Modify /etc/group File
The proper way to edit /etc/group file is using vigr commands in Linux. We CANNOT simply edit the groups file with a text editor. The vigr command is used to safely edit the files /etc/group file. It will put appropriate locks when editing /etc/group file to prevent other users from making any changes in the file and avoid file corruption. When you run this command with -s flag, it will edit the /etc/gshadow file.
The vigr Command
The vigr command edits the /etc/groups file in the same manner that the vipw command edits the /etc/passwd file. The discussion can be found on the preceding page.
To safely edit /etc/groups file, simply run:
pbmac@pbmac-server $ sudo vigr
Now vigr command will lock the /etc/group files and prevent other users from making any changes. The password will not get updated until you exit the vigr command. So the other users may not inadvertently or intentionally make any changes in /etc/group file while you’re editing them as root.
Modify /etc/group File From the Command Line
Just like with useradd/usermod/userdel commands for users, there are similar commands for groups: groupadd, groupmod, and groupdel. These commands allow any admin to add, modify or delete groups.
The groupadd Command
As the name says, this command creates a group. The default for groupadd is that the group will not have any members. NOTE: The groupadd command does NOT add users to a group; for that task use the useradd or usermod command.
groupadd [ OPTIONS ] GROUP_NAME
|Option||How is it used...||Show me|
|-f||The command exits with a status of "success" if the specified group exists. When used with the -g, and the specified GID exists, another unique GID is chosen.||groupadd -f security-team|
|-g||Assign a specific group id, if not specified groupadd uses the next in the sequence.||groupadd -g 217 security-team|
|-o||Allows for the creation of a non-unique GID.||groupadd -o -g 217 sales|
To add a new group named developers:
pbmac@pbmac-server $ groupadd -f developers
The groupmod Command
The groupmod command gives system administrators the ability to change the group's own attributes. The changes are made to the /etc/group.
groupmod [ OPTIONS ] GROUP_NAME
|Option||How is it used...||Show me|
|-g||The group id will be changed to the given value for the specified group.||groupmod -g 999 security-team|
|-n||The name of the specified group will be changed to the new group name.||groupmod -n teamsec security-team|
|-o||Allows for the creation of a non-unique GID.||groupmod -o -g 217 sales|
To change the name of our developers group to dev_team we use a simple command using th e-n option:
pbmac@pbmac-server $ groupmod -n dev_team developers
The groupdel Command
The groupdel command modifies the system account files, deleting all entries that refer to the specified group. The named group must exist.
groupdel [ OPTIONS ] GROUP_NAME
|-g, --gid GID||The group ID of the given GROUP will be changed to GID. Any files that have the old group ID and must continue to belong to GROUP must have their group ID changed manually.|
|-n, --new-name NEW_GROUP||The name of the group will be changed from GROUP to NEW_GROUP name.|
|-o, --non-unique||When used with the -g option, allows to change the group GID to a non-unique value.|
|-p, --password PASSWORD||The encrypted password, as returned by crypt(3).|
An example of deleting the existing group sales:
pbmac@pbmac-server $ groupdel dev_team
Be careful when deleting groups as it may cause users to have issues accessing resources. Also, take note that this command does NOT delete the users associated with the deleted group.
"The Right Way To Edit /etc/passwd And /etc/group Files In Linux" by SK, OSTECHNIX is licensed under CC BY-NC 4.0
"groupmod command in Linux with examples" by Samdare B, Geeks for Geeks is licensed under CC BY-SA 4.0
"groupadd command in Linux with examples" by NaveenJangid, Geeks for Geeks is licensed under CC BY-SA 4.0
"groupdel command in Linux with examples" by Samdare B, Geeks for Geeks is licensed under CC BY-SA 4.0