In Linux, user management is an essential task & one important aspect of this task is managing user groups. User groups help to organize users with similar access privileges, making it easier to manage permissions & access to files. To remove a user from a group in Linux, use deluser USERNAME GROUPNAME
or userdel -G GROUPNAME USERNAME
.
In this article, you will learn about Linux groups & how to remove a user from a group with different methods along with practical examples.
Process flow chart to remove a user from group in Linux:
[Distro Used Throughout the Tutorial: Ubuntu 22.04.1 LTS]
What is Group in Linux?
In Linux, a group is a collection of users who share common permissions and access rights to files, directories & other resources on the system. It is a vital part of the OS & a powerful way to manage file access in the system. Furthermore, having groups helps you to set permissions for the group level rather than setting them individually for each user.
You can easily view which groups a user belongs to on your system by using a simple command:
groups
The output image shows the “groups” list that the currently logged-in user is a member of. You can also view the list of groups that the other users are members of by the following command:
groups tom
Check out the following command output image:
The command output shows a group list where user ‘tom’ is a member.
Types of Groups in Linux
The following are the types of groups generally found on Linux:
A. Primary Group
- By default, when a user is created it is assigned to a group of the same name as the username that is the primary group.
- The primary group is important as it determines the ownership of files & directories that the user creates.
- A user can only be a member of one primary group at a time. Moreover, this primary group membership is defined in the /etc/passwd.
Check out the following output image: Here, the cat command is showing the user tom’s /etc/passwd file, where you can tom’s user ID (1005) & primary group ID (1006).
B. Supplementary Group
- A user can also be a member of one or more supplementary groups, in addition to their primary group.
- These groups’ membership isn’t defined in the /etc/passwd file rather you can find them in the /etc/groups file with other groups.
- Moreover, they are used to grant additional permissions or access to specific resources to a user.
C. Special Group
- Special groups are predefined groups that have specific functions and permissions beyond regular user groups.
- Some special groups are “wheel”, which grants users administrative privileges, and “nobody”, to run processes with restricted permissions.
4 Methods to Remove User from Group
In Linux, you can easily & quickly remove any user from any supplementary groups using the Command Line Interface (CLI). Since several commands can be used to remove a user from a group, I will discuss them in different methods in the following sections. Moreover, I will also explain how you can edit the /etc/group file to remove a user from a group.
Anyway, you can read the Comparision of Methods section to distinguish between these methods and best pick one for your need.
1. Remove a User from Group Using “gpasswd” Command
To remove a user from a group, the first command I will use is the gpasswd
command. It is a simple command tool, just type the command followed by the --delete
or -d
option & then the user name (to be removed) & group name (to remove from). Follow the below steps to see practically:
- Type the following command on your terminal & press ENTER to view the groups list user tom is assigned to:
groups tom
The command output shows all groups i.e. tom, sudo, read, and logs where user ‘tom’ is a member.EXPLANATION- groups: Lists groups that a user belongs to.
- tom: User name.
- Next, remove the user from the ‘read’ group by typing the below command (the command syntax is,
sudo gpasswd option user_name group_name
):sudo gpasswd -d tom read
- EXPLANATION
- sudo: Permits administrative privileges.
- gpasswd: Used to manage groups & passwords.
- –delete or -d: Command option to delete the specified argument.
- tom: User name.
- read: Group name.
- At this point, type the currently logged-in user password & press ENTER. Upon execution, the command removes the user ‘tom’ from the group ‘read’.
- Afterward, check if you have successfully removed the user from the group by typing the groups command again:
groups tom
Check the command output, in the tom user’s group list the ‘read’ group is no longer included.
2. Remove a User From Group Using “deluser” Command in Linux
To remove a user from a group in Linux, you can use the deluser command. Just type the command followed by the user name (to be removed) & group name (to remove from). For that, use the command syntax, sudo deluser user_name group_name
.
To remove the user tom from the logs group, type the following command:
sudo deluser tom logs
- deluser: Removes a user or group from the system.
- tom: User name.
- logs: Group name.
- How to Delete User Account In Ubuntu? [2 Methods]
- Delete a User from an Ubuntu Server in Just 3 Steps
3. Remove a User from Group Using “usermod” Command in Linux
To remove a user from a group in Linux, let’s use the usermod command. However, this command is not as simple to use as the gpasswd & deluser command. To remove the user using this command, you have to learn the names of all groups it is a member of. Then you have to specify them (excluding the ones you want to remove the user from) as parameters (separated by a comma & no spaces between them) with the command.
Thus, if the user is currently a member of a group that is not listed with the command, the user will be removed from the group. Follow the below steps with command syntax to see how it works practically:
- Type the following command & press ENTER to view the groups list user tom is assigned to:
groups tom
EXPLANATION- groups: Lists groups that a user belongs to.
- tom: User name.
- Next, type the following command (command syntax is,
sudo usermod option group_names user_name
) with group names excluding the one (in this case logs) you want to remove the user tom from:sudo usermod -G tom,sudo,read tom
EXPLANATION- usermod: Modifies assigned attributes to the user.
