5 Ways to list all groups a user is a member of

Before delving into the 5 ways, let’s first understand some basics:

Adding a user to an existing group is one of the typical tasks of a Linux administrator.

A group is a collection of users. The main purpose of the group is to define a set of privileges to their members within the group.

It can be a difficult task if you want to assign a set of privileges to multiple users without a group. This is where the group comes in handy.

All system users are listed in the /etc/passwd file, the groups are listed in the /etc/group file, and the actual password is stored in the /etc/shadow file.

No matter what command we use, it will fetch information from these files.

There are two types of groups in Linux:

  • Primary Group
  • Secondary Group

What is primary group?

The primary group is the main group associated with the user account. Each user must be a member of a single primary group.

What is secondary group?

The secondary or supplementary group is used to grant additional rights to the user. Each user can become a member of multiple secondary groups.

What is /etc/passwd file

“/etc/passwd” is a text file containing every user information that is required to login to the Linux system. It maintains useful information about users such as username, password, user ID, group ID, user information, home directory and shell.

Each user profile in the password file is a single line with seven fields as shown below:

$ grep "daygeek" /etc/passwd

daygeek:x:1000:1000:daygeek,,,:/home/daygeek:/bin/bash

What is /etc/group file

“/etc/group” is a text file that defines which groups a user belongs to. We can add multiple users in the same group.

Linux has three permission levels which define how users can access it. These levels are user, group and others, which controls a users access to other users’ files and folders.

/etc/group file maintains useful information about the group such as group name, group password, group ID (GIT) and membership list. Each group details is shown in a single line with four fields as shown in the ‘method #5’ listed below.

The following seven commands will help you find out which groups a user belongs to in Linux.

  • groups:Show All Members of a Group.
  • id:Print user and group information for the specified username.
  • lid or libuser-lid:It display user’s groups or group’s users.
  • getent:get entries from Name Service Switch libraries.
  • compgen:compgen is bash built-in command and it will show all available commands for the user.
  • members:List members of a group.
  • /etc/group file Also, we can grep the corresponding user’s groups from the /etc/group file.

Now let’s delve into the 5 methods which can be used to find the list of groups a user is part of in Linux:

Method-1: Using groups command

The ‘groups’ command is widely used by Linux admin to list all groups a user is a member of. It prints the information of the given user’s primary and supplementary groups as shown below:

$ groups daygeek

daygeek : daygeek adm cdrom sudo dip plugdev lpadmin sambashare

Run ‘groups’ command without any arguments to display the list of groups associated with the current user as shown below:

$ groups

daygeek adm cdrom sudo dip plugdev lpadmin sambashare

Method-2: Using id command

The id command stands for identity. It prints real and effective user, group, and supplementary group information such as username, UID, group names and GUID as shown below:

$ id daygeek

uid=1000(daygeek) gid=1000(daygeek) groups=1000(daygeek),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),118(lpadmin),128(sambashare)

Just run the ‘id’ command to view group information about the current user as shown below:

$ id

uid=1000(daygeek) gid=1000(daygeek) groups=1000(daygeek),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),118(lpadmin),128(sambashare)

Method-3: Using lid command

The lid or libuser-lid command displays information about groups containing user name, which requires sudo privileges.

You should run the libuser-lid command instead of the lid on newer systems.

$ sudo libuser-lid daygeek

 adm(gid=4)
 cdrom(gid=24)
 sudo(gid=27)
 dip(gid=30)
 plugdev(gid=46)
 lpadmin(gid=116)
 daygeek(gid=1000)
 sambashare(gid=126)

Method-4: Using the getent command

The getent command displays entries from databases supported by the Name Service Switch libraries, which are configured in ‘/etc/nsswitch.conf’:

$ getent group | grep daygeek

adm:x:4:syslog,daygeek
cdrom:x:24:daygeek
sudo:x:27:daygeek,2gadmin
dip:x:30:daygeek
plugdev:x:46:daygeek
lpadmin:x:116:daygeek
daygeek:x:1000:
sambashare:x:126:daygeek

The above command shows the group name and all other members associated with that group. Use the below customized command format to print only groups for a given user:

$ getent group | grep daygeek | awk -F: '{print $1}'

adm
cdrom
sudo
dip
plugdev
lpadmin
daygeek
sambashare

Run the below command to print only the primary group information of the user:

$ getent group daygeek

daygeek:x:1000:

Method-5: Using the ‘/etc/group’ file

User groups information can be filtered from the ‘/etc/group’ file using grep command as shown below:

$ grep daygeek /etc/group

adm:x:4:syslog,daygeek
cdrom:x:24:daygeek
sudo:x:27:daygeek,2gadmin
dip:x:30:daygeek
plugdev:x:46:daygeek
lpadmin:x:116:daygeek
daygeek:x:1000:
sambashare:x:126:daygeek

Use the below customized command format to print only groups for a given user:

$ grep daygeek /etc/group | awk -F: '{print $1}'

adm
cdrom
sudo
dip
plugdev
lpadmin
daygeek
sambashare

Bonus Tip-1: Find out all groups using compgen command

Compgen is a bash built-in command that displays all groups in the Linux system:

$ compgen -g

root
daemon
bin
sys
adm
.
.
daygeek
thanu
renu
sudha
admin
u1
u2

Bonus Tip-2: Listing members of a group using member command

The member command allows you to list members of a group in Linux:

$ members sudo

daygeek 2gadmin

About Prakash Subramanian

Prakash Subramanian is a Linux lover and has 3.5+ years of experience in linux server administration with major Linux distribution such as (RHEL, CentOS, Ubuntu). He is currently working as a Senior L2 Linux Server administrator.

View all posts by Prakash Subramanian

Leave a Reply

Your email address will not be published. Required fields are marked *