On a Linux System, users are used to separate users and provide an access control system.
Before we jump lets go over some of the basics around users.
First is that not all users are equal as there are normal users, system users, and the root user.
- Normal users are users that would be used to login to the system and interact with the system. These users will have a users ID that fits within the UID_MIN and UID_MAX located in the /etc/login.defs file.
- System users are users that do not meat the UID_MIN these users are used by applications/software running on the system for separation.
- The root user rules over all the other accounts with absolute control.
Lets briefly touch on groups, groups are used to apply specific permissions to a group of users rather on the one user at a time.
Note: This will only cover local users and not remote users, for example users managed by a central authentication server like LDAP or active directory.
Listing Users From The Graphical User Interface (GUI):
If you have GUI on the Ubuntu system for example Ubuntu Desktop.
- Hit the super key
- Type in settings
- From there you looking for the user column and click it
Listing Users From The Command Line
If you don’t have a GUI on the Ubuntu system then we need to do things from the command line.
On Ubuntu systems and other Linux systems, the user information is stored in the /etc/passwd file. In the past this file represents login information including passwords hence the name passwd though this was superseded by password information being stored in /etc/shadow for additional security.
That said lets look into ways we can list Linux users from a command line also known as a shell.
Using the getent command it is possible to pull the /etc/passwd file without directly specifying the file like this example below:
getent passwd
That said it is the same output as using file using cat on the passwd file:
cat /etc/passwd
In the above commands we retreated the contents of the passwd file. Now lets go over how to read the contents.
Using the below user entry from the passwd file lets break down what is what.
example:x:1000:1000:example,,,:/home/example:/bin/bash
- User name: This is the name of the user.
- Password: The password field will contain an encrypted password or on modem systems a placeholder, ‘x’ indicating that the password is stored in the /etc/shadow file.
- User ID Number (UID): A numerical identifier for the user.
- Group ID Number (GID): The numerical identifier for the user’s primary group.
- GECOS: This field traditionally contains additional information about the user, such as the user’s full name, phone number, and other details. However, it is often left empty or contains minimal information.
- Home Directory: The absolute path to the user’s home directory
- Login Shell: The absolute path to the user’s default shell.
Sorting and Filtering
You may decide that you want to filter specific user information for readability or even scripting. Lets look at some examples of this.
Various commands to list all the Linux users by user names:
getent passwd | cut -d: -f1
cut -d: -f1 /etc/passwd
awk -F: '{print $1}' /etc/passwd
List normal users Linux users:
eval getent passwd {$(awk '/^UID_MIN/ {print $2}' /etc/login.defs)..$(awk '/^UID_MAX/ {print $2}' /etc/login.defs)}
List only the user names for normal users:
eval getent passwd {$(awk '/^UID_MIN/ {print $2}' /etc/login.defs)..$(awk '/^UID_MAX/ {print $2}' /etc/login.defs)} | cut -d: -f1
List user names with the assigned user shell of bin/bash:
grep '/bin/bash' /etc/passwd | cut -d: -f1
How Do I List Users Logged Users?
To list logged in users also known as active users the lets use the who command.
Here is an example of what this would look like.
- Displays the user name of each logged-in user.
- Shows the terminal type. In this case, pts/0 and pts/1 indicate pseudo-terminals, commonly associated with SSH or terminal emulators.
- Indicates the time when the user logged in.
- Displays the source of the connection, which can be an IP address, hostname, or tty.
Detailed User Information:
In addition to the basic user information covered earlier, it’s important to be aware of additional details related to user accounts. These details include account status, password status, and more.
Using The Chage Command
Using the chage command we can check an accounts expiration date, password expiration, and more of a specified user.
Here is an example of what this might look like.
Locked Accounts and Passwords
It is also possible to lock an account or password. To See if an account is locked you will want to use the passwd with the -S flag
passwd -S test
In this example the test account is locked. Though if you see LK in the second column it would mean the password is locked.
User Groups:
On creation of an account the user will be given a primary group this group unless otherwise specific will be the same as the accounts user name. That said it is still possible to add secondary user groups.
In this section we will look at checking group member ship, group membership for users are stored in the /etc/group folder but there are some utilities that can also be used to check groups and group memberships.
To see the normal groups that exist use:
groups
If you need to see the system groups use
getent group
If you want to see just one group:
getent group groupname
To see the groups a user is a part of use the following command:
id username
If you need to add/remove an assigned group there use the gpasswd command.
Conclusion
In conclusion, understanding user management on Ubuntu systems is vital for maintaining access control and ensuring system security. Understanding the distinctions between user types, utilizing graphical and command-line tools, and comprehending user group dynamics are key aspects. This guide provides a comprehensive overview of listing users, filtering information, and checking user details, catering to both GUI and command-line users.
Additional Resources
In addition to online resources some additional resources that you can be found in relation to user management on Ubuntu.
Ubuntu Desktop Docs
Ubuntu Server Docs
If you need help verifying what a specific command or flag does try the –help flag or man/info followed by the command.
Embracing a lifelong passion for technology since childhood, CJ delved into the intricate workings of systems, captivated by the desire to understand the unknown. This innate curiosity led to his discovery of Linux, a revelation that resonated deeply. With more than 7 years of on the job experience, he’s honed his technical skills as a Geek and Senior Linux Systems Administrator.
Leave a Reply