LinuxCommandLibrary

gpasswd

Manage users within a Linux group

TLDR

Define group administrators

$ sudo gpasswd [[-A|--administrators]] [user1,user2] [group]
copy

Set the list of group members
$ sudo gpasswd [[-M|--members]] [user1,user2] [group]
copy

Create a password for the named group
$ gpasswd [group]
copy

Add a user to the named group
$ gpasswd [[-a|--add]] [user] [group]
copy

Remove a user from the named group
$ gpasswd [[-d|--delete]] [user] [group]
copy

SYNOPSIS

gpasswd [options] [group]
gpasswd -r|-R group
gpasswd [-a|-d user] group
gpasswd [-A|-D user1,user2...] group

PARAMETERS

-a, --add USER
    Add USER to members of GROUP (user must exist).

-A, --members USER1,...
    Replace GROUP members with listed users (from args or stdin).

-d, --delete USER
    Remove USER from GROUP (no effect if logged in).

-D, --delete-members USER1,...
    Delete listed users from GROUP members.

-r, --remove-password
    Remove password from GROUP, disabling it.

-R, --restrict
    Restrict GROUP to members only; disable password if set.

--help
    Display usage summary and exit.

--version
    Output version information and exit.

DESCRIPTION

gpasswd is a Linux utility for administering the /etc/group file and shadow group passwords in /etc/gshadow. It enables adding/removing users from groups, setting/removing group passwords, and restricting access.

Without options, it prompts to set a password for the specified group or current user's primary group. Operations like adding/deleting members require root privileges or membership in the group's administrator group (e.g., groupadmin for group). The tool supports bulk operations via comma-separated lists or stdin.

Group passwords allow non-members to access the group temporarily via newgrp(1) or sg(1). Passwords can be removed or access restricted to members only.

Essential for multi-user systems, it ensures secure group management without exposing shadow data. Part of shadow-utils package.

CAVEATS

Requires root or group admin privileges. Active sessions unaffected by deletions. Group admin group auto-created as GROUPadmin if needed.

GROUP ADMINISTRATORS

Admins belong to GROUPadmin; root bypasses. Enables delegated control without full sudo.

PASSWORD USAGE

Set via no-args run; used by newgrp for temp membership. Stored hashed in /etc/gshadow.

HISTORY

Developed in shadow password suite by Julianne Frances Haugh (1991-1992); evolved in shadow-utils for secure group mgmt replacing insecure /etc/group passwords.

SEE ALSO

groupadd(8), groupdel(8), groupmod(8), groupmems(8), newgrp(1), sg(1), passwd(1)

Copied to clipboard