List Users In Linux
The short answer
In Unix-like operating systems, the [.inline-code]/etc/passwd[.inline-code] file is a text-database that stores essential information about user accounts such as their username, groups, home directory, and more.
To get the full list of users registered on the system, you can display this file using the [.inline-code]cat[.inline-code] command as follows:
Which will produce a similar output:
[#the-etc-passwd-file-format] Understanding the [.inline-code]/etc/passwd[.inline-code] file format [#the-etc-passwd-file-format]
Each line of the [.inline-code]/etc/passwd[.inline-code] file defines a user account and consists of 7 fields separated by colons ([.inline-code]:[.inline-code]):
Where:
- [.inline-code]username[.inline-code] is the name of the user account.
- [.inline-code]password[.inline-code] is the password of the user account, which is usually displayed as an [.inline-code]x[.inline-code] for security reasons. Note that the actual password is stored in the [.inline-code]/etc/shadow[.inline-code] file.
- [.inline-code]uid[.inline-code] or user ID is a unique numerical identifier assigned to each user.
- [.inline-code]gid[.inline-code] or group ID is the numerical identifier of the user’s primary group.
- [.inline-code]description[.inline-code] is an optional string providing additional information about the user like their full name or contact information.
- [.inline-code]home[.inline-code] is the path of the user's home directory (e.g., [.inline-code]/home/johndoe[.inline-code]).
- [.inline-code]shell[.inline-code] is the path of the user’s default login shell (e.g., [.inline-code]/bin/bash[.inline-code], [.inline-code]/bin/zsh[.inline-code]).
You can learn more about managing user accounts by reading our other article on how to create a user in Linux.
[#list-users-from-configured-databases] Listing users from configured databases [#list-users-from-configured-databases]
To get the list of user accounts defined in the [.inline-code]/etc/passwd[.inline-code] file as well as other configured user databases such as LDAP (Lightweight Directory Access Protocol) or NIS (Network Information Service), you can use the [.inline-code]getent passwd[.inline-code] as follows:
Note that the output of this command is similar to the format of the [.inline-code]/etc/passwd[.inline-code] file.
[#filter-user-information] Filtering user accounts information [#filter-user-information]
While both [.inline-code]cat /etc/passwd[.inline-code] and [.inline-code]getent passwd[.inline-code] provide the list of user accounts, they might include additional information you don’t necessarily need every time. Linux offers powerful tools like [.inline-code]cut[.inline-code] and [.inline-code]awk[.inline-code] to filter and extract specific details from the output.
[#list-usernames-only] Listing usernames only [#list-usernames-only]
To only retrieve the list of usernames registered on the system without any additional information, you can use the following [.inline-code]cut[.inline-code] command:
Where:
- The [.inline-code]-d[.inline-code] flag is used to split each line into separate tokens delimited by a colon character [.inline-code]:[.inline-code].
- The [.inline-code]-f1[.inline-code] flag is used to extract the first token from each line.
For example:
[#easily-recall-the-syntax-with-ai] Easily retrieve this command using Warp’s AI Command Suggestions [#easily-recall-the-syntax-with-ai]
If you’re using Warp as your terminal, you can easily retrieve this command using the Warp AI Command Suggestions feature:
Entering [.inline-code]linux list user names only[.inline-code] in the AI command search will prompt a command that can then be quickly inserted into your shell by doing [.inline-code]CMD+ENTER[.inline-code].
[#list-users-with-a-bash-shell] Listing users with a Bash shell [#list-users-with-a-bash-shell]
To retrieve the list of usernames registered on the system with Bash as their login shell, you can use the following [.inline-code]awk[.inline-code] command:
Where:
- [.inline-code]-F[.inline-code] is used to split each line into separate tokens delimited by a colon character [.inline-code]:[.inline-code].
- [.inline-code]$7=="/bin/bash"[.inline-code] is used as a condition to check whether the seventh field (i.e., the login shell path) matches the string [.inline-code]/bin/bash[.inline-code].
- [.inline-code]print $1[.inline-code] is used to print the first token (i.e., the username) from that line if the condition is met.
Note that you can easily adapt this command to filter usernames based on any shell by replacing [.inline-code]/bin/bash[.inline-code] with the path of the desired shell (e.g., [.inline-code]/bin/sh[.inline-code]).
For example:
[#list-groups-and-users] Listing groups and users [#list-groups-and-users]
Similar to the [.inline-code]/etc/passwd[.inline-code] file, the [.inline-code]/etc/group[.inline-code] file is a text-based database used for managing user accounts and group memberships.
To get the full list of groups and their related users, you can display this file using the [.inline-code]cat[.inline-code] command as follows:
Which will produce a similar output:
Alternatively, you can use the following [.inline-code]getent[.inline-code] command to also include group entries from external sources such as NIS or LDAP:
[#the-etc-group-file-format] Understanding the [.inline-code]/etc/group[.inline-code] file format [#the-etc-group-file-format]
Each line of the [.inline-code]/etc/group[.inline-code] file defines a group and consists of 4 fields separated by colons ([.inline-code]:[.inline-code]):
Where:
- [.inline-code]group[.inline-code] is the name of the group.
- [.inline-code]password[.inline-code] is used to implement privileged groups and is usually represented by an [.inline-code]x[.inline-code]. Note that the actual password is stored in the [.inline-code]/etc/gshadow[.inline-code] file.
- [.inline-code]gid[.inline-code] or group ID is a unique number used to identify the group.
- [.inline-code]usernames[.inline-code] is a comma-separated list of user account names.
[#list-group-memberships] Listing a user's group memberships [#list-group-memberships]
To get the list of groups a user is a member of, you can use the [.inline-code]groups[.inline-code] command as follows:
Where:
- [.inline-code]username[.inline-code] is the name of the user.
Which will output the list of groups in the form of a list separated by a space character.
For example:
[#list-sudo-users] Listing users with sudo access [#list-sudo-users]
To get the list of users with [.inline-code]sudo[.inline-code] access (i.e., root privileges), you can use the [.inline-code]getent[.inline-code] command as follows:
For example:
You can learn more about sudo users by reading our other article on how to add a user to sudoers in Linux.
[#list-active-users] Listing active users [#list-active-users]
Linux offers various means to monitor system activity and check which users are currently logged in or have active processes.
[#list-logged-in-users] Displaying the currently logged in users [#list-logged-in-users]
To display information about currently logged in users, including the login name, tty name, date and time of login, you can use the [.inline-code]who[.inline-code] command as follows:
For example:
[#display-users-activity] Displaying the current activity of logged in users [#display-users-activity]
To display information about the activity of currently logged in users, including their login name, the terminal name, the host from which the user logged in, the time since the user last typed anything, and the name and arguments of the current process, you can use the [.inline-code]w[.inline-code] command as follows:
For example:
[#show-users-last-logins] Retrieving the last logins of users [#show-users-last-logins]
This command looks through the [.inline-code]wtmp[.inline-code] file and prints a historical record of login events on your Linux system. This can be pretty helpful when you want to track down specific user logins or for security audits. You can use the command as follows:
For example: