Difference between useradd -g and -G?
 

Whats the diff between -G and -g?
Manual says -g represent primary Group Whats that?

Hi,

A user needs to be part of at least one group (the primary group), this is set by the -g option. Only one group is allowed (ie: -g main vs -g main other1 [last example is not cirrect, first is])

A user can be part of other groups, which is set by the -G option. More groups are allowed (ie: -G other1 and -G other1 other2 .... are both syntactically correct).

You can see which group(s) a user belongs to by: id <username>

Example:

$ id druuna
uid=500(druuna) gid=500(internet) groups=500(internet),52(audio),53(video),60(usb),75(cdrom),76(cdrw),400(users),600(visitor),700(repo rter),800(jmeter)

The initial, primary group is also visible in the groups output.

Hope this clears things up a bit.

By default every user will have his primary group & if no group name is mentioned while creating the user then default primary group is same as his username.

Secondary group is used when multiple people have to work on a same project & they require similar access to a particular folder.

i.e all people from group abc are accessing folder1 then we can give permissions rwx as per needs to the group of the folder no need to give permission to others, but abc should be the default group for that folder.

If you do ls -l in a directory, you'll see something like this:
- user being the user who ones the file, group indicating the primary group the user belongs to - on most systems, it defaults to the user's own group (i.e. it's the same as user, but that depends on what you do when using "-g"). The groups you add with "-G" are supplementary - they're needed to grant additional rights to a user. There's a default set of supplementary groups for new users to enable them to do basic task, e.g. printing or using media or storage devices.

M.

@maxy7710: Minor correction:
That depends on the distro that is used. Historically the group users is used, not the name of the user, although I know that Red Hat (and offspring?) use the username as groupname. Don't get me wrong, it is, from a safety point of view, a good thing.

I have seen that in Solaris, when I create a user (with no primary group), by default he will be a member of a group called other (gid number 1).

Indeed, an unspecified primary group must default to something.
Historically it would have been 'users' (druuna) or maybe 'others' (saagar) or ...
RedHat decided sometime ago that for enhanced security it should default such that the group id was the same as the user id eg 1st user is usually 500:500, then 501:501 and so on.
RH derived systems tend to do the same. Other distros may also do this.

Yep, I apologize for my over-generalisation - I'm used to Debian (based) systems, which default to "username usernameasgroupname", but I acknowledge that this is a questions of defaults or settings, repectively.

M.