The Linux operating system offers commands to create and delete users and check which ones are connected. However, there is no command to list the users, logged in or not, on the system.
Still, there are a couple of ways to do it. If you want to learn how to list users in Linux, follow our steps below.
Why you should check your user list on Linux
There are a number of reasons why you might want to list users on Linux. For one thing, it’s good practice in terms of finding and deleting unused accounts. From a security point of view, it’s also a good way to make sure there are no intruders creating user accounts.
This is an administrative task that you should probably do at least once a month. If you’re running a corporate Linux server, you may want to do this more often.
Users listed in /etc/passwd
All user accounts on your Linux server have entries in the file /etc/passwd. Each line represents a user, and has seven fields separated by colons. The fields provide information about the user.
- Username.
- Encrypted password (x indicates that the password is actually in /etc/shadow)
- User identification number (UID).
- User group identification number (GID).
- User’s full name, if listed.
- User’s personal directory.
- Login shell
This brings us to a way to list all users in Linux. You can use the less command to view the entire file, one screen at a time.
less /etc/passwd
If you want to check if a particular user exists on the Linux system, that is a good use of the command grep:
less passwd | grep jeff
If you don’t get any output, that user doesn’t exist on the Linux server.
Still, it’s a lot of information. You can reduce it to just the username, for example, using the commands wow or cut:
awk -F: '{print $1}' /etc/passwd
cut -d: -f1 /etc/passwd
This tends to be much easier to understand, but still lets you see all system-based user accounts mixed in with your human users.
How to use getent to list users
another command, getent, it is much more useful. Shows the entries of any configured database in the File /etc/nsswitch.conf from your server. One of them is database. passwd. To use getent to display a list of all Linux users, it works like this:
getent passwdThe output is exactly the same as using the command less, but it lists any LDAP users on the Linux system. Once again, our commands wow and cut it may help to see only the first field, the usernames.
If you want to check if a particular user exists on the Linux system, getent makes it easy:
getent passwd jeff
Again, the absence of output from this command tells you that the user does not exist.
Another great use of getent is to find out how many user accounts exist on the server. This is done by piping the output of getent via command toilet, So:
getent passwd | wc -l
As you can see, my Linux system has a total of 48 accounts. Quite interesting as I’m the only one using it, but that just goes to show how many system accounts are created on Linux.
Separate system users from normal users
In the eyes of Linux, there is no difference between a system user and a human user. Every time the operating system is installed, a number of system users are created. Other system users are created for various packages, such as mail or web services software.
So how can you list only normal human users on Linux system? The key here is to understand that when you create a normal user, their UID is assigned within a certain range of numbers. Checking the file /etc/login.defswe can determine the range of UID values available to normal user accounts.
grep -E '^UID_MIN|^UID_MAX' /etc/login.defs
Based on the output I know that normal users should have a UID between 1000 and 60000. From this I can build a query getent which will only show normal users.
getent passwd {1000..60000}
Note that getent it will seem to hang even after showing its output. can press Ctrl-C to finish the process, or wait until it finishes. It typically takes less than 15 seconds to complete the database lookup. passwd.
A more generic version of this command takes into account the different values UID_MIN and UID_MAX that can be used by different servers.
eval getent passwd {$(awk '/^UID_MIN/ {print $2}' /etc/login.defs)..$(awk '/^UID_MAX/ {print $2}' /etc/login.defs)}
In that command, we’re taking advantage of Linux’s ability to do multiple things at once. The commands wow get the values UID_MIN and UID_MAXand then use them inside the command getent.
Now, let’s say all we want are usernames. Once again, we pipe our output through the command cut, So:
eval getent passwd {$(awk '/^UID_MIN/ {print $2}' /etc/login.defs)..$(awk '/^UID_MAX/ {print $2}' /etc/login.defs)} | cut -d: -f1
This command may take 10-15 seconds to complete, so please be patient.
Efficient management of Linux users
It is important to keep track of the user accounts that exist on your Linux system. When you know an employee has left, quickly delete their user account. Making a regular list of Linux users will help ensure that you capture any accounts left behind.
