Remove Linux User From a Secondary Group ( Supplementary Groups )

Q. User tom is a member of a group called sales and printer. I’d like to remove tom from a group called printer without editing any user configuration text files stored at /etc/ directory?

A. /etc/groups file defines group membership for each user. usermod command has -G option to set a list of supplementary groups which the user is also a member of. Each group is separated from the next by a comma, with no intervening whitespace. If the user is currently a member of a group which is not listed, the user will be removed from the group.

Step # 1: Find out user group identity

Use id command:
# id -nG {user-name}
# id -nG tom

Output:

sales printer

Step # 2: Remove user from printer group

Use the following syntax:
# usermod -G {groupname1,groupname2,...} {username}
To keep membership for sales only group (remove user tom from printer group), enter:
# usermod -G sales tom
# id -nG tom

Output:

sales

The following example remove user vivek from all groups except admin, audio, video and powerdev group:
# id -nG vivek
Output:

vivek adm dialout cdrom floppy audio dip video plugdev scanner netdev lpadmin powerdev admin

Modify group membership, enter:
# usermod -G admin, audio, video, powerdev vivek
# id -nG tom

Sample output:

vivek audio video powerdev admin

For more information, read usermod(8) command man page:
$ man usermod

Posted by: SXI ADMIN

The author is the creator of SXI LLC and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.