groupmod - Man Page
modify a group definition on the system
Examples (TL;DR)
- Change the group name:
sudo groupmod --new-name new_group group_name
- Change the group ID:
sudo groupmod --gid new_id group_name
Synopsis
groupmod [options] GROUP
Description
The groupmod command modifies the definition of the specified GROUP by modifying the appropriate entry in the group database.
Options
The options which apply to the groupmod command are:
- -a, --append GID
If group members are specified with -U, append them to the existing member list, rather than replacing it.
- -g, --gid GID
The group ID of the given GROUP will be changed to GID.
The value of GID must be a non-negative decimal integer. This value must be unique, unless the -o option is used.
Users who use the group as primary group will be updated to keep the group as their primary group.
Any files that have the old group ID and must continue to belong to GROUP, must have their group ID changed manually.
No checks will be performed with regard to the GID_MIN, GID_MAX, SYS_GID_MIN, or SYS_GID_MAX from /etc/login.defs.
- -h, --help
Display help message and exit.
- -n, --new-name NEW_GROUP
The name of the group will be changed from GROUP to NEW_GROUP name.
- -o, --non-unique
When used with the -g option, allow to change the group GID to a non-unique value.
- -p, --password PASSWORD
The encrypted password, as returned by crypt(3).
Note: This option is not recommended because the password (or encrypted password) will be visible by users listing the processes.
You should make sure the password respects the system's password policy.
- -R, --root CHROOT_DIR
Apply changes in the CHROOT_DIR directory and use the configuration files from the CHROOT_DIR directory. Only absolute paths are supported.
- -P, --prefix PREFIX_DIR
Apply changes in the PREFIX_DIR directory and use the configuration files from the PREFIX_DIR directory. This option does not chroot and is intended for preparing a cross-compilation target. Some limitations: NIS and LDAP users/groups are not verified. PAM authentication is using the host files. No SELINUX support.
- -U, --users
A list of usernames to add as members of the group.
The default behavior (if the -g, -N, and -U options are not specified) is defined by the USERGROUPS_ENAB variable in /etc/login.defs.
Configuration
The following configuration variables in /etc/login.defs change the behavior of this tool:
- MAX_MEMBERS_PER_GROUP (number)
Maximum members per group entry. When the maximum is reached, a new group entry (line) is started in /etc/group (with the same name, same password, and same GID).
The default value is 0, meaning that there are no limits in the number of members in a group.
This feature (split group) permits to limit the length of lines in the group file. This is useful to make sure that lines for NIS groups are not larger than 1024 characters.
If you need to enforce such limit, you can use 25.
Note: split groups may not be supported by all tools (even in the Shadow toolsuite). You should not use this variable unless you really need it.
Files
- /etc/group
Group account information.
- /etc/gshadow
Secure group account information.
- /etc/login.defs
Shadow password suite configuration.
- /etc/passwd
User account information.
Exit Values
The groupmod command exits with the following values:
- 0
E_SUCCESS: success
- 2
E_USAGE: invalid command syntax
- 3
E_BAD_ARG: invalid argument to option
- 4
E_GID_IN_USE: group id already in use
- 6
E_NOTFOUND: specified group doesn't exist
- 9
E_NAME_IN_USE: group name already in use
- 10
E_GRP_UPDATE: can't update group file
- 11
E_CLEANUP_SERVICE: can't setup cleanup service
- 12
E_PAM_USERNAME: can't determine your username for use with pam
- 13
E_PAM_ERROR: pam returned an error, see syslog facility id groupmod for the PAM error message
See Also
chfn(1), chsh(1), passwd(1), gpasswd(8), groupadd(8), groupdel(8), login.defs(5), useradd(8), userdel(8), usermod(8).
Referenced By
cdist-type__group(7), gpasswd(1), groupadd(8), groupdel(8), grpck(8), salt(7), useradd(8), userdel(8), usermod(8).