How to Create Groups in Linux: groupadd Command

In Linux, groups are used to organize and administer user accounts. The primary purpose of groups is to define a set of privileges such as reading, writing, or executing permission for a given resource that can be shared among the users within the group.

This guide explains how to create new groups in Linux using the groupadd command.

groupadd Command Syntax #

The general syntax for the groupadd command is as follows:

groupadd [OPTIONS] GROUPNAME

Only the root or a user with sudo privileges can create new groups.

When invoked, groupadd creates a new group using the options specified on the command line plus the default values specified in the /etc/login.defs file.

Creating a Group in Linux #

To create a new group, type groupadd followed by the new group name.

For example, to create a new group named mygroup you would run:

groupadd mygroup

The command adds an entry for the new group to the /etc/group and /etc/gshadow files.

Once the group is created, you can start adding users to the group .

If the group with the same name already exists, the system will print an error message like the following:

groupadd: group 'mygroup' already exists

To suppress the error message if the group exists and to make the command exit successfully, use the -f (--force) option:

groupadd -f mygroup

Creating a Group with Specific GID #

In Linux and Unix-like operating systems, groups are identified by their name and a unique GID (a positive integer).

By default, when a new group is created, the system assigns the next available GID from the range of group IDs specified in the login.defs file.

Use the -g (--gid) option to create a group with a specific GID.

For example, to create a group named mygroup with GID of 1010 you would type:

groupadd -g 1010 mygroup

You can verify the group’s GID by listing all groups and filtering the result with grep :

getent group | grep mygroup

mygroup:x:1010:

If a group with the given GID already exists, you will get the following error:

groupadd: GID '1010' already exists

When used with the -o (--non-unique) option, the groupadd command allows you to create a group with a non-unique GID:

groupadd -o -g 1010 mygroup

Creating a System Group #

There is no real technical difference between the system and regular (normal) groups. Usually, system groups are used for some special system operation purposes, like creating backups or doing system maintenance.

System group GIDs are chosen from the range of system group IDs specified in the login.defs file, which is different than the range used for regular groups.

Use the -r (--system) option to create a system group. For example, to create a new system group named mysystemgroup you would run:

groupadd -r mysystemgroup

Overriding the Default /etc/login.defs Values #

The -K (--key) option followed by KEY=VAL allows you to override the default values specified in the /etc/login.defs file.

Basically, all you can override are the maximum and minimum values of the normal and system group IDs for automatic GID selection when creating a new group.

To create a new group with a GID in the range between 1200 and 1500, specify the min/max values as shown below:

groupadd -K GID_MIN=1200 -K GID_MAX=1500 mygroup

Setting a Group Password #

Adding a password to a group has no practical use and may cause a security problem since more than one user will need to know the password.

The -p (--password) option accepts an encrypted password hash, not plain text:

groupadd -p '$6$rounds=656000$hash...' mygroup

In most setups, you should avoid group passwords and manage access by adding users to groups with usermod -aG .

Quick Reference #

Troubleshooting #

“Permission denied” or “only root can do that”
You must run groupadd as root or with sudo. Prefix the command with sudo groupadd GROUPNAME.

“GID already exists”
The specified GID is already in use. Choose a different GID with -g, or use the -o flag to allow a non-unique GID.

“Group already exists”
A group with that name already exists in /etc/group. Use -f to suppress the error and exit successfully, or choose a different name.

Group created but user does not see it
Run id USERNAME to check group memberships. A user must log out and back in for new group memberships to take effect.

FAQ #

How do I verify that a group was created successfully?
Run getent group GROUPNAME or check /etc/group directly with grep GROUPNAME /etc/group. The output shows the group name, password placeholder, GID, and members.

What is the difference between a system group and a regular group?
System groups use a separate GID range defined in /etc/login.defs and are typically used for services and system processes. Regular groups are used for user account organization. There is no functional difference in how permissions work.

How do I add a user to a group after creating it?
Use the usermod -aG GROUPNAME USERNAME command. The -a flag appends the group without removing existing memberships. See how to add a user to a group for more details.

How do I find what GID was assigned to a new group?
Run getent group GROUPNAME or grep GROUPNAME /etc/group. The third field in the output is the GID. You can also use the id command to verify a user’s group memberships.

How do I delete a group in Linux?
Use the groupdel GROUPNAME command. See how to delete a group in Linux for the full guide.

Conclusion #

In Linux, you can create new groups using the groupadd command. The same instructions apply for any Linux distribution, including Ubuntu, Debian, Fedora, and RHEL-based systems.

If you have any questions, feel free to leave a comment below.

About the authors

Dejan Panovski

Dejan Panovski is the founder of Linuxize, an RHCSA-certified Linux system administrator and DevOps engineer based in Skopje, Macedonia. Author of 800+ Linux tutorials with 20+ years of experience turning complex Linux tasks into clear, reliable guides.

View author page