9. Manage Users and Groups
πRed Hat Certified System Administrator (RHCSA β EX200)
1. What is a Group in Linux?
A group is a collection of users.
- It is used to manage permissions easily
- Instead of assigning permissions to each user, you assign them to a group
- All users in the group inherit those permissions
Example (IT Environment)
- A group called
developerscan access/project/code - A group called
adminscan manage system configuration
2. Types of Groups
2.1 Primary Group
- Every user has one primary group
- It is assigned when the user is created
- Stored in
/etc/passwd
2.2 Supplementary (Secondary) Groups
- A user can belong to multiple supplementary groups
- Used for additional permissions
- Stored in
/etc/group
3. Important Group Files
/etc/group
Contains group information:
group_name:x:GID:user1,user2
group_nameβ Name of groupxβ Password placeholderGIDβ Group IDuser listβ Members
/etc/gshadow
Contains secure group information:
group_name:!::
- Used for group passwords (rarely used in practice)
4. Create a Group
Command:
groupadd group_name
Example:
groupadd developers
Create Group with Specific GID
groupadd -g 1050 developers
Verify Group Creation
getent group developers
or
grep developers /etc/group
5. Delete a Group
Command:
groupdel group_name
Example:
groupdel developers
β οΈ Important:
- You cannot delete a group if it is the primary group of a user
6. Modify a Group
6.1 Change Group Name
groupmod -n new_name old_name
Example:
groupmod -n devteam developers
6.2 Change Group GID
groupmod -g 2000 devteam
7. Manage Group Membership
This is a very important exam area
7.1 Add User to a Group (Supplementary Group)
Method 1 (Recommended for exam):
usermod -aG group_name username
Example:
usermod -aG developers user1
βοΈ -a = append (IMPORTANT)
βοΈ -G = supplementary group
β οΈ Without -a, existing groups will be removed.
7.2 Add User to Multiple Groups
usermod -aG dev,admins user1
7.3 Remove User from a Group
Method:
gpasswd -d username group_name
Example:
gpasswd -d user1 developers
7.4 Change Userβs Primary Group
usermod -g group_name username
Example:
usermod -g developers user1
7.5 Set Group Members Directly
gpasswd -M user1,user2 developers
β οΈ This overwrites existing members
8. Check Group Membership
Check user groups:
groups username
Example:
groups user1
Check current user:
groups
Detailed info:
id username
Example:
id user1
9. Switch Primary Group Temporarily
newgrp group_name
Example:
newgrp developers
- Starts a new shell with that group
- Useful for testing permissions
10. Best Practices (Exam + Real IT Use)
β Always use -aG with usermod
- Prevents removing existing groups
β Use groups for permission management
- Example:
/var/wwwβ group:webteam- All web developers get access
β Avoid editing /etc/group manually
- Use commands instead
β Use consistent naming
dev,ops,dbadmin
11. Common Exam Mistakes
β Forgetting -a in:
usermod -G developers user1
β This removes user from other groups
β Trying to delete a primary group:
groupdel users
β Will fail if in use
β Not verifying changes
Always use:
id username
12. RHCSA Exam Tips
You should be able to:
β Create groups quickly
β Add users to groups correctly
β Remove users from groups
β Change group name and GID
β Verify memberships using commands
β Understand difference between primary vs supplementary groups
13. Quick Command Summary
| Task | Command |
|---|---|
| Create group | groupadd group |
| Delete group | groupdel group |
| Rename group | groupmod -n new old |
| Change GID | groupmod -g GID group |
| Add user to group | usermod -aG group user |
| Remove user | gpasswd -d user group |
| Change primary group | usermod -g group user |
| Show groups | groups user |
| Detailed info | id user |
Final Summary
- Groups are used to control access and permissions efficiently
- You must know:
- groupadd, groupdel, groupmod
- usermod, gpasswd
- Focus on membership management and command usage
- Practice commands in terminal β this is a hands-on exam
