Every user who has access to a Linux system needs a login and a password. Each user must belong to a primary group and for security or access purposes can belong to several secondary groups.
The easiest way to manage users and groups is through the graphical application, User Manager (redhat-config-users). The following command line tools can also be used to manage groups:
groupadd mygroup
usermod -a -G groupName userName
where:
groups oracle
oracle : oracle davfs2
The user oracle has two groups: oracle and davfs2
or
id -Gn userName
groups
oracle davfs2
[root@ebs121 /]# /usr/sbin/groupdel oinstall
groupdel: cannot remove user's primary group.
Group information is stored in /etc/group. This file can be directly edited.
Format of the file is:
Each field is separated by a colon.
cat /etc/groups
root:x:0:root
bin:x:1:root,bin,daemon
daemon:x:2:root,bin,daemon
sys:x:3:root,bin,adm
adm:x:4:root,adm,daemon
tty:x:5:
disk:x:6:root
lp:x:7:daemon,lp
............
gerardnico:x:500:
oinstall:x:501:
dba:x:502:applvis,oravis
Red Hat Linux uses a user private group (UPG) scheme, which makes UNIX groups easier to manage.
A UPG is created whenever a new user is added to the system. A UPG has the same name as the user for which it was created and that user is the only member of the UPG.
UPGs makes it is safe to set default permissions for a newly created file or directory which allow both the user and that user's group to make modifications to the file or directory.
The setting which determines what permissions are applied to a newly created file or directory is called a umask and is configured in the /etc/bashrc file. Traditionally, on UNIX systems the umask is set to 022, which allows only the user who created the file or directory to make modifications. Under this scheme, all other users, including members of the creator's group are not allowed to make any modifications. However, under the UPG scheme, this “group protection” is not necessary since every user has their own private group.