Managing User Groups

In addition to user accounts, you can also create user groups. Groups can be very powerful, as they allow you to assign resources to an arbitrary set of users. On UNIX systems, groups are typically used for file permissions. However, you can also utilize groups to assign nodes to a specific set of users, thereby limiting which users have access to certain nodes. This section covers creating and modifying groups.

Creating a Group

Before you can add users to a group, you must first create the group. Groups can be created with the groupadd command. This command takes a single argument, which represents the name of the group:

[root@cluster ~] # groupadd <groupname>

Adding a User to a Group

To add a user to a group, use the usermod command. This command requires you to list all the groups the user should be in. To avoid accidentally removing any of the user's groups, first use the groups command to get a list of the user's current groups. The following example shows how to find the groups for a user named Smith:

[root@cluster ~] # groups smith
smith : smith src

After getting a list of the user's current groups, you can then add them to new groups, for example:

[root@cluster ~] # usermod -G smith,src,<newgroup> smith

Removing a Group

To remove a group, run the groupdel command with the groupname as an argument:

[root@cluster ~] # groupdel <groupname>