Mac OS X (now macOS) uses directory services to manage users and groups. The dscl (Directory Service Command Line Utility) is the primary tool for managing these entities from the terminal. While newer macOS versions have slightly different approaches, the fundamentals remain similar to Snow Leopard's implementation.
Here's the fundamental command structure for creating a new group:
dscl . create /Groups/groupname
dscl . create /Groups/groupname gid groupIDLet's create a 'developers' group with GID 1001:
# Create the group entry
sudo dscl . create /Groups/developers
# Assign a group ID (ensure it's unique)
sudo dscl . create /Groups/developers gid 1001
# Add optional descriptions
sudo dscl . create /Groups/developers RealName "Development Team"
sudo dscl . create /Groups/developers passwd "*"Check if your group was created properly:
dscl . read /Groups/developersOr list all groups to find yours:
dscl . list /GroupsAfter creating the group, you'll typically want to add members:
sudo dscl . append /Groups/developers GroupMembership username1
sudo dscl . append /Groups/developers GroupMembership username2Here's how you would create a group for MySQL as mentioned in the original question, with additional best practices:
# Create MySQL group
sudo dscl . create /Groups/mysql
sudo dscl . create /Groups/mysql gid 296
sudo dscl . create /Groups/mysql RealName "MySQL Server Group"
sudo dscl . create /Groups/mysql passwd "*"
# Verify group was created
dscl . read /Groups/mysql- Always use
sudofor these commands as they require root privileges - Group IDs below 500 are typically reserved for system groups
- Check
/etc/groupto see existing group IDs and avoid conflicts - For production systems, consider using LDAP or other directory services for centralized management
If you encounter "eDSRecordNotFound" errors, ensure you're using the correct path syntax. The space between the dot (.) and command is mandatory in dscl ..
In Mac OS X (now macOS), user and group management is handled through Directory Services. The primary command-line tool for this is dscl (Directory Service Command Line Utility). While newer macOS versions have more graphical tools, Snow Leopard (10.6) users often need to work directly with dscl for advanced administration.
The fundamental command structure for creating a group is:
dscl . create /Groups/groupname
dscl . create /Groups/groupname gid groupIDLet's create a group named "developers" with GID 1001:
# Create the group entry
dscl . create /Groups/developers
# Assign Group ID (must be unique)
dscl . create /Groups/developers gid 1001
# Optional: Add group password (rarely used)
dscl . create /Groups/developers passwd "*"
# Add description
dscl . create /Groups/developers RealName "Developer Team"After creation, verify the group exists:
dscl . read /Groups/developersOr check the system group list:
dscacheutil -q groupTo add existing users to your new group:
dscl . append /Groups/developers GroupMembership username1
dscl . append /Groups/developers GroupMembership username2dscl . delete /Groups/groupname- Remove a groupdscl . list /Groups- List all groupsdscl . merge /Groups/groupname path/to/plist- Import group settings
If you encounter "eDSRecordAlreadyExists" errors:
# First check if the GID is already in use
dscl . list /Groups gid | grep yourDesiredGID
# Or check for the group name:
dscl . list /Groups | grep groupnameRemember that standard user GIDs typically start at 500, while system groups use lower numbers. For custom groups, it's best to use GIDs above 1000.