Groupadd Command in Linux – Options + Examples

Last updated: March 15, 2022

Linux is a multi-user operating system. System administrators can create groups and add members to these groups to assign certain privileges.

In this tutorial, we will learn about groupadd command and check how to create a group in Linux.

Prerequisites

  • Basic command line knowledge.
  • Root access or a user with sudo priviledge.
  • A name for the group.

Groupadd Command

When a new Linux user account is added, a group (primary) with the same name as the username is created automatically. However, the primary (default) group cannot be used by other users to set and control privileges. Furthermore, you cannot set custom options for the default group.

The users might need to be part of one or more groups called secondary groups. For this purpose, a group has to be created.

Groupadd command creates a new group in Linux. Only root user or a user with sudo privileges can create groups.

The basic syntax of groupadd command:

groupadd [options] group_name

It creates a new Linux group using the specified options and default system values. The default system values used by groupadd are stored in the /etc/login.defs file.

cat /etc/login.defs
login.defs file

Each line in the /etc/login.defs file has an instruction name with an associated default value.

Groupadd registers the new group in the /etc/group system file. Use the following command to check all existing groups on your system:

sudo tail /etc/group
/etc/group file

The /etc/group file contains group names and its belonging users. Each entry in this file contains 4 fields.

Fields of /etc/group file:

Group-name:password:group-ID:list-of-members

How to Use Groupadd Command in Linux

The following examples show you how to use groupadd command. You can use options to apply specific configurations to the group.

Create a Group

You can use groupadd followed by the group name to add a group.

For example to create a new group account named developers, type:

sudo groupadd developers
create a new group

Use groupadd -f command to successfully exit with no error message even if the specified group exists.

For example:

sudo groupadd -f coders
suppress the error message

In the example, we are adding a group named coders, and then trying to add a group with the same name again. It returns an error that the group coders already exist. When we use -f it silently exits even if the coders group already exists.

To create a system group, use groupadd -r command this will create a group with GID between 000 and 999:

sudo groupadd -r sysdevgroup
create system group

Create a Group with a Specific GID

When a new group is created, groupadd automatically assigns a GID based on the GID_MIN and GID_MAX range mentioned in the /etc/login.defs file.

By default, the system group is assigned with a GID between 000 and 999 and the secondary group between 1000 and 60000. However, you can create a group with a specific GID using the -g option.

For example to create a group named testers with a specific GID of 1021, type:

sudo groupadd -g 1021 testers
create group with specific GID

How to override /etc/login.defs Defaults

The defaults in the /etc/login.defs are automatically applied when you create a new group. To override defaults you can use -K option.

For example to create a group named admin with GID_MIN to 1500 and GID_MAX to 1502, type:

sudo groupadd -K GID_MIN=1500 -K GID_MAX=1502 admins
override /etc/login.defs

From the output, you can see the group named admins is created with group id 1500 which is within the range we provided.

Groupadd options

The most commonly used groupadd options:

Options Description
-fExits with success status if the group already exists. If the -g option is specified with -f and the given GID already exists, then a new unique GID is created.
-gCreates a new group with the given GID. GID is a non-negative available value greater than 999. The range of group IDs between 000 and 999 are reserved only for system groups.
-KOverrides /etc/login.defs defaults, such as GID_MIN and GID_MAX.
-oAdds a group with a non-unique GID.
-pSets an encrypted password for the group. By default, the password is disabled. When you set a password using this option, the encrypted password is visible to the users. Normally passwords are not set for groups otherwise have to share with many users.
-rCreates a system group. The GID for new system groups is chosen from the range 000 and 999.
-RApplies the changes to the CHROOT_DIR directory. The group created using this option uses configuration files from the CHROOT_DIR directory.

Conclusion

In this tutorial, we learned how to create a new group using different options, and list all groups on your system. The commands mentioned here should work on all Linux distributions, including Debian, Ubuntu, Fedora, and Red Hat.

For more information about groupadd, use --help option to display help message and exit.

SHARE

Comments

Please add comments below to provide the author your ideas, appreciation and feedback.

Leave a Reply

Leave a Comment