FreeBSD

FreeBSD Add Group

4 years ago
by Younis Said
In FreeBSD, groups are essentially just catalogs of user accounts. Every Group in FreeBSD has a group name and a GID, or Group ID associated with it. Groups work in FreeBSD like how they work in other Unix Operating systems, and every process has a list of groups associated with it. With this list of groups, the User ID determines the actions a process is permitted to take to make changes within the system. The user ID isn’t enough by itself.

There is two way to go about creating and editing groups:

  1. You can manually edit the plain text group ID file located in /etc/group directory, or
  2. You can use the pw command-line tool.

Editing the group ID map manually:

Open the group ID map file in /etc/group. This file should contain four access fields, each delimited by a colon. These fields each serves the following purpose:

  1. The first field is dedicated to group names,
  2. The second field is for the encrypted password,
  3. The third field is for the group IDs, and
  4. The fourth field is for the members in each group; each member is delimited by a comma.

Now you can edit the text here to create new groups and make changes.

We recommend you only temper with the contents of this file if you’re well versed in the FreeBSD syntax. If not, you can use the pw command as instructed below.

Creating and changing groups with pw command

If you’re daunted by all the cluttered text in the group ID file, you can simply use the pw command to make changes to existing groups, as well as create new ones.

Adding groups with pw command

To demonstrate how new groups are created with the pw command, we will use the pw command to create a group named teamtwo.

$ pw groupadd teamtwo

Verify that the previous command has created the group by adding groupshow to the pw command:

$ pw groupshow teamtwo


You’ll receive the following output:

teamtwo:*:1002:

The number our output shows is actually the group ID of the teamtwo group, thus verifying that the group has been successfully created.

Editing a group in FreeBSD

Let’s add some user accounts to the group we just created. This can also be done by issuing the pw command with the -M option, which creates a list of users each that are part of the group, each delimited by a comma:

$ pw groupmod teamtwo -M younis


Then verify the execution with the command below:s

$ pw groupshow teamtwo


You’ll see the output listing younis following the group ID, confirming that the new user has been added to the group.

teamtwo:*:1002:younis

List Group members with the id command

Use the id command on the user younis to see what group the user is a member of:

$ id younis


It is evident from the output that younis is a member of two groups: teamtwo and younis. The id command shows younis as a group because the password file creates a group for every new user. When queried with the id command, the output would also list younis as a group for younis the user.

Wrapping up:

Today, we demonstrated how to use the pw command to create and edit groups in FreeBSD. While you can manually edit the group ID file, it’s better just to use the pw command if you’re not familiar with the syntax. To find out more about the syntax and editing of plaintext files in FreeBSD, visit the official FreeBSD website.

About the author

Younis Said

I am a freelancing software project developer, a software engineering graduate and a content writer. I love working with Linux and open-source software.

View all posts