Can't add users to user group

Sorry if this question is too basic.

My problem is that I run $ sudo usermod -a -G <group> <user> trying to add this user to a group I created, but after I run $ groups that group is not there.

I know that groups for a user are declared in the config file, but should I list this new group in the extraGroups = [] option and rebuild? If so, where is info about created (custom) groups stored? Because, as I understand, it isn’t in the config file. Sorry, I do not have a good understanding of how this config file relates to the rest of the system. If someone can direct me to guides/manuals where it is explained, I would really appreciate that,

You need to re-login for group updates to apply to a user. That’s just a Linux thing.

If you use users.mutableUsers I don’t think you need to use the nixpkgs module, but it’s probably still recommended. These settings are stored in /etc/passwd, also a Linux (or generally unix) thing.

When setting settings in configuration.nix, and running nixos-rebuild switch, nix will take those settings and build appropriate configuration files out of them, and then symlink them to the correct locations for various software that needs them. If you use ls -l on it, you’ll see that most of /etc is symlinked to /etc/static, which is a symlink into the nix store.

/etc/passwd is a normal file though, assuming you use users.mutableUsers. For this file, nix will edit it every time you switch to update it with your newest configuration.nix changes, while retaining any changes you made manually using e.g. usermod.

1 Like

Temporarily, you can activate the new group in the current shell by typing newgrp $group.


Thanks a lot! That’s an extensive answer.

If you use users.mutableUsers I don’t think you need to use the nixpkgs module, but it’s probably still recommended

So if I were to redeploy the whole configuration to another machine, I would better have the group listed in extraGroups = []? If I leave it in /etc/passwd, what tools do I use to transfer the data to a new machine?

Again, I apologize for the basic questions. I really am trying to educate myself on Linux and NixOS in particular, but I still have much to learn.

Yep, nix will then take care of creating the same user with the same group again.

You could probably manually copy the file, or back it up using your favorite backup tool. I’m not sure if you need to copy the shadow file too, or if there’s any other state lying around.

NixOS kind of exists to solve this exact problem, just use your configuration.nix to configure things whenever possible and you’ll never have to worry about transferring configuration again.

I would even recommend turning users.mutableUsers off, and only making changes to the users using configuration.nix, if that didn’t mean you also need to keep your password in your configuration somehow (though sops-nix, agenix & co can help do that without giving up on security).

No need to apologize at all, I wouldn’t be replying if I didn’t intend to help with exactly that!

1 Like