Quick ways to list which users belong to which groups, using simple Linux commands. 19.01.2026 | reading time: 3 min Who is in the sudo group and which groups does a user belong to? This short guide shows concrete commands and examples to inspect group membership on a Linux system so an administrator can answer those questions fast. Hands-on Example Scenario: the administrator wants to check user "alice" and the "sudo" group; run the commands and read the outputs shown here: ```bash\n$ id -nG alice\nalice sudo docker\n$ groups alice\nalice : alice sudo docker\n$ getent group sudo\nsudo:x:27:alice,bob\n$ getent passwd alice\nalice:x:1001:100:Alice:/home/alice:/bin/bash\n``` The examples show that "alice" is in the sudo and docker groups and that her primary GID is 100, which can be mapped to a group entry with `getent group` or by searching the group database. Primary vs Supplementary Linux assigns each account a primary group stored in the passwd entry and any number of supplementary groups listed in the group database; use `getent passwd` to read the primary GID and `id` or `groups` to list supplementary groups; when groups come from LDAP or NIS, `getent` consults the configured name services so the administrator sees the same combined view as the system. Useful Administration Tricks To find the group that corresponds to a numeric GID, filter the group database with `getent group | awk -F: '$3==100'`; to change a user shell group for the current session use `newgrp` or run a command with `sg`; to add or remove members use `gpasswd -a` and `gpasswd -d` or edit the appropriate central directory if using LDAP; remember that some helper tools like `members` or `groupmems` may not be installed by default. When to Prefer Which Tool For quick checks use `id` for a full identity summary and `groups` for a concise list; use `getent` when you need the authoritative entry that respects NSS and network directories; prefer parsing `getent` output in scripts rather than grepping `/etc/group` directly to stay compatible with centralized authentication. Next Steps for the Administrator Inspect real accounts on a test machine, try adding and removing a user from a supplementary group, and observe behavior of processes started before and after the change to understand session inheritance; mastering these basics improves access control and troubleshooting. Join Bits & Bytes Academy First class LINUX exam preparation. utilities security scripting processes
