The gpasswd command is the equivalent of the passwd command for groups. This command provides the ability to modify some group features and assign administrators to users who can perform administrative functions relative to their group.
The syntax of the command is the following one:
gpasswd [-a user] [-d user] [-R] [-r] [-A user [, …]] [-M user[,…]] group
Adding a user
The -a user adds the specified user to the specified group.
Delete a user
The -d user deletes the specified user from the specified group.
Disable adding users via newgrp
It restricts the access for the users who are using the newgrp command to enter the specified group.
Delete password
-R deletes the password for the specified group.
Add administrators for the group
The root user can specify, through the -A user [,…] parameter, certain users as administrators for that group. Group Administrators can add or delete members, but can also modify the group password. Using this parameter completely overrides the list of administrators of that group, so if you want to add a new administrator to a group you must specify all the administrators of that group.
Add users to a group
The -M user [,…] parameter works similarly to the -A option to add specified users to a particular group.
If you use the gpasswd command with only the group name without any other option, you can change the password for that group.
Group passwords are rarely used and are considered as security risks; are used, for example, to allow access via the newgrp command. Typically, it is recommended that passwords not to be known by other users, and users to be added to groups by the system administrator.
newgrp command
It is used by a user to enter the specified group (the primary group changes with that group).
It has the following syntax:
newgrp [group]
When using this command, the user is asked what is the password for that group. If the correct password is not entered, the user is not allowed access to that group.
If no group name is specified, the GID returns to its original value.