Every new user is assigned to an initial (or primary) group. Two conventions exist.
Traditionally this primary group is the same for all users and is
called users with a group id (GID) of
100. Many Linux distributions adhere to
this convention such as Suse and Debian.
The User Private Group scheme (UPG) was introduced by RedHat and changes this convention without changing the way in which UNIX groups work. With UPG each new user belongs to their own primary group. The group has the same name as the login-name (default), and the GID is in the 500 to 60000 range (same as UIDs).
As a consequence, when using the traditional scheme for groups the
users umask (see LPI 101) is set to
022, whereas in the UPG scheme the
umask is set to
002.
A user can belong to any number of groups. However at any one time (when creating a file for example) only one group is the effective group.
The list of all groups a user belongs to is obtained with either the groups or id commands.
Joining a group changes the users effective group and starts a new session from which the user can then logout. This is done with the newgrp command.
If the groups command is issued,
the first group on the list would no longer be
root but
sales.
The groupadd
tool is used to add new groups.
It will add an entry in the /etc/group file.
The groupdel
tool is used to delete groups.
This will remove relevant entries in the /etc/group
file.
Administration tasks can be carried out with the
gpasswd tool.
One can add (-a) or remove (-d) users
from a group and assign an administrator (-A).
The tool was originally designed to set a single password on a group,
allowing members of the same group to login with the same password.
For security reasons this feature no longer works.