- -G: Option to specify that the modification is related to the user’s group membership.
- tom,sudo,read: Group names.
- tom: User name.
- Afterward, check if you have successfully removed the user from the group by typing the groups command again:
groups tom
First, from the groups command output you can see the user tom is a member of groups tom, sudo, read & logs. Next, execute the usermod command with group names (tom, sudo, read) excluding the group (logs) you want to remove the user from. Afterward, check the list again using the groups command. And you can see user tom is no longer a member of the ‘logs’ group.
4. Remove a User from Group By Editing “/etc/group” File in Linux
To remove a user from a group, you can edit the /etc/group file in Linux. Each group has a unique ID listed in the /etc/group file followed by the group name and members. You can open the file in any editor & just manually remove the user from any group. Proceed according to the following steps to check out how to do it:
- Open the /etc/group file in the nano editor:
sudo nano /etc/group
EXPLANATION- nano: Text editor for Unix-like.
- /etc/group: File that contains info about groups on the system.
- Next, press the ENTER key & the nano editor will pop up. The first groups listed in this file are system groups since the distributor maintainers preconfigure them for system activities. And, if you scroll down to the bottom, you will find all the users’ primary & supplementary group info, just like in the following image.
- Afterward, remove the user from the group. I removed the user ‘tom’ from the ‘read’ & ‘logs’ groups.
- After that, save the changes (CTRL+S) & exit (CTRL+X) the nano editor.
- At this point, check if you have successfully removed the user from the group by typing the groups command:
groups tom
From the output image, you can see the user ‘tom’ is no longer a member of the ‘read’ & ‘logs’ groups.
Comparison of Methods to Remove User from Group
Since this article introduces multiple methods for a single task, you might get confused about which one to pick. Therefore, in this section, I am presenting a comparative analysis of the methods for your convenience. You can learn the advantages and disadvantages of the available methods and choose which is the best for you.
Methods | Pros | Cons |
---|---|---|
Method 01 | Simple & straightforward that only requires group name & user name as parameters with the option –delete. | The command requires sudo privileges to execute. |
Method 02 | Easy-to-use command, that removes the user from the specified group. | The command requires sudo privileges to execute. |
Method 03 | Provides the ability to modify secondary groups for the user. | Users who are only members of a single group can not be removed using this command. |
Method 04 | Provides fine-grained control over the group membership of users. | Time-consuming & any mistakes while editing can result in system issues. |
Each & every method has its pros & cons. You can choose any one of them depending on your expertise in that particular command. Anyway, if I had to then I would suggest using method 2, where I used the deluser command. Cause it is the simplest method among them all.
How to Add a User to Group in Linux
To add users to a group in Linux, you can use the gpasswd or usermod command. Here, I will show how to add a user to groups using both of them. Follow the below steps to check practically:
- Type the following command into the command prompt to use
gpasswd
to add the user ‘tom’ to the group ‘logs’:sudo gpasswd --add tom logs
Upon execution, the gpasswd command is adding the user ‘tom’ to the ‘logs’ group.EXPLANATION- –add: Command option to add.
- tom: User name.
- logs: Name of the group.
- Afterward, type the following command into the command prompt to use the usermod command to add the user ‘tom’ to the existing groups ‘logs’ & ‘read’:
sudo usermod -aG logs,read tom
EXPLANATION- -aG: This option of the usermod command adds the user to an additional group.
- logs,read: Group names.
- tom: User name.
- At this point, check if you have successfully added the user to the groups by typing the groups command:
groups tom
After the execution, the usermod command adds the user ‘tom’ to the existing ‘logs’ & ‘read’ groups. Since the command shows no output messages, verify the addition with the groups command.
How to Change the Primary Group of User in Linux
To change the primary group of users in Linux, you can use the usermod command. But you can not delete the primary group or remove the user from that group without deleting the user first. However, you can change the GID or name of the primary group using the usermod command. Follow the following steps to learn how to do that:
- Type the following command in the command prompt to view user “tom’s” primary group ID:
id tom
EXPLANATION- id: Finds the identity of the specified USER.
- tom: User name.
- Press ENTER & type the next command as written followed to change the primary group’s name:
sudo usermod -g new_tom tom
EXPLANATION- -g: This option specifies that the modification is related to the user’s primary group.
- new_tom: New User name.
- tom: User name.
- Then press ENTER & see the changes by executing the id command again:
id tom
After executing the command, you can see the new name of the primary group (new_tom) with the id command. Thus, the command has successfully changed the primary group’s name (the previous name was ‘tom’).
- Remove User from a Group Using “gpasswd” Command in 3 Steps
- How to Delete User and All Files in Ubuntu [3 Methods]
How to Change Supplementary Group ID & Name in Ubuntu
You can easily change any supplementary group name or group ID using the groupmod command. For that, use the command options --new_name
& --gid
respectively. The full command syntax is sudo groupmod [options] New_Group_Name Old_Group_Name
. Follow the following steps for that practical approach:
- Type the following command to change the group name:
sudo groupmod -n write read
EXPLANATION- groupmod: Used to modify group information such as name, and ID.
