Linux Groupadd Command - Adding New Groups

July 29, 2013 | By in LINUX COMMANDS | Reply More

linux  commands

The linux groupadd command is used to add a new group to the system. The groups are required for easy maintenance of users. Multiple users can be part of a group and a user can be part of more than one group. So there is many to many mapping of users to groups. This article describes groupadd command with all its options.

Adding groups

The groupadd command can be executed simply by providing a new group name as argument. The following command will add group expertsloginauthors to the system.

# groupadd expertsloginauthors

This can be checked from the file /etc/groups, which contains all information about groups.

# grep expertslogin /etc/group
expertsloginauthors:x:506:

Force success for existing group

If we try to add some already existing group,

# groupadd javaproject
groupadd: group javaproject exists

# echo $?
9

Exits with error. Yes, that was obvious one. But if you want to exit the command with success status, when the group exists, use -f or --force option.

# groupadd -f javaproject

# echo $?
0

Custom GID

The GID of the added group is decided by the system. But if you want to provide some specific GID, it can be provided with -g or --gid option.

# groupadd -g 3456 expertsloginauthors

# grep expertslogin /etc/group
expertsloginauthors:x:3456:

System group

The GIDs allotted to new groups are allocated between GID_MIN and GID_MAX values from login.defs file. Usually, the value of GID_MIN is 500 or 1000 in most systems. The GIDs below GID_MIN are reserved for system groups. If a system group is needed to be created, use -r option.

# groupadd -r expertsloginauthors

# grep expertslogin /etc/group
expertsloginauthors:x:102:

Note that the GID allocated is 102 (less than 500)

Non-unique GID

For allocating a non-unique GID to a group, -o option is used

# groupadd -g 505 expertsloginauthors
groupadd: GID 505 is not unique

# groupadd -o -g 505 expertsloginauthors

# grep 505 /etc/group
bill:x:505:
expertsloginauthors:x:505:

The default values for login are defined in /etc/login.defs file. For overriding key-value pairs in this file, -K option is used.

# groupadd -K GID_MIN=700 expertsloginauthors

# grep expertslogin /etc/group
expertsloginauthors:x:700:

If you are interested, the contents of login.defs file are:

# *REQUIRED*
# Directory where mailboxes reside, _or_ name of file, relative to the
# home directory. If you _do_ define both, MAIL_DIR takes precedence.
# QMAIL_DIR is for Qmail
#
#QMAIL_DIR Maildir
MAIL_DIR /var/spool/mail
#MAIL_FILE .mail

# Password aging controls:
#
# PASS_MAX_DAYS Maximum number of days a password may be used.
# PASS_MIN_DAYS Minimum number of days allowed between password changes.
# PASS_MIN_LEN Minimum acceptable password length.
# PASS_WARN_AGE Number of days warning given before a password expires.
#
PASS_MAX_DAYS 99999
PASS_MIN_DAYS 0
PASS_MIN_LEN 5
PASS_WARN_AGE 7

#
# Min/max values for automatic uid selection in useradd
#
UID_MIN 500
UID_MAX 60000

#
# Min/max values for automatic gid selection in groupadd
#
GID_MIN 500
GID_MAX 60000

#
# If defined, this command is run when removing a user.
# It should remove any at/cron/print jobs etc. owned by
# the user to be removed (passed as the first argument).
#
#USERDEL_CMD /usr/sbin/userdel_local

#
# If useradd should create home directories for users by default
# On RH systems, we do. This option is overridden with the -m flag on
# useradd command line.
#
CREATE_HOME yes

# The permission mask is initialized to this value. If not specified,
# the permission mask will be initialized to 022.
UMASK 077

# This enables userdel to remove user groups if no members exist.
#
USERGROUPS_ENAB yes

# Use MD5 or DES to encrypt password? Red Hat use MD5 by default.
MD5_CRYPT_ENAB yes

Getting help

The -h option prints out the help message

# groupadd -h
Usage: groupadd [options] group

Options:
-f, --force force exit with success status if the specified
group already exists
-r, create system account
-g, --gid GID use GID for the new group
-h, --help display this help message and exit
-K, --key KEY=VALUE overrides /etc/login.defs defaults
-o, --non-unique allow create group with duplicate
(non-unique) GID

Category: LINUX COMMANDS

Leave a Reply

Commenting Policy:
Promotion of your products ? Comment gets deleted.
All comments are subject to moderation.