This tutorial explains how to remove a user from a group in Linux. After reading this, you’ll know how to delete users from groups easily using both gpasswd and deluser commands.
What are groups in Linux?
In Linux, users are associated with groups defining their permissions and accesses. To understand what groups are in Linux, it is important to note that there are 3 ways to grant or restrict permissions and accesses: individually, collectively, and “by elimination”.
When a user is granted permissions individually, these permissions are associated with the user ID. To grant permissions collectively, the system administrator creates a group with certain rights, and the member users of that group acquire the group permissions. Removing a user from a group will remove all permission the user inherited from that group.
As said previously, permissions can be granted or restricted to specific users individually and collectively through groups. But the system also needs a policy for all others who are not associated users or groups. Thus when granting or removing permissions in Linux, we must specify 3 categories:
- User: Individual permissions.
- Group: Collective permissions.
- Others (also known as “World” ): Permission for undefined requesters.
In Linux, every user is associated with a group generated in the user’s account creation process.
You can check the groups a user belongs to by executing the groups command followed by the username, as shown in the screenshot below.
As you can see, the linuxhint user is a member of multiple groups, which will be explained later.
How to remove a user from a group in Linux using gpasswd:
To remove the user from one of those groups, you can invoke the gpasswd command with the –delete flag followed by the user to be removed and the group.
In the example below, the linuxhint user is removed from the group floppy.
As you can see, linuxhint isn’t part of the floppy group anymore.
You can find additional gpasswd options at https://man7.org/linux/man-pages/man1/gpasswd.1.html.
How to remove a user from a group in Debian or Ubuntu with deluser:
On Debian-based Linux distributions, you can remove a user from a group using the deluser command followed by the user to be removed and the group. In the example below, the linuxhint user is removed from the group floppy.
For more information on the deluser command, visit http://manpages.ubuntu.com/manpages/trusty/man8/deluser.8.html.
Removing a user from a group in Linux by editing the /etc/group file:
Another way to remove a user from a group in Linux is to edit the /etc/group file. Open the /etc/group configuration file using a text editor, as shown in the example below (nano).
Find the group floppy; you can use the key combination CTRL+W to search “floppy” or the group you want a user to be removed from.
You’ll see the users belonging to the group, in my case, the linuxhint user. To remove the user from the group, remove the user from the group line.
In my case, I change the line of the floppy group from this:
To this:
Press CTRL+X to save changes and exit.
Adding a user to a group:
You can use the gpasswd to add users to groups too. Just replace the –delete flag with the –add a flag, as shown in the example below, in which the linuxhint user is added to the floppy group.
As you can see, the user linuxhint as added to group floppy.
You can also add users to groups using the usermod command with the -aG argument followed by the group and the user to be removed, as shown in the example below. The linuxhint user is removed from the floppy group.
Both ways explained above to add users to groups are correct.
Conclusion:
Learning how to manage a group is a basic requirement to deal with permissions. Groups is a Unix feature later adopted even by competitors like Microsoft Windows.
Users need to know how to restrict users’ access to certain groups, especially in operating systems in which initial users are granted privileges by default.
The gpasswd and /etc/group methods are convenient to keep in mind for being universal, while deluser remains a good option for users limited to Debian-based Linux distributions.
If you found this tutorial interesting, you may be interested in reading Setuid, setgid, and sticky bit explained.
I hope this tutorial explaining how to remove a user from a group in Linux was useful. Keep following Linux Hint for more Linux tips and tutorials.