How to list groups in Linux | FOSS Linux
Under the Linux machine or OS, groups host a collection of system users. We need groups in the Linux OS to define or rank privileges assigned to each member of a group regarding their executable resource-driven permissions, like performing a read and write operation. The system users or members under a group share these permissions settings. An existing or created group also can accommodate new members or system users who automatically inherit the privileges or permission settings already in place.
This tutorial article takes a close look at the available approaches to implement and list groups within a Linux operating system.
Mục Lục
Linux Groups
Before we begin this exciting Linux adventure, we first need to make acquaintance with the types of user groups that exist under a Linux system.
Primary or Login Group
This group caters to the user-created files. The name assigned to a primary or Login group is identical to the name used by the system user. It is mandatory that each Linux system user resides within a primary group.
Secondary or Supplementary Group
It is the privilege-granting group and will cater to certain privileges that certain system users must access or use. When it comes to a secondary group, a user can belong to many of them since each group will operate with a set of different user privileges.
Listing Groups in Linux
The Linux Operating System provides various ways to list groups, and these approaches help us pin-point the whereabouts of all the system users. The system path to the file /etc/passwd hosts the Login users’ group. Additionally, if other supplementary groups present, the system path to the file /etc/group caters to them. The flexibility of listing groups in Linux is that it is implementable through a series of terminal commands.
1. Listing Groups Through the “Groups Command”
It is the most memorable command to work with and list the groups associated with an active Linux user. Its usage and execution can be blunt and direct without considering any other arguments. Its prints out a currently logged-in or active user and the groups this user is associated with within the system.
$ groups
The output of the above yields results similar to the following instance:
tuts_admin admin cdrom sudo dip plugdev lpadmin sambashare
We can add some tweaks to this groups command by including an argument that holds a Linux system username.
$ groups tuts
The above command lists all the groups the user tuts belongs to or is under. Know the current users of your Linux system to use this command effectively. An output similar to the following is expected.
tuts : tuts adm cdrom sudo dip plugdev lpadmin sambashare
2. Listing Groups Through the “Id Command”
The functionality of this command makes it specific. It can be used with or without an argument. If used without an argument, it prints out system information about the currently logged-in user.
$ id
Expect an output like the following:
uid=1001(tuts) gid=1001(tuts) groups=1001(tuts),27(sudo)
We can also add an active username of the Linux system as an argument.
$ id tuts
Its output is:
uid=1001(tuts) gid=1001(tuts) groups=1001(tuts),27(sudo)
The above command output is similar to the one previously executed after it because we are referencing the same system user. The command outputs the user (tuts), secondary groups (groups), primary group (gid), and user ID (uid). If you want the output from using the id command to omit this detailed complex output and print the groups belonging to the specified user, you can optionally use the arguments -nG.
$ id tuts -nG
The command will output:
tuts sudo
3. Listing Groups Through the “Getent Command”
The syntax for using the getent command is as follows.
# getent group groupname
When you execute this command, it will display database entries that directly reference the Name Service Switch libraries configurable under the system file name /etc/nsswitch.conf.
$ getent group | grep tuts
The expected output is similar to the following:
adm:x:4:syslog,tuts cdrom:x:24:tuts sudo:x:27:tuts_admin,tuts dip:x:30:tuts plugdev:x:46:tuts lpadmin:x:116:tuts tuts_admin:x:1000: sambashare:x:126:tuts
We can also output the groups linked to a specific system user if we include the awk command as an argument to the above command string.
$ getent group | grep tuts | awk -F:'
$1
}
'
The output that follows is:
adm cdrom sudo dip plugdev lpadmin tuts sambashare
You might also be interested in specifically the primary group information. You can achieve this objective through the following command string.
$ getent group tuts
You will get an output similar to the following.
tuts:x:1000:
4. Listing Groups Through the “/etc/group” file
Like in the previous command sequences, the grep command will also help execute the command strings applicable here. It is also an easy way to achieve user printed group information linked with the /etc/group system file. The command grep is an abbreviation for global regular expression print. It relates to its usefulness in printing out or outputting a specific file’s content in a matching format. Let us consider its practical use case:
$ grep tuts /etc/group
We should expect an output similar to the following:
adm:x:4:syslog,tuts cdrom:x:24:tuts sudo:x:27:tuts_admin,tuts dip:x:30:tuts plugdev:x:46:tuts lpadmin:x:116:tuts tuts_admin:x:1000: sambashare:x:126:tuts
We can also integrate the awk command with the above command if we want a printout of the groups linked to a specific system user.
