Frequently Asked Question

What's the difference between a primary group and supplementary groups?

Every user has exactly one primary group, recorded in the GID field of their /etc/passwd entry. It is the group that new files they create are stamped with by default, and it is the group their process inherits at login. On most modern distributions the primary group is a user private group with the same name as the user (chris:x:1000: in /etc/group), so that files default to being private until you deliberately share them.

Supplementary groups are everything else, sudo, docker, wheel, video, developers, and they grant extra access without changing what new files are tagged with. Add yourself to one with usermod -aG docker chris; the -a is important because usermod -G replaces the supplementary list rather than adding to it, a classic foot-gun. Note that supplementary group changes only take effect in new login sessions; an existing shell keeps the group set it had at login until you log out and back in (or use newgrp to acquire a fresh credential).