

Main files
View all groups on the system cat /etc/group.
The /etc/gshadow is an important file for group management. Passwords for restricted groups are stored there as well as information about group administrators and users.
The structure of the files is like this: group_name:encrypted_password:group_admins:group_members
Never directly edit /etc/gshadow always use vigr -s.
General group management
Let's add John to the group teachers. usermod -aG teachers john.
Remember to use the -a option when adding people to groups. If you don't, it will override all secondary groups the member is a part of.
The new group for the user is applied when they log out and back in. If they don't want to do that and use the new group right away, that's when we use the newgrp command. E.g., newgrp teachers if you are logged in as John. Type newgrp again to reverse the change made via newgrp teachers.
If you want to remove a user from a group you use the gpasswd command. Let's remove John from the group printers. gpasswd -d john groupname.
Create group
To create a new group do groupadd groupname.
Remember to check out groupadd --help for more available options.
Set group password
Set a group password like this, gpasswd groupname.
Remove group password, gpasswd -r groupname.
You can also use groupmod to set a password for a group but the input has to be encrypted like the example below. Make sure you use single quotes, we need the terminal to read this literally, if you use double quotes the text inside allows for variable expansion and command substitution.
usermod -p '$6$AwAUwNhalFc.SUp.$QWjo5uH33Cihp.FSk.ndMzJFk.NML82MZIqfCMyT.w777D4z1qIP76ONw3cUZUI//VNzqjpqDK/A6v7Drj4bd1' groupname
To get an encrypted password value use openssl passwd -6.
Set group administrator
gpasswd -A username groupname
After you do that, check /etc/gshadow and look at the third field, you should see the username you entered there. This user can now add and remove users from that group.
You can use newgrp sales to change the primary group to sales. This is only a temporary primary group change, when you exit, it's back to your original primary group. Remember that the newgrp command opens a subshell where the user is a member of the group sales. You can either close that subshell or use the command newgrp with no options to return to you default primary group.
Use vigr -g to change the /etc/groups file, not vim, of course we use vim, not nano ... what are we monsters? ( Joking! ) :)
See group members
To see members of a group you can do a few things.
groupmems -g groupname -l
lid -g groupname
cat /etc/group | grep groupname
getent group groupname
See group membership per user
If you want to see groups that a specific user is a member of, you have a few options.
id username
groups username
cat /etc/group | grep username
The first group listed is the primary group.
This is all you need to know for the RHCSA exam in regards to groups. Of course I will add to this information if needed or somebody writes me a captivating comment here. :)