Howto: Linux Add User To Group

Posted on in Categories , , last updated October 26, 2016

How can I add a user to a group under Linux operating system using command line options? How to add an existing user into a group in Linux using command line options?

You can use the useradd or usermod commands to add a user to a group. The useradd command creates a new user or update default new user information. The usermod command modifies a user account and it is useful to add user to existing groups. There are two types of groups under Linux operating systems:

  1. Primary user group.
  2. Secondary or supplementary user group.

All user account related information are stored in the following files:

  1. /etc/passwd – Contains one line for each user account.
  2. /etc/shadow – Contains the password information in encrypted formatfor the system’s accounts and optional account aging information.
  3. /etc/group – Defines the groups on the system.
  4. /etc/default/useradd – This file contains a value for the default group, if none is specified by the useradd command.
  5. /etc/login.defs – This file defines the site-specific configuration for the shadow password suite stored in /etc/shadow file.

useradd Example – Add a new user to secondary group

You need to the useradd command to add new users to existing group (or create a new group and then add user). If group does not exist, create it. The syntax is as follows:
useradd -G {group-name} username
In this example, create a new user called vivek and add it to group called developers. First login as a root user (make sure group developers exists), enter:
# grep developers /etc/group
Sample outputs:

developers:x:1124:

If you do not see any output then you need to add group developers using the groupadd command:
# groupadd developers
Verify that user vivek does not exists:
# grep ^vivek /etc/passwd
You should not see any outputs from above command. Finally, add a new user called vivek to group developers:
# useradd -G developers vivek
Setup password for user vivek:
# passwd vivek
Ensure that user added properly to group developers:
# id vivek
Sample outputs:

uid=1122(vivek) gid=1125(vivek) groups=1125(vivek),1124(developers)

Please note that capital G (-G) option add user to a list of supplementary groups. Each group is separated from the next by a comma, with no intervening whitespace. For example, add user jerry to groups admins, ftp, www, and developers, enter:
# useradd -G admins,ftp,www,developers jerry

useradd example – Add a new user to primary group

To add a user tony to group developers use the following command:
# useradd -g developers tony
# id tony

Sample outputs:

uid=1123(tony) gid=1124(developers) groups=1124(developers)

Please note that small g (-g) option add user to initial login group (primary group). The group name must exist. A group number must refer to an already existing group.

usermod example – Add a existing user to existing group

Add existing user tony to ftp supplementary/secondary group with the usermod command using the -a option ~ i.e. add the user to the supplemental group(s). Use only with -G option:
# usermod -a -G ftp tony
In this example, change tony user’s primary group to www, enter:
# usermod -g www tony

usermod command options summary

OptionPurpose
-a
--append
Add the user to the supplementary group(s). Use only with the -G option.
-g GROUP
--gid GROUP
Use this GROUP as the default group.
-G GRP1,GRP2
--groups GRP1,GRP2
Add the user to GRP1,GRP2 secondary group.

A note about security

If you add or delete user to existing group, you must change the owner of any crontab files or at jobs manually. You must make any changes involving NIS on the NIS server too.

A note about GUI tool

You will probably find the use of the GUI tool easy. KDE user can use KUser tool and the GNOME user can use users-admin tool called system-config-users:
# system-config-users
Sample outputs:

Fig.01: User Manager Tool in action (image credit Fedora project)
Fig.01: User Manager Tool in action (image credit Fedora project)

See also

For more information type the following command at the shell prompt:
$ man usermod
$ man useradd

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin and a trainer for the Linux operating system/Unix shell scripting. He has worked with global clients and in various industries, including IT, education, defense and space research, and the nonprofit sector. Follow him on Twitter, Facebook, Google+.

133 comment

  1. How can i run the passwd command
    non-interactively in linux . I want to change the password through a script file….How can i
    invoke the passwd command thru a script file non-interactively.
    If thats not possible then suggest
    some alternative…

    1. You’re suggesting we’d need to know each group first? Perhaps telling us that above would be good, also including the command to find the current ‘oldgroup1 oldgroup1’ stuff:
      groups lefty

      Also, what’s the difference between useradd and adduser?
      What’s the differences between distros?
      The article could use some reorganization as well to make the concept flow better, but the article has good info, just not laid out super-clearly. IMHO.

  2. Actually, it’s easier to go like this:

    usermod -a -G ftp tony

    The -a causes your old groups to be kept. At least in the newer versions. I was looking into this and found an old manpage where the -a function is not documented.

    Since I don’t know when this feature was introduced, you should check for it on the man pages before using it.

