How to add a new user to the group in Linux

Suppose you do want another person to have complete access like you in your system. Then you are in the right place.

In Linux, every user has restrictions based on permission they have; while creating, you can achieve level security in your system by providing correct permission to every single user who tries to access your system locally or remotely.

Suppose you want to restrict a particular user from accessing a specific file and want to give access to another user. Here changing ownership cannot solve this big problem.

So, what should we do? If you think to add that particular file in a specific group and allow users to access who will be in that group, then yes, you are absolutely correct.

Step 1: Creating a new user

First, we will create a new user for demo purposes.

$ sudo useradd trendocean

A new user with a trendocean name will be created in your system. All users in your Linux System will be listed at /etc/passwd.

$ sudo cat /etc/passwd
cockpit-wsinstance:x:962:962:User for cockpit-ws instances:/:/usr/bin/nologin
mongodb:x:961:961::/var/lib/mongodb:/usr/bin/nologin
trendocean:x:1001:1001::/home/trendocean:/bin/bash

Step 2: Creating a new file

Now we create a new file with a specific restriction on read, write, and execute. Right now, I am giving the example of a text file, but you can apply the same method for other example directories.

$ touch trendocean.txt

Now you have a new file with the name trendocean.txt. If you wish, you can add some content inside this using any of your favorite text editor like nano, vim, emacs.

Let’s check the current owner and group of this file using the below command.

$ ls -la trendocean.txt
-rw-r--r-- 1 trendocean trendocean 0 Dec 13 12:23 trendocean.txt

As you see, this file has only read-write access to its owner, which is trendocean.

First, let’s create a new group where we add this file and then add all new users we want to give access to this file.

Step 3: Creating a new group

Using the below command, you can easily create a new group. Right now, I am creating a group with the name trendoceangroup.

$ sudo groupadd trendoceangroup

Like the user, you can list all of the groups existing in your system using the below command.

$ sudo cat /etc/group
mongodb:x:961:
testgroup:x:1002:
www-data:x:1003:
trendoceangroup:x:1005:

Now we create a random user whom we only want to give access for read-write for a file trendocean.txt.

Step 4: Adding a new user to a group

Let’s first create a random user. In this case, I am creating a name test.

$ sudo useradd test

Now, we add this test user in trendoceangroup.

How to change group using chgrp

$ sudo usermod -aG trendoceangroup test

The above command adds trendoceangroup in test user. You can check this by entering the groups command in a test user terminal.

After adding trendoceangroup successfully into test user. We change a group of trendocean.txt to trendoceangroup. So, any user in group trenedoceangroup can have access to these files, and also, we have to edit permission of this file for the group.

First, we allow read, write, and execute permission for this file to group users using the below command.

Before change

$ ls -la trendocean.txt
-rw-r--r-- 1 trendocean trendocean 0 Dec 13 12:23 trendocean.txt

Giving permission to group.

$ sudo chmod 647 trendocean.txt
$ ls -la trendocean.txt
-rw-r--rwx 1 trendocean trendocean 0 Dec 13 12:23 trendocean.txt

chmod is use to change access permission of file and directory.

Now we change the group ownership of this file to a trendoceangroup using the chown command.

$ sudo chown :trendoceangroup trendocean.txt
$ ls -la trendocean.txt
-rw-r--rwx 1 trendocean trendoceangroup 0 Dec 13 12:23 trendocean.txt

That’s all now test user has read, write, and execute permission for trendocean.txt.

If you have any query feel free to comment down below.

Leave a Reply