Remove a secondary group from user (Linux)


 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers Remove a secondary group from user (Linux)
# 1  
Old 07-30-2015
Remove a secondary group from user (Linux)

Oracle Linux 6.6

grid user's secondary groups are asmadmin,asmdba,asmoper and dba

Code:
# id -a grid
uid=638(grid) gid=2000(oinstall) groups=2000(oinstall),2100(asmadmin),2200(dba),2300(asmdba),2301(asmoper)

I want to remove dba as the secondary group for grid and keep the remaining ones.
ie. I want grid user to be part of just asmadmin,asmdba and asmoper secondary groups. What is the quickest way to do this ?
# 2  
Old 07-30-2015
Hello John,

Step # 1: Find out user group identity
Use id command:
Code:
id -nG {user-name}
id -nG tom

Output:
Code:
 sales printer

Step # 2: Remove user from printer group
Use the following syntax:
Code:
 usermod -G {groupname1,groupname2,...} {username}

To keep membership for sales only group (remove user tom from printer group), enter:
Code:
usermod -G sales tom
id -nG tom

Output:
Code:
 sales

Hope this helps. But please try this in a NON-PROD environment first.

Thanks,
R. Singh
This User Gave Thanks to RavinderSingh13 For This Post:
# 3  
Old 07-30-2015
Thanks Ravinder,
Using -a option in usermod, you can easily add the user to another group.In my below example, I added john to asmoper group using -a option as shown below

Code:
# useradd -u 28 -g oinstall -G asmadmin,asmdba john
#
# id -a john
uid=28(john) gid=2000(oinstall) groups=2000(oinstall),2100(asmadmin),2300(asmdba)
#
#
#
# usermod -a -G asmoper john
#
# id -a john
uid=28(john) gid=2000(oinstall) groups=2000(oinstall),2100(asmadmin),2300(asmdba),2301(asmoper)

I was hoping for a similair short command to remove just one group from a user. Using your method,I need to list all the groups I want to keep. It could be confusing if the user belongs to several groups

For eg: If I want to remove secondary group asmadmin from john user, I need to list asmoper,asmdba groups which I want to keep after -G

Code:
# id -a john
uid=28(john) gid=2000(oinstall) groups=2000(oinstall),2100(asmadmin),2300(asmdba),2301(asmoper)
#

# usermod -G asmoper,asmdba john
#
# id -a john
uid=28(john) gid=2000(oinstall) groups=2000(oinstall),2300(asmdba),2301(asmoper)


Last edited by John K; 07-30-2015 at 11:32 AM..
# 4  
Old 07-30-2015
Code:
gpasswd -d user group

Code:
gpasswd -d john asmoper

This User Gave Thanks to Aia For This Post:
# 5  
Old 07-30-2015
If you really have to use usermod, try
Code:
usermod -G$(id -nG john | sed 's/^[^ ]* //;s/asmadmin//;s/  */,/g') john

, assuming the first group listed is the primary group. You may want to define a shell function.
This User Gave Thanks to RudiC For This Post:
# 6  
Old 07-30-2015
Brilliant. Thanks Aia. Thanks Rudic
 
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Linux

Openldap add user to secondary group

Hello, i try to add user john to secondary group, named groupB this will add as primary group, how can i add to secondary group?? dn: cn=groupB,ou=Groups,dc=ldap-server,dc=com changetype: modify add: memberuid memberuid: john (1 Reply)
Discussion started by: prpkrk
1 Replies

2. Red Hat

How to find Secondary Group only?

Hi, I would like to know how to find our secondary group of user only. I have used the command id -Gn user1 it is showing both groups of user. Primary and secondary group. (2 Replies)
Discussion started by: manoj.solaris
2 Replies

3. Linux

Nobody user group in Linux

Hi I am facing problem of taking backup of file system as username1. There are some files in system which is having group ownership as nobody. and username1 is not able to open this file and backup is failing .Even as a root user I can not open this file. File which is creating problem is ... (1 Reply)
Discussion started by: devesh123
1 Replies

4. UNIX for Advanced & Expert Users

creating a secondary read only group with setfacl

We have created ACL's to allow two differnet groups to access some directories. You can see output from getfacl below. group::rwx group:rbauser:r-- The original group has full access, the secondary group has read only. However users in the secondary group can't see the directories. Think this... (1 Reply)
Discussion started by: dw82199
1 Replies

5. Solaris

su: No shell/No directory! if sys is added to a users secondary group

Hi, When I include a user to the secondary group "sys" GID=3 in Solaris 9 OS I'm not able to login. I get these error. The user home directory and the shell exists. Is this because of any security hardening. # su - agent No directory! # su agent su: No shell # grep taddm /etc/passwd... (14 Replies)
Discussion started by: agent001
14 Replies

6. Solaris

Secondary group info source

Experts, I know when I use id it shows only the primary group information for the given user, and that info comes from passwd file. When I use groups it shows all groups user are member of, however from where come information given by groups command? grep fmtt3990 /etc/passwd... (6 Replies)
Discussion started by: fmattos
6 Replies

7. Shell Programming and Scripting

List ALL users in a Unix Group (Primary and Secondary)

Is there a command or better combination of cmds that will give me the list of Unix users in a particular Unix group whether their primary group is that group in question (information stored in /etc/passwd) or they are in a secondary group (information stored in /etc/group). So far all I got... (5 Replies)
Discussion started by: ckmehta
5 Replies

8. Solaris

How to remove user from a group using command line

Hi, Wanted to remove a user from a group , but no GUI , must use command line (2 Replies)
Discussion started by: civic2005
2 Replies

9. UNIX for Dummies Questions & Answers

Assigning existing users to a secondary group

Hi!!, I am on HP UX -11. I have created a new group and want to assign some the users to this group without changing their existing group ( The new group is the secondary group for them) Any ideas how to do it?? SAM doesnt seem to be working.. Any way of doing it from command line?? ... (1 Reply)
Discussion started by: jyotipg
1 Replies

10. UNIX for Dummies Questions & Answers

How to find All Primary and Secondary Group ID's for a user

Is there any command which can list me all the Group ID's (Primary, Secondary ) assocaited with a single user. Thanks Sanjay (2 Replies)
Discussion started by: sanjay92
2 Replies
Login or Register to Ask a Question

Featured Tech Videos