Administering File Groups with 'gpasswd'

The 'gpasswd' tool aligns individual users with Linux usergroups

Futuristic red technology fractal

 sakkmesterke / Getty Images

Each file and folder within Linux entails user, group, and owner permissions. By controlling who has access to a group, you can control what happens to files and folders on your system without having to set permissions for each user.

This procedure works for all Linux distributions running any desktop environment and shell. The procedures outlined below were tested using Ubuntu 19.10 with the Budgie desktop environment and Zsh, running in a Hyper-V virtrual machine on Windows 10.

How to Add a User to a Group

gpasswd command

Use the command sudo addgroup [groupname] to create a group, if you haven't already created one.

The command to modify an existing group's password, gpasswd, takes the following general form:

gpasswd [option] group

The options available for this command include:

  • -a, --add: Add a user to the named group.
  • -d, --delete: Remove a user from the named group.
  • -h: Display a help summary, then exit.
  • -Q, --root: Apply changes in the group's root directory and use the config files from it.
  • -r, --remove-password: Remove the group password. Only people who are already added to the group can activate it for the session using the newgrp command.
  • -R, --restrict: Restrict access to the group and set a default group password of !. People must supply the password to join the group using newgrp.
  • -A, --administrators: Sets the list of people who have the authority to administer users (add/delete) or change the group password.
  • -M, --members: Sets the list of group members.

The usual method of modifying a group entails the groupmod command.

How It Works

The gpasswd command serves as a shell-based front end to administer the /etc/group and /etc/gshadow files. In addition to short-cutting the processes for assigning users and groups (which typically occurs with the usermod command), gpasswd sets an optional password on a group.

Linux includes a newgrp command by which an ordinary user account may gain access to different user groups or to change the active group ID during a given login session. To avoid potential inappropriate group-joining, the group password is required whenever someone attempts to join the group through the newgrp command.

Why You Should Avoid 'gpasswd'

Once upon a time, the idea of a group password probably made sense; the practice mirrored individual users accessing their accounts with a password. However, although this capability remains baked into Linux, it's preferable to avoid using group passwords—and to using gpasswd to modify group-level access. Here's why:

  1. Security: It's generally adequate to add individual users to secondary groups, by a system administrator, than to allow individual users to pick-and-choose groups individually. After all, a group-level password is only as secure as the person who knows it and leaks it publicly—which undermines the safety value of the password in the first place.
  2. ACLs: The broadening use of Access Control Lists overcomes some of the quirks of the owner/group/user security model.
  3. Sudo: In some cases, particularly with rarer use cases (e.g., accessing certain sensitive information), adding a special sudo role is sufficient, as well as being retroactively auditable.