gpasswd

Define group administrators

$ sudo gpasswd -A [user1,user2] [group]

$ sudo gpasswd -M [user1,user2] [group]

$ gpasswd [group]

$ gpasswd -a [user] [group]

$ gpasswd -d [user] [group]

gpasswd [option] group

gpasswd administers /etc/group and /etc/gshadow files. It's used to add and remove users from groups, set group administrators, and manage group passwords.
Group administrators (set with -A) can add or remove members without root privileges. This delegates group management to trusted users.
Group passwords (rarely used) allow non-members to temporarily join a group using the newgrp command with the password. This is generally considered less secure than proper group membership.

-a, --add USER

Add user to the group

Remove user from the group

Set list of group administrators

Set list of group members (replaces existing)

Remove group password

Restrict access to group (only members can use newgrp)

The -M option replaces all group members, not appends. Use -a and -d for incremental changes. Group password usage is discouraged in favor of proper membership management. Changes take effect on next login.

gpasswd is part of the shadow-utils package, which provides the shadow password suite for Unix systems. The shadow system was developed in the 1980s to improve password security by moving password hashes from the world-readable /etc/passwd to the restricted /etc/shadow file.

groupadd(8), groupmod(8), usermod(8), newgrp(1)