Skip to content

User Groups#

I've logged out of the system as superman and logged back into michael (who still has sudo privileges.) Let's look at the groups that michael has been added to: groups

1
2
michael@develop:~$ groups
michael adm cdrom sudo dip plugdev lxd

Some interesting entries, but the one we're interestes in is sudo. We saw that in the sudoers file as %sudo. The group has all permissions, just like we gave to superman directly. So let's learn how-to modify an existing user and change the groups they have assigned to them.

Here's the groups superman has: sudo groups superman

1
2
michael@develop:~$ sudo groups superman
superman : superman

Let's update those groups, placing superman in the sudo group: sudo usermod -a -G sudo superman

1
2
3
michael@develop:~$ sudo usermod -a -G sudo superman
michael@develop:~$ sudo groups superman
superman : superman sudo

Now let's log back into the superman user and see if we can re-create the spiderman user we deleted earlier:

1
2
3
4
5
6
7
8
9
superman@develop:~$ sudo adduser spiderman -gecos "Spiderman,,,,"
[sudo] password for superman:
Adding user `spiderman' ...
Adding new group `spiderman' (1002) ...
Adding new user `spiderman' (1002) with group `spiderman' ...
The home directory `/home/spiderman' already exists.  Not copying from `/etc/skel'.
New password:
Retype new password:
passwd: password updated successfully

And it looks like I can use sudo visudo too:

1
2
superman@develop:~$ sudo visudo
visudo: /etc/sudoers.tmp unchanged

Note

The message visudo: /etc/sudoers.tmp unchanged means I simply did Ctrl+X and exited visudo without making changes.

So the usermod command is used, as the name somewhat implies, to modify a user on the system. In the case above, we've modified a user's groups.