(Last Updated On: September 7, 2019)

Introduction

Do you wan to List / Find users in a Linux system?. Once you have a running server with a given number of users logging into it. Sometimes it becomes necessary to get to know all the users that were created in the server for auditing purposes or just for the sake of scheduled house-keeping. In Linux, there are very interesting ways and utilities that you can ride on to get your users. The following are some of the most used ones.

Looking at the /etc/passwd file

After the creation of every user, their details are usually stored in the /etc/passwd file. This includes all users including system-related users like root and the like.

To view the file, just cat into it and you will get all of them. If the file is too long, pipe it into a less pager and peruse it like a boss! The first column will give you the names of your precious users.

$ sudo cat /etc/passwd

root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/usr/sbin/nologin
man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin

As you can guess, you can add filters to get the desired output. To list all users beginning with letter G, just pipe the cat command to grep and you will have your results.

$ sudo cat /etc/passwd | grep G

gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
Gorrety:x:1001:1001::/home/Gorrety:/bin/sh

Using getent command

The getent command displays entries from databases supported by the Name Service Switch libraries, which are configured in /etc/nsswitch.conf. If you check your /etc/nsswitch.conf, you will notice passwd is configured therein. Test it by running the below command. It should return all /etc/passwd entries.

$ sudo getent passwd

root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/usr/sbin/nologin
man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin

It can also be piped to grep for filteration. To return all entries containing letter t, do:

$ sudo getent passwd | grep t

root:x:0:0:root:/root:/bin/bash
www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
systemd-network:x:100:102:systemd Network Management,,,:/run/systemd/netif:/usr/sbin/nologin
systemd-resolve:x:101:103:systemd Resolver,,,:/run/systemd/resolve:/usr/sbin/nologin
messagebus:x:103:107::/nonexistent:/usr/sbin/nologin
_apt:x:104:65534::/nonexistent:/usr/sbin/nologin
pollinate:x:110:1::/var/cache/pollinate:/bin/false
tech:x:1000:1000:,,,:/home/tech:/usr/bin/zsh
Gorrety:x:1001:1001::/home/Gorrety:/bin/sh

To return entries for a specific user, do

$ sudo getent passwd Gorrety

Gorrety:x:1001:1001::/home/Gorrety:/bin/sh

Getent can list all users with their UID in a given range. For example, to list all users with UID from 900 to 2000, do:

$ sudo getent passwd {900..2000}

tech:x:1000:1000:,,,:/home/tech:/usr/bin/zsh
Gorrety:x:1001:1001::/home/Gorrety:/bin/sh

Using the users utility

users prints the user names of users currently logged in to the current host

$ sudo users
tech jkiiru jmwang root

Conclusion

Listing users will never be a problem anymore. Note that you can add other filters to the getent command to either list the first column of the file or whatever you would wish to achieve. The guide was a basic way to check the users in the system and we hope it was fun. Check out other interesting guides below:

How To use Linux chown command with examples

How to use scp command to securely transfer files with examples

Top 10 Free Backup software for Linux

netstat vs ss usage guide on Linux

How to use rsync command on Linux/Unix with examples

How To Change SSH Port on CentOS / RHEL & Fedora With SELinux