A user is always a member of one group, the primary group, in the passwd database. Besides being a member of a primary group, additional group memberships can be added. This can be necessary to get access to a group directory/share or to delegate privileges in the sudo configuration. You can add existing additional groups with the –groups parameter of the useradd command during the creation of a user or afterward with usermod or groupmems.
Let’s create a new user and a new group and verify the results:
# useradd student # passwd student # groupadd staff
Make the user student a member of the group staff:
# groupmems -g staff -a student # groupmems -g staff -l
groupmems Commands Examples
1. To add a user to a group:
# groupmems -a mike -g SUPPORT # groupmems --add mike -g SUPPORT
2. To delete/remove a user from a group:
# groupmems -d mike SUPPORT -g SUPPORT # groupmems --delete mike SUPPORT -g SUPPORT
3. To change the group name:
# groupmems -g SUPPORT
4. To remove the users from group:
# groupmems -p -g SUPPORT # groupmems --purge -g SUPPORT
5. To list the members of the group:
# groupmems -l -g SUPPORT # groupmems --list -g SUPPORT
Final Thought
Because a user’s group membership is defined in two different locations, it can be difficult to find out which groups exactly a user is a member of. A convenient command to check this is groupmems. Use, for example, the command groupmems -g sales -l to see which users are a member of the group sales. This shows users who are a member of this group as a secondary group assignment, but also users who are a member of this group as the primary group assignment.