  3. why this command didnt work on sun solaris 10 ?
    #useradd -u 100 -g other -d /export/home/newuser1 -m -s /bin/ksh -c “Regular User Account ” newuser1

    Error :uid 100 already in use

  4. install sudo.

    then edit /etc/sudoers (or other location)

    and append the line-

    %developer ALL=(ALL) NOPASSWD: ALL

    This will give the users in group developer the root access but will need to type

    sudo

    The above setup will not demand root password

  5. Now that I foolishly ran:
    usermod -G ftp chris

    Is there anyway I get access back to all the groups I had before?

    I am using Ubuntu so I don’t have a password for the root user.

  6. OK, so for instance, with webmin which allows the creation of users from a text using useradd, it would not be possible to automatically add a database for each call of useradd without modifying webmin…

    That’s not making my life any easier :)

  7. Hi… newb here ;)
    I have a quick question: in CentOS 5, when I type usermod -a -G ftp tony I always get the error “invalid numeric argument ‘ftp’ why is that?

  8. If you modified your own user account while logged in with it, the changes will not have an effect until you next login.

    If you don’t want to logout, you can replace your current BASH shell with a new one to achieve the same thing by running the follow:

    su –preserve-environment –command “$(which $SHELL) –login -i” $(whoami)

    This will switch-user to yourself, replacing your current shell with a new instance of itself. You will be prompted for your password.

    If you don’t specify a command to run you’ll probably get an error to the effect of “cannot execute bash: file not found” because it won’t be on the environment. You could use –shell to point su at it, but your shell wouldn’t be a “login” shell and therefore won’t read your .bash_profile etc.

  9. There are simpler commands (at least on Ubuntu):

    adduser user group
    will add an existing user to an existing group

    deluser user group
    will remove a user from a specified group

  10. In the past when I’ve upgraded to the latest edition of Ubuntu I’ve added any existing users by entering the user name, real name, password etc. into the Users and Groups dialogue boxes and all worked fine.

    However with upgrading to Hardy when I do the same an error flags up saying “Home Directory Already Exists – Please enter a different home directory path” and I’ve been unable to re-instate the users.

    Can anyone tell me how to add these users

  11. whyyyyyyyyy how i can fix it

    [email protected] ~/mysql
    $ groupadd
    bash: groupadd: command not found

    [email protected] ~/mysql
    $ /usr/sbin/groupadd
    bash: /usr/sbin/groupadd: No such file or directory

    [email protected] ~/mysql
    $ useradd -G {mysql} mysql
    bash: useradd: command not found

    [email protected] ~/mysql
    $

  12. Hi Vivek,

    your tutorial is really nice to follow.

    I have a scenario, where i need to create a super user and subuser(1,2,3) for accessing ftp in our webserver it is linux with redhat on it. so that super user can access all the subuser folders, and subusers can access only their folders respectively.

    I haven’t created any of the groups, so i would like to know from scratch like defining users and creating permissions.

    since I am new to this linux environment, it would be great if you could post commands like the one above for the scenario i explained.

    Many Thanks.
    Suresh

  13. Ive managed to add account.

    [email protected]:~$ sudo useradd -G admin,dialout,cdrom,floppy,audio,dip,video,plugdev,fuse,lpadmin aksu
    [email protected]:~$ sudo passwd aksu
    Enter new UNIX password:
    Retype new UNIX password:
    passwd: password updated successfully
    [email protected]:~$ id aksu
    uid=1001(aksu) gid=1001(aksu) groups=1001(aksu),20(dialout),24(cdrom),25(floppy),29(audio),30(dip),44(video),46(plugdev),107(fuse),109(lpadmin),115(admin)

    Now I have a problem, when I connect the server says:

    Could not chdir to home directory /home/aksu: No such file or directory

    How can I manage that to work out right. ATM I can’t use TAB for filling in file/folder names etc.. PLZ help me out :)

  14. Aksuli type this command it will help u

    1) [email protected]:~$ sudo useradd -G admin,dialout,cdrom,floppy,audio,dip,video,plugdev,fuse,lpadmin aksu -d /home/aksu

    2) mkdir /home/aksu

  15. To add a user to multiple groups – ‘man useradd’

    -G, –groups GROUP1[,GROUP2,…[,GROUPN]]]
    A list of supplementary groups which the user is also a member of.
    Each group is separated from the next by a comma, with no intervening whitespace. The groups are subject to the same restrictions as the group given with the -g option.
    The default is for the user to belong only to the initial group.

  16. complete noob with linux here…

    what are the actual groups that you can add users to?

    i know there’s the ‘users’ group for standard users… but what else is there? can i add a user as a sysadmin with full control over the system? or is that the same as logging in as root?

    i also understand it’s apperently a “bad idea” to login as root into KDE… but why?

    sorry, like i said, complete noob. just installed yesterday.

    oh, and also, even though i realize this isn’t the right place to ask this, i have no idea where else to ask and i’ve been seraching for this for hours… how do you mount a new hard drive? there’s plenty of info telling how to mount a cdrom or a floppy drive, or even a usb thumb drive, but NOWHERE does anything or anyone say how to mount a simple hard drive…. is it not possible to add an additional hard drive? i can’t believe that that would be impossible, so there’s got to be a way.

