Managing groups is a fundamental skill for Linux users. Whether you are a beginner, intermediate, or advanced user, group manipulation is something that you should be prepared to do.
In this guide, we learn about groupmod command in Linux with examples.
2. groupmod Command
groupmod is a command-line utility in Unix-like operating systems used for modifying an existing group's attributes. It allows system administrators to change the name or Group ID (GID) of a group and other related tasks. This command can be executed by the superuser or root user.
groupmod [options] GROUP_NAME
GROUP_NAME is the name of the existing group you want to modify.
[options] are the various options you can use with groupmod to specify the changes you want to make.
3. Options Breakdown
groupmod accepts some options, which can vary depending on the Linux distribution the command is being used. In Ubuntu, groupmod has these ones:
-g or --gid GID: This option is used to change the group's numeric ID to GID. The value must be unique, unless you use the -o option.
-n or --new-name NEW_GROUP: This is used to change the group name from GROUP to NEW_GROUP. Ensure the new group name does not conflict with any existing group.
- -o or --non-unique : Allows using a non-unique GID. This option is a modifier to the -g option.
-p or --password: Allows you to set or change the password for the named group. The PASSWORD is encrypted using the crypt(3) function. The group password is generally not recommended to be set due to security concerns, usability issues, and overhead - considered a legacy concept.
-R or --root: Those are options that change a group CHROOT directory. When a group CHROOT_DIR is set, the groupmod command performs modifications only in the defined CHROOT directory instead of the real one.
-P or --prefix: This option updates where a group gets the files corresponding to /etc. By default, groups get these files from /etc itself, but it can be customized.
4. Changing the Group Name
To change the existing group name use -n option with groupmod command.
groupmod -n NEW_GROUP_NAME OLD_GROUP_NAME
groupmod -n devs developers
This command will rename the group developers to devs.
After renaming the group, you might want to verify that the change has been applied correctly. You can do this by checking the /etc/group file:
grep devs /etc/group
Note: Changing the name of a group does not affect any files owned by the group. Additionally, when changing the group name, the Group ID remains the same. For users who are currently logged in and are members of the group being renamed, the changes will not take effect in their active sessions until they log out and log back in.
5. Changing the Group ID (GID)
To change the Group ID (GID) of a specified group use -g option with groupmod.
In Unix-like operating systems, each group is identified not just by its name but also by a unique numerical ID known as the GID. The -g option lets you modify this numerical ID.
groupmod -g 5000 developers
This command change the GID of the group named developers to 5000 (if it is not currently being used by another group).
Normally, the system expects each group to have a unique GID. If you try to change a group's GID to a value that's already taken by another group using just the -g option with groupmod, the operation will fail with an error message about the GID already being in use.
However, there are certain niche scenarios or legacy reasons where you might want two groups to share the same GID. In such cases, the -o option comes into play which allows you to permit non-unique group IDs (GIDs).
groupmod -g 5000 -o devs
For example, to change the GID of a group named devs to 5000, even if another group already has the GID 5000.
6. Working with Chroot Environments
The --root (or -R) CHROOT_DIR option directs the groupmod command to operate as if CHROOT_DIR were the root (/) directory. In other words, instead of modifying the system's real root directory (which bin, lib, etc, var, proc and others ones), groupmod will change the CHROOT_DIR directory.
Let's say you have a chroot environment set up in /mnt/my_chroot and you want to rename a group called developers to devs within this chroot.
groupmod --root /mnt/my_chroot developers -n devs developers
This would not affect the developers group on the primary system but would change the name of the group within the /mnt/my_chroot environment.