How to List Groups in Linux
In Linux, a group is a collection of users. The main purpose of groups is to define a set of privileges such as read, write, or execute permissions for a given resource that can be shared among the users within the group. Users can be added to an existing group to use the privileges it grants.
This guide explains how to list all groups a user is a member of, how to view group entries and membership details, and how to list all groups on the system.
Linux Groups
There are two types of groups that a user can belong to:
Primary or login group - the group assigned to files created by the user. Usually, the name of the primary group is the same as the name of the user. Each user must belong to exactly one primary group.
Secondary or supplementary group - used to grant certain privileges to a set of users. A user can be a member of zero or more secondary groups.
List all Groups a User is a Member of
There are multiple ways to find the groups a user belongs to.
The primary group is stored in the /etc/passwd
file and the supplementary groups are listed in the /etc/group file. One way to find a user’s groups is to search those files directly using cat
, less
, or grep
. A more direct option is to use a command designed to report user and group information.
Using the groups Command
The most straightforward command for this task is groups. When executed without an argument, it prints a list of all groups the currently logged-in user belongs to:
groupsjohn adm cdrom sudo dip plugdev lpadmin sambashareThe first group listed is the primary group.
To list the groups a specific user belongs to, pass the username as an argument:
groups linuxizelinuxize : linuxize sudoAs before, the first group listed after the colon is the primary group.
Using the id Command
The id
command prints information about the specified user and their groups. If the username is omitted, it shows information for the current user.
For example, to get information about the user linuxize, run:
id linuxizeThe command shows the user ID (uid), the user’s primary group (gid), and the user’s secondary groups (groups):
uid=1001(linuxize) gid=1001(linuxize) groups=1001(linuxize),27(sudo)To print group names instead of numbers, use the -n option. The -g option prints only the primary group and -G prints all groups.
The following command prints the names of all groups the current user belongs to:
id -nGjohn adm cdrom sudo dip plugdev lpadmin sambashareList Members of a Group
To view a group entry and its listed members, use the getent group command followed by the group name.
For example, to view the entry and listed members of the developers group:
getent group developersIf the group exists, the command prints the group entry:
developers:x:126:frank,maryEach field is separated by a colon: the group name, a password placeholder (x), the group ID (GID), and a comma-separated list of users listed as members of that group. If the group does not exist, the command produces no output.
The last field does not always include users whose primary group is developers. Primary group membership is stored in the password database, where each user account has a primary GID. To include users whose primary group matches the group, compare the group GID with the fourth field from getent passwd:
group=developers
gid=$(getent group "$group" | cut -d: -f3)
getent passwd | awk -F: -v gid="$gid" '$4 == gid { print $1 }'This prints users whose primary group is developers. Use it together with getent group developers when you need to account for both primary and supplementary membership.
List All Groups
To view all groups on the system, open the /etc/group file. Each line represents one group:
less /etc/groupAnother option is to use the getent command, which queries databases configured in /etc/nsswitch.conf, including the group database. This approach is more reliable on systems that use LDAP or other directory services, because it returns groups from all configured sources, not just /etc/group.
To list all groups:
getent groupTo print only the group names, pipe the output to awk
:
getent group | awk -F: '{ print $1}'You can also use cut
to extract the same field:
getent group | cut -d: -f1Quick Reference
| Task | Command |
|---|---|
| List groups for the current user | groups |
| List groups for a specific user | groups username |
| Show user and group IDs | id username |
| Print only group names for current user | id -nG |
| View a group entry and listed members | getent group groupname |
| List all groups on the system | getent group |
| List only group names | getent group | awk -F: '{print $1}' |
Troubleshooting
getent group groupname returns no output
The group may not exist, or it may not be available through your configured NSS sources. Verify the exact name and check /etc/nsswitch.conf to confirm the group database configuration.
Group changes are not visible after usermod -aG
Group membership updates apply to new sessions. Log out and back in, or start a new login shell, then run id username or groups username again.
groups username does not show expected directory-service groups
On systems using LDAP/AD/SSSD, make sure identity services are running and reachable. Use getent group and id username to confirm groups from all configured sources, not only local /etc/group.
FAQ
What is the difference between a primary and secondary group?
Every user belongs to exactly one primary group, which is assigned to files the user creates. Secondary groups grant additional privileges. A user can belong to zero or more secondary groups.
How do I check what group a file belongs to?
Run ls -l to view file details. The fourth column shows the group assigned to each file.
How do I add a user to a group?
Use usermod -aG groupname username. See our guide on adding a user to a group
.
Where are group definitions stored?
Group definitions are stored in /etc/group. Each line contains the group name, a password placeholder, the GID, and a comma-separated member list, all separated by colons.
Conclusion
The groups and id commands are the quickest way to see which groups a user belongs to. Use getent group to view group entries, and check the primary GID from getent passwd when you need a complete membership picture.
Tags
Linuxize Weekly Newsletter
A quick weekly roundup of new tutorials, news, and tips.
About the authors
Dejan Panovski
Dejan Panovski is the founder of Linuxize, an RHCSA-certified Linux system administrator and DevOps engineer based in Skopje, Macedonia. Author of 800+ Linux tutorials with 20+ years of experience turning complex Linux tasks into clear, reliable guides.
View author page