2) Create a new group by clicking Edit -> Create -> Create Group. Give any group id and group name.
3) Search for that newly created group. Go to Permissions tab of that group. Select Read for all the nodes, or for the root node, and click on Save.
4) Reload the page and/or lookup for that group. Double-click it. Go to permissions tab. If there's any Read access missed, check Read checkbox for those remaining parent nodes(such as /conf, /etc, /var, etc.) and click on save.
5) Verify once again by performing Step 3. You have created a group with Read-only access to all the nodes.
6) Now, you can add your users/groups under the Members tab of that newly created group.
You can also limit the read permissions, or give any other permissions on whichever nodes you want to, to meet your criteria/usercase.