep www-data /etc/group
Get User Group Information
Get User Group Information

The commands associated with managing Linux groups are:

  • groupadd (for adding a user group).
  • groupmod (for modifying a user group).
  • groupdel (for deleting a user group).

The usermod command in Linux

We now have a general understanding of Linux users and group management. To add a user to multiple Linux groups, we are going to need the help of the usermod utility, which is a part of the shadow-utils package and is primarily used in Linux to modify a user account.

The reference syntax is as follows:

$ sudo usermod -a -G group1,group2,… username

Option -G indicates that we are listing the secondary groups that will be associated with our users. We use -a to append the user to the mentioned groups. A user can only belong to a single primary group (-g) but can exist in multiple secondary groups (-G).

Adding a User to Multiple Linux Groups

Let us create a sample user:

$ sudo useradd newuser

Let us create some sample groups to link to this user:

$ sudo groupadd grp1
$ sudo groupadd grp2
$ sudo groupadd grp3

To add a newuser to grp1, grp2, and grp3, we will implement the following command:

$ sudo usermod -a -G grp1,grp2,grp3 newuser

Confirm that the user is associated with the multiple groups:

$ groups newuser
Confirm User Groups
Confirm User Groups

Hope you enjoyed this article guide. As usual, your comments and feedback will be appreciated.

Tutorial Feedback...
Was this article helpful? If you don't find this article helpful or found some outdated info, issue or a typo, do post your valuable feedback or suggestions in the comments to help improve this article...

Got Something to Say? Join the Discussion...

Thanks for choosing to leave a comment. Please keep in mind that all comments are moderated according to our comment policy, and your email address will NOT be published or shared. Please Do NOT use keywords in the name field. Let's have a personal and meaningful conversation.