- How to list all groups a user is a member of
- What is primary group?
- What is secondary group?
- What is /etc/passwd file
- What is /etc/group file
- Method-1: Using groups command
- Method-2: Using id command
- Method-3: Using lid command
- Method-4: Using the getent command
- Method-5: Using the ‘/etc/group’ file
- Bonus Tip-1: Find out all groups using compgen command
- Bonus Tip-2: Listing members of a group using member command
- Closing Notes
- How to find out what group a given user has?
- 12 Ways to Find User Account Info and Login Details in Linux
- 1. id Command – Show User and Group IDs
- 2. groups Command – View User Group Memberships
- 3. finger Command – Show User Information
- 4. getent Command – Fetch User Info from System Database
- 5. grep Command – Search for Patterns or Specific Text in Files
- 6. lslogins Command – Display User Information in Linux
- 7. users Command – List Current Logged-In Users on Linux
- 8. who Command – Show Information Of Currently Logged-In Users
- 9. w Command – Show Currently Logged-In User Activity
- 10. last Command – Show Most Recent Login Session
- 11. lastb Command – Show Failed Login Attempts
- 12. lastlog Command – List User Login Information
How to list all groups a user is a member of
Before delving into the 5 ways, let’s first understand some basics:
Adding a user to an existing group is one of the typical tasks of a Linux administrator.
A group is a collection of users. The main purpose of the group is to define a set of privileges to their members within the group.
It can be a difficult task if you want to assign a set of privileges to multiple users without a group. This is where the group comes in handy.
All system users are listed in the /etc/passwd file, the groups are listed in the /etc/group file, and the actual password is stored in the /etc/shadow file.
No matter what command we use, it will fetch information from these files.
There are two types of groups in Linux:
What is primary group?
The primary group is the main group associated with the user account. Each user must be a member of a single primary group.
What is secondary group?
The secondary or supplementary group is used to grant additional rights to the user. Each user can become a member of multiple secondary groups.
What is /etc/passwd file
“/etc/passwd” is a text file containing every user information that is required to login to the Linux system. It maintains useful information about users such as username, password, user ID, group ID, user information, home directory and shell.
Each user profile in the password file is a single line with seven fields as shown below:
$ grep "daygeek" /etc/passwd daygeek:x:1000:1000:daygeek. /home/daygeek:/bin/bash
What is /etc/group file
“/etc/group” is a text file that defines which groups a user belongs to. We can add multiple users in the same group.
Linux has three permission levels which define how users can access it. These levels are user, group and others, which controls a users access to other users’ files and folders.
/etc/group file maintains useful information about the group such as group name, group password, group ID (GIT) and membership list. Each group details is shown in a single line with four fields as shown in the ‘method #5’ listed below.
The following seven commands will help you find out which groups a user belongs to in Linux.
- groups: Show All Members of a Group.
- id: Print user and group information for the specified username.
- lid or libuser-lid: It display user’s groups or group’s users.
- getent: Get entries from Name Service Switch libraries.
- compgen: compgen is bash built-in command and it will show all available commands for the user.
- members: List members of a group.
- /etc/group file: Also, we can grep the corresponding user’s groups from the /etc/group file.
Now let’s delve into the 5 methods which can be used to find the list of groups a user is part of in Linux:
Method-1: Using groups command
The ‘groups’ command is widely used by Linux admin to list all groups a user is a member of. It prints the information of the given user’s primary and supplementary groups as shown below:
$ groups daygeek daygeek : daygeek adm cdrom sudo dip plugdev lpadmin sambashare
Run ‘groups’ command without any arguments to display the list of groups associated with the current user as shown below:
$ groups daygeek adm cdrom sudo dip plugdev lpadmin sambashare
Method-2: Using id command
The id command stands for identity. It prints real and effective user, group, and supplementary group information such as username, UID, group names and GUID as shown below:
$ id daygeek uid=1000(daygeek) gid=1000(daygeek) groups=1000(daygeek),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),118(lpadmin),128(sambashare)
Just run the ‘id’ command to view group information about the current user as shown below:
$ id uid=1000(daygeek) gid=1000(daygeek) groups=1000(daygeek),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),118(lpadmin),128(sambashare)
Method-3: Using lid command
The lid or libuser-lid command displays information about groups containing user name, which requires sudo privileges.
