0

There are two type of group concept in linux :primary vs secondary groups,it is simple to create a new group:

sudo groupadd gname

Now i want to know the new created group gname belongs to which type of group?Is there a way to inter-convert between them?

Create two new group which contain no user

sudo groupadd writers
sudo groupadd editers

Add new user.

sudo useradd -m mywriter -p yourpassword
sudo useradd -m myediter -p yourpassword

Add new user into group.

sudo usermod -a -G writers mywriter  
sudo usermod -g editers myediter

Now we get 4 groups.

cat /etc/group | tail -4 
writers:x:1007:mywriter
editers:x:1008:
mywriter:x:1009:
myediter:x:1010:

Enter into mywriter

$ touch /tmp/mywriter.txt
$ ls -al  /tmp/mywriter.txt
-rw-r--r-- 1 mywriter mywriter 0 Aug 23 21:24 /tmp/mywriter.txt

Enter into myediter

$ touch /tmp/myedier.txt
$ ls -al  /tmp/myediter.txt
-rw-r--r-- 1 myediter editers 0 Aug 23 21:27 /tmp/myediter.txt

For group1----mywriter:

id mywriter
uid=1009(mywriter) gid=1009(mywriter) groups=1009(mywriter),1007(writers)

It is a primary group mywriter since uid=gid=1009.

For group2--myediter

id myediter
uid=1010(myediter) gid=1008(editers) groups=1008(editers)

It is a secondary group?

How to classify group writers and editers ?

showkey
  • 323
  • As the manual says, a group added using the -g option is the initial (or primary) group for the user, while groups added using the -G option are supplementary (or secondary) groups for the user. I think the missing piece here is useradd's default behavior (its configuration depends on the system you are on): unless you tell it not to, it creates a group named after the new user and sets is as the initial (primary) group for that user. Here, you are leaving it unchanged for the mywriter user, while you are replacing it with editers for the myediter user. – fra-san Aug 24 '20 at 08:49
  • How to classify group writers and editers ? – showkey Aug 25 '20 at 23:10

2 Answers2

3

Groups aren't, inherently, primary or secondary. A group is just a group.

What matters is how they are used.

So let's take a typical login session. (I'm gonna simplify this for ease of explanation, but the same logic applies in more complicated cases).

When the login process comes to set up your group memberships the first thing it does is look in the passwd file.

For me, on my machine:

sweh:x:500:500:Stephen Harris:/home/sweh:/bin/ksh

The second number determines the primary group. So my primary group is group id 500.

The next thing it does is look at the group file, and see what entries have my username listed against them:

% grep -w sweh /etc/group
wheel:x:10:sweh
sweh:x:500:
apache:x:48:sweh
news:x:13:news,sweh

So we can see that I've been listed against groups 10, 48 and 13. These are secondary groups.

We can see this with the id command:

% id
uid=500(sweh) gid=500(sweh) groups=500(sweh),10(wheel),13(news),48(apache)

The gid value lists the primary group. The groups value lists all the groups I'm in. Everything that isn't a primary is a secondary.

A different login might have different primary and secondary groups, based on their entry in passwd and group.

So we can see "primary" and "secondary" is based on the context of the user and how that user is defined. It's not based on the group, itself.

Stephen Harris
  • 44,540
2

It's either: whether it is a primary or secondary group depends entirely on how you attach it to a given user-id. Some systems have a usermod program for instance which has an option to specify the group as a secondary group.

Thomas Dickey
  • 76,765