View existing users

Understanding how to view details about all users on your Ubuntu system is essential for managing permissions and monitoring access. Let’s go through commands for identifying all users, checking privileges, and understanding what those privileges mean in terms of access and control over the system.

1. Viewing All Users on the System

  • /etc/passwd File:

    • The /etc/passwd file lists all users on the system, including system, application, and regular users. Each line represents a user entry.

    • To display this file, use:

      cat /etc/passwd

    • Each line in /etc/passwd has fields separated by colons (:), containing:

      • Username: The account name.

      • Password Placeholder: Typically an x, meaning the actual password is stored in /etc/shadow.

      • User ID (UID): A unique ID for the user. Standard users generally have UIDs above 1000.

      • Group ID (GID): The primary group ID for the user.

      • User Info: A description field, often left blank or used for a real name.

      • Home Directory: The user’s home directory.

      • Default Shell: The shell used when the user logs in.

  • getent Command:

    • The getent command retrieves entries from various system databases configured in /etc/nsswitch.conf, including the passwd database, which lists users.

    • To list all users using getent:

      getent passwd

    • This command is helpful in network environments where users might be stored in a network directory service like LDAP.

  • cut Command to Display Only Usernames:

    • For a quick list of usernames only, you can extract the first field (username) from /etc/passwd:

      cut -d: -f1 /etc/passwd

2. Viewing Currently Logged-In Users

  • who Command:

    • The who command lists all users currently logged into the system, displaying their login terminals, login times, and IP addresses if they are remote logins.

    • To view logged-in users:

  • w Command:

    • The w command provides a summary of logged-in users along with what they are currently doing, their login time, and the processes they are running.

    • To see detailed information about each logged-in user:

    • This command is useful for checking activity, as it includes information on CPU and memory usage for each user’s session.

  • users Command:

    • For a quick list of logged-in usernames only, use:

    • This command simply lists usernames without additional information.

3. Checking User Privileges

  • id Command:

    • The id command displays the UID, GID, and group memberships for a specified user.

    • To check privileges of a specific user:

    • Example:

    • Explanation:

      • UID (User ID): Identifies the user. Root has a UID of 0, while regular users have UIDs above 1000.

      • GID (Group ID): Identifies the primary group of the user.

      • Groups: Lists all groups the user belongs to, showing the user’s permissions.

  • groups Command:

    • The groups command lists all groups a specific user is a part of, which is essential for understanding permissions.

    • To see groups for a specific user:

    • Example:

    • Explanation of Group Privileges:

      • Group membership controls file and directory access, as each file has permissions set for the owner, group, and others.

      • If a user belongs to the sudo group, they can execute commands as the root user by using sudo.

  • sudoers File:

    • The /etc/sudoers file defines which users and groups have sudo (superuser) privileges.

    • To safely edit the sudoers file, use:

    • This file contains rules for users and groups, including which commands they are allowed to execute with sudo.

4. Understanding User Privileges and Access Control

  • Basic Privileges:

    • Read (r): Allows viewing the content of a file or listing files in a directory.

    • Write (w): Permits modifying or deleting a file, or adding/removing files in a directory.

    • Execute (x): Enables running a file as a program or accessing a directory.

  • User, Group, and Others Permissions:

    • Each file or directory has permissions for the user (owner), group, and others. For example:

    • This indicates:

      • Owner (user) has rwx (read, write, execute) permissions.

      • Group has r-x (read and execute) permissions.

      • Others have r-- (read-only) permissions.

  • Sudo Privileges:

    • Users in the sudo group can execute commands as the root user, gaining temporary administrative access.

    • To see if a user has sudo access, check if they are in the sudo group:

  • Special Permissions:

    • Root Privileges: The root user (UID 0) has full access to all files, directories, and commands. Only users with sudo privileges can execute commands as root.

    • SUID/SGID: Files can have special permissions like Set UID (SUID) and Set GID (SGID), which allow users to execute files with the permissions of the file’s owner or group.

    • Sticky Bit: Commonly used on directories like /tmp, the sticky bit restricts file deletion within a directory so only the file’s owner or root can delete it.

Summary of Commands

  1. View All Users:

    • /etc/passwd: cat /etc/passwd

    • getent passwd: Retrieve user list from system databases.

  2. View Logged-In Users:

    • who: Lists current logins.

    • w: Provides user activity and system usage.

    • users: Quick list of logged-in usernames.

  3. Check User Privileges:

    • id <username>: Shows UID, GID, and groups.

    • groups <username>: Lists groups and access levels.

This information should give you a solid foundation in understanding users, sessions, and permissions in Ubuntu. Let me know if you want further details on any specific area!

PreviousUser ManagementNextCreating/Deleting Users

Last updated