  17. i have 3 sites. MainSite TestSite and FileSite. Main and Test need to be apart of the FileSite group to be able to read/write/delete files.

    usermod -a -G MainSite,TestSite FileSite
    is that right?

  18. If I have a user that is only used to run scripts (started by fetchmail), but I do not actually ever log in as such user in the console. I have added that user to a group to get access to a folder, but it does not seem to work.. if it was a normal user, I would simply log out and log in again to activate my membership in this group.. but since I never log in with this user, how can I make sure that it is actually a member of the group?

  19. hi
    i want to create a user say “testusr” and i don’t want to get home directory for him and his individual group (generally he will belong to his group “testusr” group i don’t want it) but i have already have a common group say “cmngrp” so he should belong to it only.
    i think my point is clear
    create “testusr” without home directory and without his own group but belongs to “cmngrp”.

  20. Hi ,

    Say i have a group called music.

    I want every new user henceforth created to automatically have the music group as their secondary group on top of the primary group that will be added by the system.

    Is this possible?

    Thanks

  21. Hey, I’m getting
    [[email protected] ~]$ sudo su
    [sudo] password for user:
    user is not in the sudoers file. This incident will be reported.

  22. Oh yeah man! This is the best site i ever meet, on helping users to quick find the answer to concrete Question! Thank you so much for the FAQ archive! wish you the best thinks.
    this is the primary site, that i search for responses to Linux Q’s.

  23. I made the mistake of not including -a in usermod as well, now im locked of doing anything useful in ubuntu. Granted i’m a linux newbie, so hard lessons like this are bound to happen, but you would save many headaches with just a small, clear explanation at the top about how flags (especially -a) are vital to how usermod works. Since you are THE top google hit for “linux add user to group”, you would save a lot of people some serious pain.

  24. Any idea howto add existing group into another existing group ?

    Ex: test1 – group has 5 users
    test2 – group has 3 users

    i want to add test1 group to be part of test2, instead of adding the users.

  25. Can you please emboss, move to top, highlight, make it red and blink FFS !!!
    99 % of the people want an user added to an existing group, not moved.
    Only on Linux, add is a special type of move (sarcasm).

    Please, for this tutorial of yours, that comes up on google, this is what we want:
    usermod -a -G ftp tony
    not this:
    usermod -G ftp tony

    Maybe with time we will learn Linux and face this issues more bravely, but most of us that come here have rather trivial experience with Linux, we want to learn.. but we want to learn how to add an user to a group (of course existing, is the natural way) no how to damage our systems.

    Call me stupid, but it is the 2nd time I revisit this issue, being forced to again reinstall my linux box because of damaging my sudoers list.

    Please, put a big red or whatever flashy warning on top of the article, notifying people about the sudeoers bite.

  26. This post is wrong and it’s the top search result on google. You should edit or remove it.

    The correct way to add a user to a group is “usermod -aG groupname username”.

  27. its mind blowing solution for adding user to any group .we can add multiple existing users to an existing group by this method # gpasswd -M niti,gauri,lina,nidhi masti =added user niti ,gauri ,lina and nidhi to group “masti”

  28. Hi… I tryed your hint, but I have got some erros below:
    [email protected]:/etc# testparm
    Load smb config files from /etc/samba/smb.conf
    Unknown parameter encountered: “client code page”
    Ignoring unknown parameter “client code page”
    Unknown parameter encountered: “character set”
    Ignoring unknown parameter “character set”
    Unknown parameter encountered: “domain admin group”
    Ignoring unknown parameter “domain admin group”
    Unknown parameter encountered: “domain admin users”
    Ignoring unknown parameter “domain admin users”
    Processing section “[netlogon]”
    Processing section “[home]”
    Processing section “[publico]”
    Processing section “[contabil]”
    Processing section “[suporte]”
    Processing section “[tmp]”
    Loaded services file OK.
    Server role: ROLE_DOMAIN_PDC
    Press enter to see a dump of your service definitions

  29. You should really change this article to either
    a) use the -a switch in the first example or
    b) add a BIG RED WARNING that the command you give will REMOVE THE USER FROM ALL CURRENT GROUPS

    This comes up #1 on google for “linux add user to group” and I suspect I’m not the only one who completely screwed up their user by running the command you have listed here to “add a user to a group”

    Perhaps the article should be titled “How to remove a user from all groups and add them to a new group”

  30. Hi Geeks,

    How can I add multiple users into a group at a time without removing the old users belongs to that particular group.
    I have tried the following command

    #gpasswd -M user1,user2,user3 group_name

    But, the thing is that, after adding these users, the previous users belongs to this group being removed.
    I want the previous users to be exist.
    Please, help……..
    Thanks in advance …..

