Questions tagged [group]

All about Unix groups and access control.

Under Unix each process and each resource belongs to a group. A group is internally represented by a group identifier (GID). The translation between group names and GIDs is stored in the file /etc/group. This is a simple line-oriented database, where each record contains four fields: group name, group password, GID, and a comma-delimited list of users who have GID as secondary group (see below). The use of group passwords is discouraged. Following the pattern of /etc/passwd and /etc/shadow an according file /etc/gshadow was established.

The group membership of a process is stored in the file /etc/passwd; this is also a line-oriented database where each record contains among other things the user name, the UID and the primary GID of the according user account. Unlike resources a process may belong to additional groups. These are stored in the fourth field of /etc/group, i.e. a user belongs to each group for which his username is included in the fourth field of the according entry.

A typical entry in /etc/group looks like this:

wheel:*:10:root,joe,fred

In this example the users root, joe, and fred have the group wheel as one of their secondary groups.

It is custom to reserve GIDs 0 to 99 for system groups and 100 to 499 or 999 to functional group accounts such as services, see /etc/login.defs on Linux distributions that use the shadow suite. A special group is wheel. If configured, only members of that group may use su and do certain other things. Traditionally this group had GID 0 but it has become custom to assign this group GID 10.

Files and other resources can have only one group. The group membership of a file is stored in its inode.

The groups a process is in and the group a resource belongs to have influence on access control decisions. Suppose a process tries to access a resource: If

the UID of the resource does not match the (effective) UID of the process
the GID of the resource does match the (effective) GID or one of the secondary GIDs of the process

then the group access right of the resource apply.

Common problems

608 questions

490

votes

13 answers

How do I remove a user from a group?

Which command should I use to remove a user from a group in Debian? When adding a user to a group, it can be done with: usermod -a -G group user However, I could not find a similar command (accepting a group and user as arguments) for removing the…

users group

asked Jan 20 '12 at 16:29

Lekensteyn

20,173
18
71
111

269

votes

8 answers

Where did the "wheel" group get its name?

The wheel group on *nix computers typically refers to the group with some sort of root-like access. I've heard that on some *nixes it's the group of users with the right to run su, but on Linux that seems to be anyone (although you need the root…

sudo history group su

asked Aug 25 '10 at 18:49

Michael Mrozek

91,316
38
238
232

171

votes

3 answers

Make all new files in a directory accessible to a group

Suppose I have two users Alice and Bob and a group GROUPNAME and a folder foo, both users are members of GROUPNAME (using Linux and ext3). If I save as user Alice a file under foo, the permissions are: -rw-r--r-- Alice Alice. However, is it…

permissions group acl umask

asked May 08 '11 at 18:41

student

17,875
31
103
169

153

votes

11 answers

How can I find out which users are in a group within Linux?

I've recently been creating new users and assigning them to certain groups. I was wondering if there is a command that shows all the users assigned to a certain group? I have tried using the 'groups' command however whenever I use this it says…

users group

asked Nov 06 '15 at 11:48

Jess Louise

1,651
2
11
6

137

votes

3 answers

Getting new files to inherit group permissions on Linux

I am having a problem with permissions on a Linux server. I am used to BSD. When a directory is owned by a group the user who owns it isn't in such as www-data, files created in it will be owned by that group. This is important because I want files…

permissions directory group

asked Feb 18 '14 at 00:48

John Tate

1,900
3
21
30

votes

1 answer

How to change primary group?

I have a user like this: uid=501(ironsand) gid=500(foo) groups=500(foo),10(wheel),497(git),501(ironsand) And to change primary group to ironsand like gid=501(ironsand), I typed this command: sudo usermod -g ironsand ironsand It changed groups…

group

asked Aug 20 '14 at 10:11

ironsand

5,085
12
50
73

votes

2 answers

Is there a whoami to find the current group I'm logged in as?

I'm trying to find my current logged in group without wanting to use newgrp to switch.

linux users group

asked Jan 03 '16 at 09:32

Ian F

2,101
2
10
10

votes

2 answers

What is nobody user and group?

On my server (Synology DS212) some files and folders have nobody nobody users and groups. What are the characteristics of this user and group? Who can write of read this file? How can I change it? For which user and group?

files permissions users group

asked Feb 24 '15 at 13:20

Guuk

votes

2 answers

What is the significance of the "wheel" group?

I've commonly seen references to a wheel user group online as well as when setting up my sudoers file. Does naming a group wheel imply something special about the group or is it just a name for a generic group used in the same manner that foo and…

linux group

asked Aug 27 '14 at 14:17

drs

5,363
9
40
69

votes

4 answers

granting write permissions to a group to a folder

How can I grant write permission to one group? I have two users (alex and ben). alex is member of group alex and of group consult. ben is member of group ben and of group consult. I want to grant read-write access to both alex and ben on the folder…

permissions files group

asked Feb 20 '14 at 09:35

anatak

votes

3 answers

How to apply changes of newly added user groups without needing to reboot?

Assume I'm logged in with user takpar: takpar@skyspace:/$ As root, I've added takpar as a member of group webdev using: # usermod -a -G webdev takpar But it seems it has not been applied, because for example I can't get into a webdev's directory…

permissions users group

asked Aug 15 '11 at 18:45

Alexar

votes

5 answers

Setting multiple groups as directory owners

On my server I have directory /srv/svn. Is it possible to set this directory to have multiple group ownerships, for instance devFirmA, devFirmB and devFirmC? The point is, I want to subversion version control manage multiple users accross multiple…

permissions group subversion

asked Apr 10 '15 at 11:18

KernelPanic

1,196
6
19
37

votes

5 answers

How can I change a user's default group in Linux?

Being new to Linux administration, I'm a little confused about the following commands: useradd usermod groupadd groupmod I've just finished reading the user administration book in the Linux/Unix Administrator's handbook, but some things are still a…

linux users administration group

asked Dec 13 '11 at 01:24

cwd

44,479
71
146
167

votes

5 answers

How do I extend a partition with a LVM and the contained physical volume and logical volume?

On my 240 GB SSD I had at first two partitions, one containing the Logical Volume with Linux Mint and the other had contained a NTFS partition to share with Windows. Now I removed the NTFS partition and want to extend my logical volume group to use…

lvm group volume

asked Oct 31 '13 at 18:00

klingt.net

1,615
4
17
21

votes

5 answers

Typical use case for a group password

I checked more than half a century worth Unix experience and neither my colleagues, nor myself has ever set a password on a group (sg and gpasswd). What would be a typical use case for a group password or is it pretty much only there because of…

password group

asked Oct 01 '13 at 05:29

jippie

13,756
10
44
64

2 3

…

40 41 Next