You should run the libuser-lid command instead of the lid on newer systems.
$ sudo libuser-lid daygeek adm(gid=4) cdrom(gid=24) sudo(gid=27) dip(gid=30) plugdev(gid=46) lpadmin(gid=116) daygeek(gid=1000) sambashare(gid=126)
Method-4: Using the getent command
The getent command displays entries from databases supported by the Name Service Switch libraries, which are configured in ‘/etc/nsswitch.conf’:
$ getent group | grep daygeek adm:x:4:syslog,daygeek cdrom:x:24:daygeek sudo:x:27:daygeek,2gadmin dip:x:30:daygeek plugdev:x:46:daygeek lpadmin:x:116:daygeek daygeek:x:1000: sambashare:x:126:daygeek
The above command shows the group name and all other members associated with that group. Use the below customized command format to print only groups for a given user:
$ getent group | grep daygeek | awk -F: '' adm cdrom sudo dip plugdev lpadmin daygeek sambashare
Run the below command to print only the primary group information of the user:
$ getent group daygeek daygeek:x:1000:
Method-5: Using the ‘/etc/group’ file
User groups information can be filtered from the ‘/etc/group’ file using grep command as shown below:
$ grep daygeek /etc/group adm:x:4:syslog,daygeek cdrom:x:24:daygeek sudo:x:27:daygeek,2gadmin dip:x:30:daygeek plugdev:x:46:daygeek lpadmin:x:116:daygeek daygeek:x:1000: sambashare:x:126:daygeek
Use the below customized command format to print only groups for a given user:
$ grep daygeek /etc/group | awk -F: '' adm cdrom sudo dip plugdev lpadmin daygeek sambashare
Bonus Tip-1: Find out all groups using compgen command
Compgen is a bash built-in command that displays all groups in the Linux system:
$ compgen -g root daemon bin sys adm . . daygeek thanu renu sudha admin u1 u2
Bonus Tip-2: Listing members of a group using member command
The member command allows you to list members of a group in Linux:
$ members sudo daygeek 2gadmin
Closing Notes
In this guide, we have shown you several commands to list all groups a user is a member of in Linux.
If you have any questions or feedback, feel free to comment below.
How to find out what group a given user has?
This appears to be pretty useful as well. It has more verbose output than the ‘groups’ command, so if you need the group id/user id use this!
On Linux/OS X/Unix to display the groups to which you (or the optionally specified user) belong, use:
which is equivalent to groups [user] utility which has been obsoleted on Unix.
On OS X/Unix, the command id -p [user] is suggested for normal interactive.
Explanation on the parameters:
-G , —groups — print all group IDs
-n , —name — print a name instead of a number, for -ugG
-p — Make the output human-readable.
or just study /etc/groups (ok this does probably not work if it uses pam with ldap)
Below is the script which is integrated into ansible and generating dashboard in CSV format.
sh collection.sh #!/bin/bash HOSTNAME=`hostname -s` for i in `cat /etc/passwd| grep -vE "nologin|shutd|hal|sync|root|false"|awk -F':' '' | sed 's/[[:space:]]/,/g'`; do groups $i; done|sed s/\:/\,/g|tr -d ' '|sed -e "s/^/$HOSTNAME,/"> /tmp/"$HOSTNAME"_inventory.txt sudo cat /etc/sudoers| grep -v "^#"|awk ''|grep -v Defaults|sed '/^$/d;s/[[:blank:]]//g'>/tmp/"$HOSTNAME"_sudo.txt paste -d , /tmp/"$HOSTNAME"_inventory.txt /tmp/"$HOSTNAME"_sudo.txt|sed 's/,[[:blank:]]*$//g' >/tmp/"$HOSTNAME"_inventory_users.txt
My output stored in below text files.
cat /tmp/ANSIBLENODE_sudo.txt cat /tmp/ANSIBLENODE_inventory.txt cat /tmp/ANSIBLENODE_inventory_users.txt
12 Ways to Find User Account Info and Login Details in Linux
This article will show you useful ways to find information about users on a Linux system. Here we’ll describe commands to get a user’s account details, show login details as well what users are doing on the system.