$ grep tuts /etc/group | awk -F:'
$1
}
'
The expected output is:
adm cdrom sudo dip plugdev lpadmin tuts sambashare
5. Listing Groups Through the “Bash Script”
A simple bash script can also help us achieve a similar objective to the other previously stated system commands. Consider the following usage of a bash script:
$ for user in $(cut -d":" -f1 /etc/passwd); do groups $user; done
You will get a long string of output similar to the following results:
root : root daemon : daemon bin : bin sys : sys sync : nogroup games : games man : man lp : lp mail : mail news : news uucp : uucp proxy : proxy www-data : www-data backup : backup list : list irc : irc gnats : gnats nobody : nogroup systemd-network : systemd-network systemd-resolve : systemd-resolve syslog : syslog adm tty messagebus : messagebus _apt : nogroup uuidd : uuidd avahi-autoipd : avahi-autoipd usbmux : plugdev dnsmasq : nogroup rtkit : rtkit cups-pk-helper : lpadmin speech-dispatcher : audio whoopsie : whoopsie kernoops : nogroup saned : saned scanner pulse : pulse audio avahi : avahi colord : colord hplip : lp geoclue : geoclue gnome-initial-setup : nogroup gdm : gdm tuts_admin : tuts_admin adm cdrom sudo dip plugdev lpadmin sambashare mysql : mysql tuts : tuts sudo systemd-timesync : systemd-timesync tss : tss tcpdump : tcpdump nm-openvpn : nm-openvpn systemd-coredump : systemd-coredump
We can also implement a bash script to work with a specific user(s) or output results linked with a specific user or users.
$ for user in tuts tuts_admin; do groups $user; done
Expect an output like the following:
tuts : tuts sudo tuts_admin : tuts_admin adm cdrom sudo dip plugdev lpadmin sambashare
6. Listing Groups Through the “Compgen Command”
This command belongs to the bash family. It is built-in, implying that you only need to figure out how to use it. It will display all the registered and active groups under a Linux system environment.
Its usage is as follows:
$ compgen -g
Your command-line output should be similar to the following:
root daemon bin sys adm tty disk lp mail news uucp man proxy kmem dialout fax voice cdrom floppy tape sudo audio dip www-data backup operator list irc src gnats shadow utmp video sasl plugdev staff games users nogroup systemd-journal systemd-network systemd-resolve input crontab syslog messagebus netdev mlocate ssl-cert uuidd avahi-autoipd bluetooth rtkit ssh lpadmin whoopsie scanner saned pulse pulse-access avahi colord geoclue gdm tuts_admin sambashare mysql tuts systemd-timesync tss kvm render tcpdump rdma nm-openvpn systemd-coredump root nogroup
7. Listing Groups Through the “Member Command”
The member command will list users associated with a particular group within a Linus system environment. Its usage follows the following syntax.
# members target_system_group
To use the member command, you might have to install it first, for it is not a built-in tool for distros like Ubuntu. You can achieve its successful installation via the following command string:
$ sudo apt install members
Now we can practically implement it as follows:
$ members sudo
The command will output results similar to:
tuts_admin tuts
You can also achieve other exciting outcomes by combining these commands. For example, we can count the total number of active groups currently existing within a Linux system environment via the following command string.
$ getent group | grep -c ""
The output on my end is:
78
Another command string to achieve a similar output is the following:
$ cat /etc/group | grep -c ""
This command outputted:
76
Final Thoughts
Now that you have successfully covered this tutorial article, no one should question your geeky nature when dealing with groups and members under a Linux system environment. You have just increased your Linux knowledge base by a significant mileage. These commands are useful when administering a huge system where a system administrator wants to be acquainted with the active members and groups under a specific network. It helps manage groups and users that are supposed to exist within a system and audit or get rid of those that are not recognized or have breached the setup network system. You now have a dynamic understanding of Linux groups such that it does not only apply to the users of a Linux system but can also be related to system permissions, privileges, apps, and services rendered.
Now that you know and understand how to list groups in Linux, there is more on listing Linux users through this link.
