In the Linux ecosystem, the collection of users is called a ‘Group’. When a user is added to a group, we are defining the permissions of a Linux user. Groups also define what files, settings, and folders the user should have access to.

In the simplest terms, groups help you to find out and set the privileges like read (r), write (w) and execute (x) over a resource shared among the users. You can also alter these permissions as and when required.

Finding out groups to which a user account belongs will help you learn about the permissions a particular user has and also change the permissions whenever required.

This short tutorial will help you find out the groups to which a user belongs using some pretty simple commands and techniques.


Important Pre-requisites

Before going deep into the tutorial, it would be helpful if you have a basic overview of some of the concepts. I’d recommend the beginners to go through these concepts first.

Group: A collection of users on the Linux system. A single user can be a member of more than one group. A group defines what permissions a user has.

Primary Group: The primary group is the main group associated with the user account. Each user must be a member of a single primary group. It is created at the same time the user account is created and the user is automatically added to this group. Usually, the name of the primary group is the same as the name of the user.

Secondary Group:Secondary group is optional and a user may or may not have a secondary group. It is used to grant some additional rights to the user. The user can be a member of multiple secondary groups.

/etc/group file: In Linux, the group membership is controlled by the /etc/group file. It’s a simple text file containing a list of groups and the users belonging to each group.

/etc/passwd file: This file contains information for all the user accounts on the system. There is an entry of one user account per line represented in this file.


Using the groups command

Using the groups command is a super simple process to list the groups which the current user belongs to. You can also use this command to list the groups of a specific user registered with the system.

Syntax:

groups

Output:

gaurav@ubuntu:~$ groups
gaurav adm cdrom sudo dip plugdev lpadmin sambashare
gaurav@ubuntu:~$

Finding a group of a particular user.

Syntax:

groups [username]

Example:

gaurav@ubuntu:~$ groups tomcat
tomcat : tomcat lpadmin sambashare
gaurav@ubuntu:~$ 

In this example, I’ve listed the groups to which the user named tomcat belongs.


Using the id command

Using the id command displays the group information of the user. It shows parameters like uid (user id), gid (group id) and the list of groups to which the user belongs to.

Syntax:

id [username]

Example:

gaurav@ubuntu:~$ id tomcat
uid=1002(tomcat) gid=1002(tomcat) groups=1002(tomcat),113(lpadmin),128(sambashare)
gaurav@ubuntu:~$

id command when used without an argument returns the group information about the current user.

Example:

gaurav@ubuntu:~$ id
uid=1000(gaurav) gid=1000(gaurav) groups=1000(gaurav),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),113(lpadmin),128(sambashare)
gaurav@ubuntu:~$

Here, the group information of the current user is displayed.


Using the /etc/group file

As discussed in the pre-requisite block, we know that /etc/group file contains all the information of the groups available on the system. We can use this file to view the list of the groups using a simple command as follows.

You can use cat, less or grep command to list open the contents of this file.

less /etc/group

Output:

root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:syslog,gaurav
tty:x:5:
disk:x:6:
lp:x:7:
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:
fax:x:21:
voice:x:22:
cdrom:x:24:gaurav
floppy:x:25:
tape:x:26:
sudo:x:27:gaurav
audio:x:29:pulse
dip:x:30:gaurav,batman
www-data:x:33:

This will list the entire groups on the Linux system.


Listing all Groups using getent command

getent command can be used to display a list of all the available groups on your Linux system. The output is similar to that of the content of /etc/group file.

Using getent group command displays the entries from databases configured in /etc/nsswitch.conf file.

Syntax:

getent group

Example:

gaurav@ubuntu:~$ getent group
root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:syslog,gaurav
tty:x:5:
disk:x:6:
lp:x:7:
mse
dip:x:30:gaurav,batman
:x:39:
stmp:x:43:
video:x:44:
sasl:x:45:
plugdev:x:46:gaurav
staff:x:50:
games:x:60:
users:x:100:
106:
crontab:x:107:
vahi:x:120:
bluetooth:x:121:
scanner:x:122:saned
colord:x:123:
pulse:x:124:
pulse-access:x:125:
rtkit:x:126:
saned:x:127:
trinity:x:1000:
sambashare:x:128:gaurav
mongodb:x:130:mongodb
guest-tqrhc7:x:999:
guest-piinii:x:998:
scala:x:997:
sbt:x:996:
guest-oi9xaf:x:995:
tomcat:x:1001:
tomcat7:x:132:
tomcat8:x:133:
geoclue:x:105:
gdm:x:134:
mysql:x:129:
couchdb:x:131:
temporary:x:1002:

For finding the group of a particular user, use the following command.

getent group | grep [username]

Example:

gaurav@ubuntu:~$ getent group | grep gaurav
adm:x:4:syslog,gaurav
cdrom:x:24:gaurav
sudo:x:27:gaurav
dip:x:30:gaurav,batman
plugdev:x:46:gaurav
lpadmin:x:113:gaurav
gaurav:x:1000:
sambashare:x:128:gaurav
gaurav@ubuntu:~$ 

All the groups associated with the user gaurav are now listed on the terminal.


Using libuser-lid command

libuser-lid command displays information about groups containing user name, or users contained in group name.

NOTE:This command requires sudo privileges. Else you will encounter an error as follows-

No user name specified,
Error initializing libuser: not executing with superuser privileges

In case if libuser-lid utility is not available on your distros, you can use the following command to install it.

For Ubuntu and Debian users:

sudo apt-get update
sudo apt-get install libuser

For CentOS, Fedora and other distros:

sudo yum install libuser

Syntax:

sudo libuser-lid [username]

Example:

gaurav@ubuntu:~$ sudo libuser-lid gaurav

Output:

adm(gid=4)
cdrom(gid=24)
sudo(gid=27)
dip(gid=30)
plugdev(gid=46)
lpadmin(gid=113)
trinity(gid=1000)
sambashare(gid=128)

Here, all the groups are listed which are associated with the entered username.


Conclusion

In this super simple tutorial, we have now learnt to display the groups available on the Linux systems. The commands explained in this tutorial can be applied on all the Linux distributions in the same way.