User Groups

I've logged out of the system as superman and logged back into michael (who still has sudo privileges.) Let's look at the groups that michael has been added to: groups

michael@develop:~$ groups
michael adm cdrom sudo dip plugdev lxd

Some interesting entries, but the one we're interested in is sudo. We saw that in the sudoers file as %sudo. The group has all permissions, just like we gave to superman directly. So let's learn how-to modify an existing user and change the groups they have assigned to them.

Here's the groups superman has: sudo groups superman

michael@develop:~$ sudo groups superman
superman : superman

Let's update those groups, placing superman in the sudo group: sudo usermod -a -G sudo superman

michael@develop:~$ sudo usermod -a -G sudo superman
michael@develop:~$ sudo groups superman
superman : superman sudo

Now let's log back into the superman user and see if we can re-create the spiderman user we deleted earlier:

superman@develop:~$ sudo adduser spiderman -gecos "Spiderman,,,,"
[sudo] password for superman:
Adding user `spiderman' ...
Adding new group `spiderman' (1002) ...
Adding new user `spiderman' (1002) with group `spiderman' ...
The home directory `/home/spiderman' already exists.  Not copying from `/etc/skel'.
New password:
Retype new password:
passwd: password updated successfully

And it looks like I can use sudo visudo too:

superman@develop:~$ sudo visudo
visudo: /etc/sudoers.tmp unchanged

Note

The message visudo: /etc/sudoers.tmp unchanged means I simply did Ctrl+X and exited visudo without making changes.

So the usermod command is used, as the name somewhat implies, to modify a user on the system. In the case above, we've modified a user's groups.