To perform the steps that are demonstrated in this guide, you need the following components:
- A properly-configured Fedora Linux system. For testing, you can create a Fedora Linux VM using VirtualBox.
- Access to a non-root user with sudo privilege.
User Groups in Fedora Linux
Linux is a robust multi-user system that allows multiple users to access and use the system simultaneously. Each user is assigned a set of permissions which limits what the user can and can’t do on the system.
However, defining the user permissions on a per-user basis can be daunting. To simplify this, Linux comes with the user groups feature. A user group, as the name suggests, comprises of multiple users. We can specify the permissions for the user group that are applied to all users within that group.
Types of User Groups
1. Primary User Groups
Each user in the system belongs to exactly one primary user group. The group name is the same as the target user.
Whenever the user creates a file, the primary group is assigned to the file permissions.
For example, the “viktor” user belongs to the “viktor” primary user group:
Let’s test the file permission assignment. The following command creates an empty file and lists its file permissions:
2. Secondary or Supplementary Groups
These groups are generally used to manage a certain permission to a set of users. Any user can be a part of zero or more secondary user groups.
Here are some of the common secondary user groups that you will come across:
- wheel: It’s a user group that exists in all modern UNIX/Linux systems. It’s used to control the access to a root privilege. Any user within this group can run the commands with sudo.
- nobody: A user group that has no privilege.
- root: It comes with complete system admin control.
- lp: It controls the access to parallel port devices.
- proc: This group permits the access to learn the process info. Otherwise, it is prohibited by the proc file system.
Besides these common groups, there are also other user groups:
- audio: Sound hardware
- video: Video capture devices, 2D/3D acceleration devices, and such
- kvm: Access to KVM virtual machines
- disk: Access to block devices
- floppy: Access to floppy drives
- optical: Access to CD/DVD drives
- storage: Access to removable drives
Various programs also create their own users and groups. For example: postgres (PostgreSQL), mysql (MySQL), etc.
Listing the User Groups
There are multiple ways to list all the groups in the system. To find the groups that a user is part of, use the following groups command:
To list all the groups that are present in the system, we can check the content of the /etc/group file:
The “getent” command can also list all the groups in a similar fashion:
To get a list of only the group names, we can edit the output using “awk”:
Adding a User to a Group
In this section, we will demonstrate how to add a user to an existing group.
Creating a New User
For demonstration, we create a new dummy user. However, the procedure is still valid for any existing user.
To create a new user, run the following command:
If you want to create the user with its own home directory, use the following command instead:
Next, assign a login password for the new user:
Adding a User to a User Group
By default, the user belongs to its own primary user group:
To add the user to a secondary user group, use the “usermod” command:
If you want to add the user to multiple groups, use the following command instead:
Use the “groups” command to check the list of groups that the user is part of:
Bonus: Removing a User from a Group
If a user is to be revoked with the permissions granted by a user group, we can simply remove the user from the group.
To remove a user from a group, use the following command:
We can verify if it worked using the “groups” command:
We demonstrated the various ways of adding a user to a user group in Fedora Linux. In addition, we also showcased how to list all the groups in the system and how to remove the users from a user group.