/etc/group

Just as there is a password file, there is also a groups file – which lists all the available groups. So, in our example above, fred belonged to group 100. This means there must be a corresponding entry in a file called /etc/group which gives the name of group 100. A group entry may look like this:

Typically, only a few of the fields are used, for example:

In this case, the group with GID 100 is known as “users”. We haven’t set a password for this group, and nor have we listed any additional users who might belong to this group. Anybody who is explicitly assigned to a group in /etc/passwd need not be listed in /etc/group for that same group. However, you can use /etc/group to allow a user to belong to more than one group at one time. You can add multiple users to a group in /etc/group by separating their usernames with commas – for example

To my mind, the power of groups seems underused, yet there are facets to using groups that can make your life as a system administrator easier, and your file system more secure.

One use for groups is with project teams who may require access to the same set of materials, such as project guidelines, data, and documents. Creating either a separate partition or a section in the main file system for all of these team files to reside on reduces the need for excessive use of symbolic links between user directories. Set the permissions appropriately such that group members can enter and work.

Another nice use for groups is to even use them to restrict access. If you have a set of people who just simply should not have access to a specific file or directory, then you can put them into a group and then deny access to that group for the file or directory while giving access to the owner and to the rest of the ‘world’.

So, how do you create a new user account?