- -n or –new_name: Option that specifies the modification is related to the group name.
- write: New group name.
- read: Old group name.
- Press Enter & type the following command to verify the changes:
getent group write
EXPLANATION- getent: Looks into the administrative database that is given as its argument.
- group: Lists groups that a user belongs to.
- write: Group name.
- Tap ENTER & type the below command (the command syntax is,
sudo groupmod [options] New_Group_ID Group_Name
) to change the group’s ID (GID):sudo groupmod -g 1011 write
EXPLANATION- -g: Option to change group ID to specified GID.
- 1011: New GID.
- write: Group name.
- Then, press ENTER & execute the following command to verify the changes again:
getent group write
The first command changed the group name from “read” to “write”. Since I can find the ‘write’ group’s info from the database, it’s verified that the name change was successful. Next, the command changes GID, and as you can see the last command output in the image shows the new GID (1011).
How to Delete a Group in Linux
To delete a group in Linux, you can use the groupdel command. Here, I will remove the group named “read”. To do so follow the below process:
- Then, type the following command into the command prompt to search for a group you want to delete:
getent group read
EXPLANATION- getent: Looks into the administrative database that is given as its argument.
- group: Lists groups that a user belongs to.
- read: Group name.
- Afterward, type the following command to delete the group, here I will delete the ‘read’ group:
sudo groupdel read
EXPLANATION- groupdel: Deletes a group.
- read: Name of the group.
In the above image, you can see that I have successfully deleted the group named ‘read’.
Common Challenges to Remove User from a Group in Linux
While trying to remove a user from any group, some common challenges may arise. This results in some errors in the output & you are unable to remove the user from the specified groups. Even though these errors are minor, they could be troublemakers. Check out the following two cases that may take place:
A. Linux Group Does Not Exist in /etc/group
A common mistake that may happen while trying to remove a user from a group is that the group may not exist. Moreover, you can also make typing errors while mentioning the group name. The image is showing the case, when you try to add a user to a group that does not exist. As a solution, try to view the groups list a user is a member of before removing it from any of them. For that, use the groups command with username to check the user’s groups list.
B. The User Is Not a Member of the Group in Linux
Another issue that can arise is that you are trying to remove a user from a group, but the user is not even a member of the group. See the image, where I tried to remove the user ‘munny’ from the ‘logs’ group & the output is showing that the user is not even a member of the group.
As a solution, use the groups command in this case too. Since, the command with the user name as an argument displays the list of groups to which that user belongs to. Therefore, use the group command to avoid unnecessary dilemmas.
Conclusion
In conclusion, in Linux, removing a user from a group is a simple yet important process that can be accomplished using different ways. Throughout the article, I explained each way with practical examples of how to remove a user from the group in Linux. Moreover, you can find some additional information about Linux groups in the complementary information section. Hope, this writing helps you in understanding & managing Linux groups.
People Also Ask
How can I remove user from group in Linux?
To remove a user from a group in Linux, you can use the gpasswd
command with the option --delete
or -d
followed by the user name you want to remove & then the group name you want to remove the user from.
How to remove user from group command?
In Linux, you can use the deluser
command to remove a user from a group. Hence, use the command syntax: sudo deluser User_Name Group_Name
.
How to remove user ID and group in Linux?
If you have sudo privileges, you can remove a user ID and all associated files, including the home directory using the userdel
command. Hence, use the command & give the username you want to remove as an argument of the command. Moreover, you can remove the user’s primary group also using the command option -r
.
How do I remove a user from a group in Ubuntu?
In Ubuntu, you can use either the gpasswd
or the deluser
command to remove a user from a group. For the gpasswd command syntax use the option --delete
in addition to the user & group name whereas for the userdel command, write only the user & group name after the command.
How to use userdel command in Linux?
The userdel
command in Linux is used to delete a user account and related files from the system. You can use the command with appropriate options to delete a user ID, its home directory, and the user’s SELinux security context. Moreover, it can be used to remove a user from a group on your system.
How to delete a user?
To delete a user you have to be a root user or have sudo privileges. And, having administrative privileges, you can use the deluser
command to delete a user. Therefore, use the command syntax: sudo deluser options user_name
.
What is groupmod command in Linux?
The groupmod
command stands for group modification. And, as the name suggests, the command is used for modifying existing groups. For instance, you can change the group ID & name using the command.
How to find out user group in the Linux command?
To find out which groups a user belongs to in Linux, you can use the groups
command followed by the username. Here’s the syntax: groups User_Name
.
Related Articles
- 3 Ways to Delete the User Password in Ubuntu
- How to Delete MySQL User in Ubuntu? [2 Cases]
- Delete Multiple Users in Linux? [2 Steps]
FUNDAMENTALS A Complete Guide for Beginners