Linux Command: List All Users In The System

by on April 9, 2012 · 15 comments· LAST UPDATED April 10, 2012

in

I'm a new Linux sys admin and I'm unable to find the command to list all users on my RHEL server. What is the command to list users under Linux operating systems?

/etc/passwd file contains one line for each user account, with seven fields delimited by colons. This is a text file. You can easily list users using the cat command as follows:
$ cat /etc/passwd
Sample outputs:

root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
....
..
...

OR use pages as follows to view /etc/passwd file:
$ more /etc/passwd
$ less /etc/passwd

Sample outputs:

Centos / RHEL /  Fedora / Debian / Ubuntu List Users Command

Fig.01: List users using /etc/passwd


All fields are separated by a colon (:) symbol. Total seven fields exists. The first field is username. It is used when user logs in. It should be between 1 and 32 characters in length.

Task: Linux List Users Command

To list only usernames type the following awk command:
$ awk -F':' '{ print $1}' /etc/passwd
Sample outputs:

root
daemon
bin
sys
sync
games
man
lp
mail
news
....
..
..hplip
vivek
bind
haldaemon
sshd
mysql
radvd

A Note About System and General Users

Each user has numerical user ID called UID. It is defined in /etc/passwd file. The UID for each user is automatically selected using /etc/login.defs file when you use useradd command. To see current value, enter:
$ grep "^UID_MIN" /etc/login.defs
$ grep UID_MIN /etc/login.defs

Sample outputs:

UID_MIN			 1000
#SYS_UID_MIN		  100

1000 is minimum values for automatic uid selection in useradd command. In other words all normal system users must have UID >= 1000 and only those users are allowed to login into system if shell is bash/csh/tcsh/ksh etc as defined /etc/shells file. Type the following command to list all login users:

 
## get UID limit ##
l=$(grep "^UID_MIN" /etc/login.defs)
## use awk to print if UID >= $UID_LIMIT ##
awk -F':' -v "limit=${l##UID_MIN}" '{ if ( $3 >= limit ) print $1}' /etc/passwd
 

To see maximum values for automatic uid selection in useradd command, enter:
awk -F':' -v "min=${l##UID_MIN}" -v "max=${l1##UID_MAX}" '{ if ( $3 >= min && $3 <= max ) print $0}' /etc/passwd
$ grep "^UID_MAX" /etc/login.defs
Sample outputs:

UID_MAX			60000

In other words all normal system users must have UID >= 1000 (MIN) and UID <= 60000 (MAX) and only those users are allowed to login into system if shell is bash/csh/tcsh/ksh etc as defined /etc/shells file. Here is an updated code:

 
## get mini UID limit ##
l=$(grep "^UID_MIN" /etc/login.defs)
 
## get max UID limit ##
l1=$(grep "^UID_MAX" /etc/login.defs)
 
## use awk to print if UID >= $MIN and UID <= $MAX   ##
awk -F':' -v "min=${l##UID_MIN}" -v "max=${l1##UID_MAX}" '{ if ( $3 >= min && $3 <= max ) print $0}' /etc/passwd
 

Sample outputs:

vivek:x:500:500::/home/vivek:/bin/bash
raj:x:501:501::/home/raj:/bin/ksh
ash:x:502:502::/home/ash:/bin/zsh
jadmin:x:503:503::/home/jadmin:/bin/sh
jwww:x:504:504::/htdocs/html:/sbin/nologin
wwwcorp:x:505:505::/htdocs/corp:/sbin/nologin
wwwint:x:506:506::/htdocs/intranet:/bin/bash
scpftp:x:507:507::/htdocs/ftpjail:/bin/bash
rsynftp:x:508:508::/htdocs/projets:/bin/bash
mirror:x:509:509::/htdocs:/bin/bash
jony:x:510:510::/home/jony:/bin/ksh
amyk:x:511:511::/home/amyk:/bin/ksh

/sbin/nologin is used to politely refuse a login i.e. /sbin/nologin displays a message that an account is not available and exits non-zero. It is intended as a replacement shell field for accounts that have been disabled or you do not want user to login into system using ssh. To filter /sbin/nologin, enter:

