Remove Linux User From a Secondary Group ( Supplementary Groups )

Posted on in Categories , , , , , last updated March 3, 2008

Q. User tom is a member of a group called sales and printer. I’d like to remove tom from a group called printer without editing any user configuration text files stored at /etc/ directory?

A. /etc/groups file defines group membership for each user. usermod command has -G option to set a list of supplementary groups which the user is also a member of. Each group is separated from the next by a comma, with no intervening whitespace. If the user is currently a member of a group which is not listed, the user will be removed from the group.

Step # 1: Find out user group identity

Use id command:
# id -nG {user-name}
# id -nG tom

Output:

sales printer

Step # 2: Remove user from printer group

Use the following syntax:
# usermod -G {groupname1,groupname2,...} {username}
To keep membership for sales only group (remove user tom from printer group), enter:
# usermod -G sales tom
# id -nG tom

Output:

sales

The following example remove user vivek from all groups except admin, audio, video and powerdev group:
# id -nG vivek
Output:

vivek adm dialout cdrom floppy audio dip video plugdev scanner netdev lpadmin powerdev admin

Modify group membership, enter:
# usermod -G admin, audio, video, powerdev vivek
# id -nG tom

Sample output:

vivek audio video powerdev admin

For more information, read usermod(8) command man page:
$ man usermod

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin and a trainer for the Linux operating system/Unix shell scripting. He has worked with global clients and in various industries, including IT, education, defense and space research, and the nonprofit sector. Follow him on Twitter, Facebook, Google+.

Share this on (or read 21 comments/add one below):

21 comment

  1. lets say i want to add an existing user to an existing group. when the user belongs to other groups already. what command will i use.

    using usermod-g “groupname” user will change the initial gropu of the user and delete him from another group.
    usermod -G this will lead from the user being deleted ffrom all other groups except the one sspecified.

  2. Hi,

    I have added user to a group called sales using smbldap-usermod -G .
    How do I remove this user from the supplementary group. I was once succesful in removing the user by using the command smbldap-usermod -g . But when I give the time id -nG the supplementary group still shows up.
    Can you explain why this happens and how to overcome this problem.
    Appreciate your help

    Cheri

  3. this dint help me

    id -nG aares00
    OutPut= aaresusers rootmembers

    gpasswd -d aares00 rootmembers
    OutPut= Removing user aares00 from group rootmembers

    id -nG aares00
    OutPut= aaresusers rootmembers

  4. I don’t know if it’s available from other platforms or not, but I have this command on Arch which seems more intuitive and easier to do:

    groupmems -g [group_name] -d [user_name]

    For example, if I want to remove sally from group admins:

    groupmems -g admins -d sally

  5. If you want to add/remove a user only to/from a single secondary group, use gpasswd command

    Following your example

    Remove tom from sales group
    gpasswd -d tom sales

    Add tom to printer group
    gpasswd -a tom printer

Leave a Comment