gpasswd

Define group administrators

$ sudo gpasswd [[-A|--administrators]] [user1,user2] [group]

$ sudo gpasswd [[-M|--members]] [user1,user2] [group]

$ gpasswd [group]

$ gpasswd [[-a|--add]] [user] [group]

$ gpasswd [[-d|--delete]] [user] [group]

gpasswd [options] group

-a user group
    Add user to group.

-d user group
    Remove user from group.

-A user,... group
    Set the administrators for group. Only the listed users can add/remove members.

-M user,... group
    Set the member list for group. This replaces the existing member list.

-r group
    Remove the password from group. This disables group passwords.

-R
    Restrict access to the group; members only can modify the group.

-P
    Disable group password by setting it to an impossible value. In order to disable group password support altogether, consider using the -r option, or consider disabling shadow support in your shadow configuration file.

-q
    Quiet mode. Do not print warning messages.

-v
    Verbose mode.

-h
    Display help message and exit.

-V
    Display version information and exit.

The gpasswd command is a utility for managing group membership in Linux and Unix-like operating systems. It allows administrators to add users to groups, remove users from groups, set an administrator for a group, or remove an administrator. gpasswd is particularly useful for managing shared resources and permissions. Users are typically added to groups for simplified file access control. A user can be a member of multiple groups. gpasswd simplifies managing these memberships through the command line. It directly modifies the /etc/group and /etc/gshadow files to effect the changes, if these files are in use by the system.

Direct manipulation of /etc/group and /etc/gshadow can be risky. Using gpasswd is the preferred method for modifying group memberships to ensure consistency and prevent errors.

Ensure that the user executing gpasswd has appropriate privileges (usually root) to modify group memberships. Incorrect usage can lead to security vulnerabilities by granting unintended access to system resources.

Many desktop environments provide graphical user interfaces for managing users and groups, offering a more user-friendly alternative to the command line.
Examples: users-admin

gpasswd is part of the shadow-utils package, which is a suite of utilities for managing user and group accounts. It has been a standard tool on Unix-like systems for many years and is widely used for managing access control and permissions.

groupadd(8), groupdel(8), groupmod(8), groups(1)