Many Linux systems assign specific groups to new users during installation. These groups often control access permissions and system privileges. If you've accidentally removed a user from their default groups in Linux, it's crucial to understand how to restore their group memberships. This is essential for ensuring users have the proper permissions and access to system resources. In this guide, we'll walk through the steps to restore the default groups assigned to users during the Linux installation process.
Table of Contents
Introduction
The other day, I was trying to add a user to multiple groups in Linux. I created some sample groups and intended to add the user to them.
However, I accidentally ran the command usermod -G <group-name> <user-name>.
The correct command should have been usermod -aG <group-name> <user-name>, but I completely forgot the -a flag and executed the wrong one.
As a result, I'm now removed out of the sudo and other groups and have lost my administrative privileges. Now I am only the member of the users group, which is a basic group for system users. The members of users are not allowed to run administrative tasks.
$ sudo -lU ostechnix
[sudo] password for ostechnix:
Sorry, user ostechnix is not allowed to execute 'list' as ostechnix on archlinux.
This prevents me from adding my user back to the default groups typically assigned to the first user during installation.
If you find yourself needing to restore default groups to users in Linux after an accidental command or system error, don't panic.
This guide provides clear, straightforward steps to help you reinstate the essential user group memberships that are typically assigned during the initial system setup.
What Happens if You Run usermod without -a?
If you forget to include the -a (or -append) option when using the usermod command to add a user to a group, the command will replace the user's current group memberships instead of appending the new group.
The specific consequences are:
- Removes the user from all other groups: The
usermod -G <group> <user>command will remove the user from all their existing group memberships and only add them to the specified group. - Loses administrative privileges: If the user was previously a member of the
sudoorwheelgroup (which grants administrative privileges), they will lose those privileges after running the command without-a. - Restricted access: The user may lose access to certain resources or functionality that requires membership in specific groups, such as access to audio, video, or storage devices.
- Difficult recovery: Without administrative privileges, it can be challenging to add the user back to the required groups. You may need to boot into a live Linux environment or use an account with sudo rights to edit the user's group memberships manually.
To avoid this issue, it's important to always use the -a (append) option when adding a user to additional groups, like this: usermod -aG <group> <user>. This will ensure the user is added to the new group without removing them from their existing group memberships.
Since my user has already lost sudo privileges and it is the only user that had sudo rights, there is no way to use usermod to add the user back to the sudo group.
Default Groups
The default groups assigned to the first user upon installation can vary depending on the Linux distribution you are using.
However, generally speaking, the first user created during the installation of most Linux distributions is added to several important groups that enable the user to manage system settings, access hardware devices, and perform administrative tasks.
Here’s a list of the common groups the first user is typically added to in popular Linux distributions:
- $USERNAME - On many Linux distributions, there is a group automatically created with the same name as the username when a new user is added. This group is often referred to as the user's primary group. The primary group is intended to be the default group for user-created files and directories.
- sudo or wheel: These groups are essential for administrative privileges, allowing the user to execute commands with root-level access using
sudo. - adm: This group is often used to allow access to system logs and administrative tasks.
- cdrom: Typically used to grant the user access to optical drives.
- plugdev: Grants permission to access external storage devices, including USB sticks and external hard drives.
- dip: Allows access to dial-up modem connections.
- lpadmin: Grants access to printer and print job administration.
- audio: Provides access to audio devices.
- video: Allows access to video capture and GPU hardware.
- users: A basic group for system users.
- dialout: Typically required for modem and serial device access.
- games: Sometimes used to give access to game software.
If you are using a Debian-based system (like Ubuntu), these groups are generally consistent. For a Fedora and Red Hat-based system (like AlmaLinux and Rocky Linux), you might also have the wheel group instead of sudo for administrative tasks.
How to Find Out Your Current Group Memberships
To see what groups your user is currently a member of, you can use the groups command in the terminal. Just type:
$ groups username
Replace username with your actual username.
How to Restore Your Group Memberships
If you have another user account on the system that has sudo privileges, you can use that account to add your user back to these groups.
For example, to add a user back to the sudo group, you would use:
$ sudo usermod -aG sudo username
Repeat this command for each group you need to be added back to.
You can also add a user to multiple groups in a single command like below:
$ sudo usermod -aG sudo,adm,cdrom,plugdev,dip,ipadmin,audio,video,dialout,games,bluetooth username
Replace username and the group names depending upon the Linux distribution you use.
Restore Default Groups from Recovery Mode or Live CD
If you do not have another user with sudo privileges, you may need to boot into a recovery mode or use a live CD/USB to regain access and modify these settings.
If you don't have another user with sudo privileges and you've accidentally removed yourself from the necessary groups, you'll need to use a recovery method to restore your access.
Here are the steps you can follow to regain your administrative privileges using a recovery mode or a live CD/USB:
Method 1: Recovery Mode
1. Reboot into Recovery Mode or Single User Mode:
Reboot your computer. As the system starts up, hold down the appropriate key to enter the boot menu (often Esc, F2, F9, F12, or Del, depending on your system). Choose the option to boot into "Recovery Mode." This is typically found under "Advanced options for Ubuntu" or a similar menu, depending on your distribution.
If you're using RHEL-based distributions, check the following guide to know how to enter into the single user mode:
How To Reset Root User Password In CentOS 8, RHEL 8, AlmaLinux 8, Rocky Linux 8
2. Access Root Shell:
In recovery mode, you'll see a menu of options. Select "Drop to root shell prompt" or a similar option to get a command-line interface with root access.
3. Remount the Filesystem with Write Permissions:
At the root shell, remount the filesystem to allow changes:
mount -o remount,rw /
4. Add Your User Back to the sudo/admin Group:
Use the usermod command to add your user to the necessary groups. For Ubuntu, you might do:
usermod -aG sudo,adm,dip,plugdev,lpadmin username
Replace username with your actual username.
5. Reboot:
Once you have added your user back to the necessary groups, type exit to leave the root shell and then reboot the system:
reboot
Method 2: Using a Live CD/USB
1. Create a Live USB:
If you don't already have one, create a live USB stick with your Linux distribution.
We recommend you to use Ventoy to create bootable Live USB. There are also many other bootable USB creation tools exist. Check the following category and pick one that suits you.
2. Boot from the Live USB:
Insert the live USB into your computer and boot from it, selecting the option to try the operating system without installing.
3. Access Your System's Disk:
Once the live session has started, open a terminal. Mount your system’s root partition. You may need to find out which partition this is using lsblk or fdisk -l.
4. Chroot into Your System:
Assuming your system's partition is mounted at /mnt, you can chroot into it:
sudo mount /dev/sdaX /mnt # Replace sdaX with your root partition sudo chroot /mnt
5. Add Your User Back to the Necessary Groups:
Now, as in the recovery mode, add your user back to the necessary groups:
usermod -aG sudo,adm,dip,plugdev,lpadmin username
Remember to replace username with your actual username and adjust group names as necessary for your specific Linux distribution.
6. Reboot and Remove the Live USB:
Exit the chroot environment, unmount the partition, and reboot:
exit sudo umount /mnt reboot
Using either of these methods, you should be able to restore your sudo access and other group memberships.
Conclusion
By following the methods outlined above, you should be able to successfully restore default group memberships for your users in Linux.
Regaining these default groups can ensure users have the necessary permissions to function properly within the system.
If you're unsure about the specific steps or encounter any issues, feel free to let us know via the comment section below.
Related Read:
