Beginners Guide for Groupadd Command in Linux

Linux TLDR
Last Updated:
Reading time: 5 minutes

Linux administrators are allowed to create “normal user accounts” with a range from 1000 to 60000 uids, where uid 0 is reserved for “root users” and “system users” are allowed uids from 1 to 999.

Normal users might rarely reach this threshold, creating so many accounts in their system; however, when you reach that point, it will become challenging for you to manage users in your system.

To make things easier, you can create a group and add the collection of users into that group. This will make it easier for you to manage a group of users instead of managing individual users.

Also Read: How to change file or group ownership in Linux

To create groups, you can use the groupadd command in Linux that you are about to learn.

Tutorial Details

DescriptionGroupadd (Managing Group)
Difficulty LevelModerate
Root or Sudo PrivilegesYes
Host System and ArchitectureUbuntu 22.10 (x64)
OS Compatibility Ubuntu, Manjaro, Fedora, etc.
Prerequisitesgroupadd, groupdel
Internet RequiredNo
Discussed Tools in this Articlecat, grep, getent, groups, usermod, gpasswd, adduser, deluser

Syntax of the Groupadd Command

The groupadd command requires two arguments: one is the flag, and the other is the group name.

$ groupadd [OPTION] [GROUPNAME]

Whenever you will create a new group in your system the record will be added to “/etc/group” file that you can read using the cat command.

$ cat /etc/group
root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:syslog,jr
tty:x:5:
disk:x:6:
lp:x:7:
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:
fax:x:21:
voice:x:22:
cdrom:x:24:jr
floppy:x:25:
tape:x:26:
sudo:x:27:linuxtldr
audio:x:29:pulse
dip:x:30:jr

Or you can use the getent command to view the list of groups in your system.

$ getent group
root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:syslog,jr
tty:x:5:
disk:x:6:
lp:x:7:
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:
fax:x:21:
voice:x:22:
cdrom:x:24:jr
floppy:x:25:
tape:x:26:
sudo:x:27:linuxtldr
audio:x:29:pulse
dip:x:30:jr

Creating a New Group

The following command will create a new group with the specified name (ex: demogroup).

$ sudo groupadd demogroup

To verify the group is created, use the following grep command to search “demogroup” in “/etc/group” file.

$ grep demogroup /etc/group 
demogroup:x:1010:

As you can see above, the group was created with GID 1010.

Creating a New Group with a Specific GID

The “-g” or “--gid” flag will create a new group with a specified GID; if the GID is already assigned to another group, you will get the “groupadd: GID β€˜XXX’ already exists” error; if not, your group will be created with a specified GID.

$ sudo groupadd -g 1666 demogroup

Create a New Group with Duplicate (non-unique) GID

If your specified GID is already being used by another group, you can use the “-o” or “--non-unique” flag, which will create your group with the same (non-unique) GID, but the group name must be different.

$ sudo groupadd -o -g 1666 newgroup

Read the “/etc/group” file to check the group is created with the same (non-unique) GID but with different name.

$ grep group  /etc/group
demogroup:x:1666:
newgroup:x:1666:

Creating a New Group by Force

When you create a new group in your system, if the specified group name or GID (if you are manually specifying) is already being used by another group, you will get the “groupadd: group β€˜XXX’ already exists” or “groupadd: GID β€˜XXX’ already exists” errors.

To avoid this error and forcefully create your specified group, use the “-f” or “--force” flag.

$ sudo groupadd -f demogroup

Force creating a group will not remove the old group or replace the old with a new one (ex: GID); it will just leave the state without any changes.

Also Read: How to change file or directory permissions for a user or group in Linux

Creating a New System Group

The system group is no different from the regular (normal) group. They are usually created for special purposes like system services or taking backups.

The GIDs defined for system groups are chosen from “SYS_GID_MIN” to “SYS_GID_MAX” from “/etc/login.defs” instead of “GID_MIN” and “GID_MAX“.

To create them, you can either use the “-r” or “--system” flag with the group name as shown.

$ sudo groupadd -r systemgroup

Override the default /etc/login.defs value

When you create a new group in your system, the GID for your group is selected from the range of “GID_MIN” to “GID_MAX” in your /etc/logins.defs file.

$ grep GID_MIN /etc/login.defs 
GID_MIN			 1000
#SYS_GID_MIN		  100

$ grep GID_MAX /etc/login.defs 
GID_MAX			60000
#SYS_GID_MAX		  999

However, you can override the default value specified in the “/etc/logins.defs” file and specify your custom range using the “-K” or “--key” flag with the “KEY=VALUE” pair.

For example, if you want to create a new group and the GID should be between “600” and “700“, then use the following command.

$ sudo groupadd -K GID_MIN=600 -K GID_MAX=700  demogroup

If you read the “/etc/group” file you will find the “demogroup” GID is between the range of “600” to “700” as shown.

$ grep demogroup /etc/group
demogroup:x:600:

Creating a New Group with a Password

Adding a password to a normal or system group has no practical use and might even create a security issue because more than one user would need to know the group password.

However, if you wish to set a password for your group, use the “-p” or “--password” flag with your password, as shown.

$ sudo groupadd -p YOURPASSWORD demogroup

Add a User to a New Group

After creating a group, you can add an existing user to your newly created group by using the adduser command.

$ sudo adduserr linuxtldr demogroup

The above command will add the “linuxtldr” user into the “demogroup” group.

To verify the user is added to that group, use the following groups command:

$ groups linuxtldr
linuxtldr : linuxtldr sudo admin newadmin demogroup

Alternatively, you can use the usermod command to append a new or existing user to your newly created group.

$ sudo usermod -aG demogroup linuxtldr

Remove a User from the New Group

In case you misplaced the user in the wrong group or have any other reason to remove the user from the added group.

Then use the gpasswd command with the “-d” flag, specifying the username with the group name.

$ sudo gpasswd -d linuxtldr demogroup
Removing user linuxtldr from group demogroup

Verify the user is removed from the specified group using the following command with username.

$ groups linuxtldr
linuxtldr : linuxtldr sudo admin newadmin

Alternatively, you can use the deluser command to remove the specified user from the target group.

$ sudo deluser -d linuxtldr demogroup
Removing user `linuxtldr' from group `demogroup' ...
/bin/gpasswd -M  demogroup
Done.

Delete the Newly Created Group

To remove the group you just created or an existing group, make sure to check that no user or file is dependent on that group.

If you are sure about that, then execute the following command with the group name to delete it.

$ sudo groupdel demogroup

We will end here. I hope you learned something new in this article.

Feel free to share your thoughts or opinions regarding the topic in the comment section.

Join The Conversation

Users are always welcome to leave comments about the articles, whether they are questions, comments, constructive criticism, old information, or notices of typos. Please keep in mind that all comments are moderated according to our comment policy.