  31. I built a bash script to add multiple users from a csv-file to an existing group without creating a home dir. The passwords in csv-file are clear text.

    #!/bin/bash
    
    FILE=/root/test.csv
    
    cat $FILE | while read line; do
       USER=$(echo $line | awk -F\; '{print $1}')
       PASS_TMP=$(echo $line | awk -F\; '{print $2}' | sed 's/\ //g')
       useradd -M -G cvs_usr $USER
       echo $USER:$PASS_TMP | chpasswd
    done
    
  32. In SuSE linux, there is No -a (this article states that the ‘-a’ retains existing groups and ‘adds’ new group ‘-G’), but in openSuSE 12.2 at least, there is no ‘-a’ option to usermod, it keeps existing groups, by default i guess…
    # usermod -G GroupName UserName
    eg,
    # id lunar
    uid=1002(lunar) gid=100(users) groups=100(users)
    # usermod -G sshd lunar
    # id lunar
    uid=1002(lunar) gid=100(users) groups=100(users),102(sshd)
    Landis.

  33. Hi ,
    I have built a x86 rootfs using buildroot with both ifuse , imobiledevice ,usbmuxd . i did chroot ( directory :/var/prj_ca/) to the generated filesystem and mounted the following
    mount –bind /dev /var/prj_ca/dev
    mount –bind /dev/pts /var/prj_ca/dev/pts
    mount –bind /dev/fuse /var/prj_ca/dev/fuse
    mount –bind /proc /var/prj_ca/proc
    mount –bind /sys /var/prj_ca/sys
    mount –bind /media /var/prj_ca/media
    when i run .
    lsusb -v | grep -i iSerial i am getting the IPOD serial id but .
    ifuse is failing with following error.
    ifuse /tmp/apple_inc._ipod_b067d003ed1b22a9fffa47e3654a00e6386a6c9a/
    usbmuxd_get_device_list: error opening socket!
    No device found, is it connected?
    If it is make sure that your user has permissions to access the raw usb device.
    If you’re still having issues try unplugging the device and reconnecting it.

    I am stuck can u please help.

  34. The format of this post took out an important part of the commands. PLEASE DISREGARD ABOVE. Here is an ammended post:

    A simple “man usermod” will provide the options available. The -A option does not remove any groups, it only adds. For adding a user to a group, MY preferred method is:
    usermod username -A group

    If you wish to add user to a list of groups, you may use a comma as delimiter, as in:
    usermod username -A group1,group2,group3

    The -G option is not preferred in my opinion, it is used to specify all groups to which the user will belong to, and has the ability to REMOVE a user from unspecified groups. As many have pointed out, the ability to remove a user from groups can have nasty results if not carefully used.

    So, just use the -A option to add your existing users to existing groups, and you should be all set. Good luck!

  35. # Post’s original command (does not work):

    useradd -G GROUP USER
    useradd: user 'USER' already exists

    # Working command:

    gpasswd -a USER GROUP
    Adding user USER to group GROUP

    # Help:

    gpasswd -h
    Usage: gpasswd [option] GROUP
    
    Options:
      -a, --add USER                add USER to GROUP
      -d, --delete USER             remove USER from GROUP[/code]
    

    Arch linux here.

  36. complete noob with linux here…

    what are the actual groups that you can add users to?

    i know there’s the ‘users’ group for standard users… but what else is there? can i add a user as a sysadmin with full control over the system? or is that the same as logging in as root?

    i also understand it’s apperently a “bad idea” to login as root into KDE… but why?

    sorry, like i said, complete noob. just installed yesterday.

    oh, and also, even though i realize this isn’t the right place to ask this, i have no idea where else to ask and i’ve been seraching for this for hours… how do you mount a new hard drive? there’s plenty of info telling how to mount a cdrom or a floppy drive, or even a usb thumb drive, but NOWHERE does anything or anyone say how to mount a simple hard drive…. is it not possible to add an additional hard drive? i can’t believe that that would be impossible, so there’s got to be a way.

  37. Hi, I want to know how to create a group in redhad but to be sure that this group is created in the local machine and not in the grid where I am connected at. I saw man and found option groupadd -r that seesm to add the user to the system account. How could I be sure that the new group is created in the local system? Thanks

  38. Does “usermod -G group” remove me from every other group? If so, the guide should mention.
    Because in doing “usermod -G my_username www-data”) I seem to have removed myself from the sudo group on my remote server on which the root account is locked. Which is fun.

Leave a Comment