By Wael

Posted :

How to assign a group , using useradd

useradd is used to create a new user account , or to update the default options of creating a user .

When creating a user , using useradd , the user is assigned a group , based on the specified options , or on the default system options .

assign a goup using useradd tutorial
If no group is specified

on the command line , useradd , will check the /etc/logins.defs file , for the variable named : USERGROUPS_ENAB .

  1. @root:~$ cat /etc/login.defs | grep USERGROUPS_ENAB
  2. # grep the USERGROUPS_ENAB variable ,
  3. # from : /etc/login.defs
  4. USERGROUPS_ENAB yes
  5. # In this /etc/login.defs file ,
  6. # USERGROUPS_ENAB value , is set to :
  7. # yes

If USERGROUPS_ENAB is set to yes , then useradd , will create a group , for that user , which has a name , same as , the user : username . If such group already exists , then the useradd command will fail .

If USERGROUPS_ENAB is set to no , then useradd , will check the value , of the variable : GROUP , defined inside : /etc/default/useradd

  1. @root:~$ cat /etc/default/useradd | grep GROUP
  2. # grep the value of GROUP
  3. # from /etc/default/useradd
  4.  
  5. # GROUP=100
  6.  
  7. # The value GROUP is commented
  8. # out .

If GROUP is defined and not commented out , then useradd , will add the user , to the group , specified by : GROUP .

The GROUP specified in /etc/default/useradd must exist , and it can be either : a number , or a name .

If GROUP is not defined , or is commented out , then useradd , will assign the user , to the group with the group id of : 100 . The group , with the group id of 100 , has a name of : users .

If the -g USER_GROUP , or the --gid USER_GROUP_ID , options are used

then the user , is assigned to the specified USER_GROUP or USER_GROUP_ID. USER_GROUP must be : a group id , or a group name , which exists . And USER_GROUP_ID must be a group id which exists . For example :

  1. @root:~$ /sbin/useradd -g 100 user-1
  2. # Create a user account , with the
  3. # username of : user-1
  4. # Using the -g option , assign user-1 to
  5. # the group , with the group id of : 100
  6.  
  7. @root:~$ groups user-1
  8. # Print the groups , assigned to :
  9. # user-1
  10. user-1 : users
  11. # user-1 is assigned to the group :
  12. # users
If the -N , or --no-user-group , options are used

and the -g USER_GROUP , or the --gid USER_GROUP_ID are not used , then the /etc/logins.defs file , is not checked , for the variable USERGROUPS_ENAB , but instead , only the /etc/default/useradd file , is checked for the existence of the variable : GROUP .

If the variable GROUP is defined , then the user will be assigned , to the group defined , in the GROUP variable . The group defined in GROUP , must exist , it will not be created .

If GROUP is not defined , then the user will be assigned to the default group , with an id of : 100 .

If the -N or --no-user-group options are used , with the -g USER_GROUP or the --gid USER_GROUP_ID options , then the value defined in USER_GROUP or USER_GROUP_ID, will be assigned to the user , as its group . The group in USER_GROUP or USER_GROUP_ID , must exist , it will not be created .

  1. @root:~$ /sbin/useradd -N -g daemon daemon-1
  2. # Both the -N and -g options
  3. # are used .
  4. # The -g option assign the group
  5. # daemon , to the user daemon-1 .
  6. # The -N option is ignored .
  7.  
  8. @root:~$ groups daemon-1
  9. # Print the user account : daemon-1 , groups
  10. daemon-1 : daemon
  11. # daemon-1 is assigned to the group daemon
  12.  
  13.  
  14. @root:~$ cat /etc/login.defs | grep USERGROUPS_ENAB
  15. # grep the USERGROUPS_ENAB variable ,
  16. # from : /etc/login.defs
  17. USERGROUPS_ENAB yes
  18. # USERGROUPS_ENAB is set to yes , as such ,
  19. # if no group options are specified when
  20. # creating a user account , then the
  21. # user account , will be assigned to a
  22. # group , with the same name , as the
  23. # user account username . The group
  24. # will be created , and must not exist .
  25. # If it exists , useradd will fail .
  26.  
  27.  
  28. @root:~$ cat /etc/default/useradd | grep GROUP
  29. GROUP=root
  30. # The group variable in /etc/default/useradd
  31. # has a value of : root
  32.  
  33. @root:~$ /sbin/useradd -N user-2
  34. # The -N option is used , as such /etc/login.defs
  35. # is ignored , and /etc/default/useradd is
  36. # consulted for the existence , of the value
  37. # GROUP . GROUP is set to : root ,
  38. # as such user-2 will be assigned to the group
  39. # root . The group root must exist , and will
  40. # not be created .
  41.  
  42. @root:~$ groups user-2
  43. # Print the user account : user-2 , groups
  44. user-2 : root
  45. # user-2 is assigned to the group root

The value GROUP inside the /etc/default/useradd file , can be set by using :

  1. /sbin/useradd -D -g USER_GROUP
  2. # USER_GROUP can be a group name or id that exists .
  3.  
  4. /sbin/useradd -D --gid USER_GROUP_ID
  5. # USER_GROUP_ID can be a group id , which exists .
  6.  
  7. # For example
  8. @root:~$ /sbin/useradd -D -g 100
  9. # Set the GROUP variable inside
  10. # /etc/default/useradd , to the
  11. # value of 100 .
  12.  
  13. @root:~$ /sbin/useradd -D
  14. # Display the default options ,
  15. # used by useradd
  16. GROUP=100
  17. HOME=/home
  18. INACTIVE=-1
  19. EXPIRE=
  20. SHELL=/bin/sh
  21. SKEL=/etc/skel
  22. CREATE_MAIL_SPOOL=no
If the -U , or --user-group , options are used

then a group , with the same user : username , will be created , and assigned to the user . The group must not exist , or the useradd command will fail .

The -U or --user-group options , cannot be used with the -N or --no-user-group options , and cannot be used with the -g USER_GROUP or the --gid USER_GROUP_ID options .

  1. @root:~$ /sbin/useradd -U user-3
  2. # Create a user account , with the
  3. # username of : user-3
  4. # -U is used , as such a group
  5. # user-3 will be created , and
  6. # assigned to the user : user-3
  7.  
  8. @root:~$ groups user-3
  9. # Print the groups , assigned to :
  10. # user-3
  11. user-3 : user-3
  12. # user-3 is assigned to the group :
  13. # user-3