If you want to add or create users in Linux, use the useradd command, and to modify or change any attributes of an already created user account, use the usermod command via the command line.
You might also like:
We’ll start by looking at 12 useful commands to find a user’s account information, then proceed to explain commands to view login details in the Linux system.
1. id Command – Show User and Group IDs
The id is a simple command line utility for displaying a real and effective user and group IDs identity information for the current user or specified user.
2. groups Command – View User Group Memberships
The groups command is used to display the group memberships for a user. It lists all the groups that a user belongs to, including both primary and supplementary groups.
3. finger Command – Show User Information
The finger command is used to search for information about a user on Linux, which includes detailed information about a specific user or a list of users, including their login name, real name, terminal, idle time, login time, and other relevant details.
The finger command doesn’t come pre-installed on many Linux distributions, you need to install it using your default package manager as shown.
$ sudo apt install finger [On Debian, Ubuntu and Mint] $ sudo yum install finger [On RHEL/CentOS/Fedora and Rocky/AlmaLinux] $ sudo emerge -a sys-apps/finger [On Gentoo Linux] $ sudo apk add finger [On Alpine Linux] $ sudo pacman -S finger [On Arch Linux] $ sudo zypper install finger [On OpenSUSE]
It shows a user’s real name; home directory; shell; login: name, time; and so much more as shown below.
4. getent Command – Fetch User Info from System Database
The getent command is used to retrieve information from various databases, including the system user and group databases. It can be used to retrieve information about users, groups, hosts, networks, protocols, and other system entities that are stored in database files like /etc/passwd, /etc/group, /etc/hosts, etc.
To get a user’s account details, use the passwd database and the username as follows.
5. grep Command – Search for Patterns or Specific Text in Files
The grep command is a powerful command used to search for patterns or specific text in files. It allows you to filter and extract lines from text based on matching patterns. The name “grep” stands for “Global Regular Expression Print“.
You might also like:
You can use grep to find information about a specific user from the system accounts file: /etc/passwd as shown below.
6. lslogins Command – Display User Information in Linux
The lslogins command shows information about known users in the system, which typically includes details such as the username, UID (User ID), GID (Group ID), home directory, shell, last login time, and more, depending on the options used and the system configuration.
$ lslogins -u tecmint $ lslogins -u
7. users Command – List Current Logged-In Users on Linux
The users command is used to display the list of currently logged-in users on the Linux system.
8. who Command – Show Information Of Currently Logged-In Users
The who command is used to display users who are logged on to the system, including the username, terminal, login time, and remote host from which the user is logged in.
9. w Command – Show Currently Logged-In User Activity
The w command shows a summary of the currently logged-in users and their activity, which displays the login session, including the username, terminal, login time, idle time, JCPU (total CPU time used by all processes), PCPU (CPU time used by the current process), and the command or process running on the terminal.
10. last Command – Show Most Recent Login Session
The last command displays a list of the most recent login sessions, which includes information about the users who have logged in, their login times, and the terminals or remote hosts they used for login.
To show all the users who were present at a specified time, use the -p option as follows.
11. lastb Command – Show Failed Login Attempts
The lastb command is used to display a list of the last failed login attempts on the system. It reads from the system log file that records failed login attempts, typically stored in /var/log/btmp.
12. lastlog Command – List User Login Information
lastlog command is used to find the details of the most recent login information for all users or a specific user on the system, which provides details about the last login time and location for each user.
$ lastlog OR $ lastlog -u tecmint
That’s it! If you know any other command-line trick or command to view user account details do share with us.
You might also like:
In this article, we’ve explained various ways to find information about users and login details on a Linux system. You can ask any questions or share your thoughts via the feedback form below.