#!/bin/bash
# Name: listusers.bash
# Purpose: List all normal user accounts in the system. Tested on RHEL / Debian Linux
# Author: Vivek Gite <www.cyberciti.biz>, under GPL v2.0+
# -----------------------------------------------------------------------------------
_l="/etc/login.defs"
_p="/etc/passwd"
 
## get mini UID limit ##
l=$(grep "^UID_MIN" $_l)
 
## get max UID limit ##
l1=$(grep "^UID_MAX" $_l)
 
## use awk to print if UID >= $MIN and UID <= $MAX and shell is not /sbin/nologin   ##
awk -F':' -v "min=${l##UID_MIN}" -v "max=${l1##UID_MAX}" '{ if ( $3 >= min && $3 <= max  && $7 != "/sbin/nologin" ) "$_p"

Sample outputs:

vivek:x:500:500::/home/vivek:/bin/bash
raj:x:501:501::/home/raj:/bin/ksh
ash:x:502:502::/home/ash:/bin/zsh
jadmin:x:503:503::/home/jadmin:/bin/sh
wwwint:x:506:506::/htdocs/intranet:/bin/bash
scpftp:x:507:507::/htdocs/ftpjail:/bin/bash
rsynftp:x:508:508::/htdocs/projets:/bin/bash
mirror:x:509:509::/htdocs:/bin/bash
jony:x:510:510::/home/jony:/bin/ksh
amyk:x:511:511::/home/amyk:/bin/ksh

Finally, this script lists both system and users accounts:

 
#!/bin/bash
# Name: listusers.bash
# Purpose: List all normal user and system accounts in the system. Tested on RHEL / Debian Linux
# Author: Vivek Gite <www.cyberciti.biz>, under GPL v2.0+
# -----------------------------------------------------------------------------------
_l="/etc/login.defs"
_p="/etc/passwd"
 
## get mini UID limit ##
l=$(grep "^UID_MIN" $_l)
 
## get max UID limit ##
l1=$(grep "^UID_MAX" $_l)
 
## use awk to print if UID >= $MIN and UID <= $MAX and shell is not /sbin/nologin   ##
echo "----------[ Normal User Accounts ]---------------"
awk -F':' -v "min=${l##UID_MIN}" -v "max=${l1##UID_MAX}" '{ if ( $3 >= min && $3 <= max  && $7 != "/sbin/nologin" ) print $0 }' "$_p"
 
 
 
echo ""
echo "----------[ System User Accounts ]---------------"
awk -F':' -v "min=${l##UID_MIN}" -v "max=${l1##UID_MAX}" '{ if ( !($3 >= min && $3 <= max  && $7 != "/sbin/nologin")) print $0 }' "$_p"
 

Sample outputs:

----------[ Normal User Accounts ]---------------
vivek:x:500:500::/home/vivek:/bin/bash
raj:x:501:501::/home/raj:/bin/ksh
ash:x:502:502::/home/ash:/bin/zsh
jadmin:x:503:503::/home/jadmin:/bin/sh
wwwint:x:506:506::/htdocs/intranet:/bin/bash
scpftp:x:507:507::/htdocs/ftpjail:/bin/bash
rsynftp:x:508:508::/htdocs/projets:/bin/bash
mirror:x:509:509::/htdocs:/bin/bash
jony:x:510:510::/home/jony:/bin/ksh
amyk:x:511:511::/home/amyk:/bin/ksh
----------[ System User Accounts ]---------------
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
abrt:x:173:173::/etc/abrt:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
saslauth:x:499:499:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
tcpdump:x:72:72::/:/sbin/nologin
mysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bash
memcached:x:498:496:Memcached daemon:/var/run/memcached:/sbin/nologin
squid:x:23:23::/var/spool/squid:/sbin/nologin
rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 15 comments… read them below or add one }

1 John Eisenhower April 10, 2012 at 12:02 am

I would change it to `cat /etc/passwd | grep -v nologin` which gives a clearer view into which users can actually login and execute.

Reply

2 nixCraft April 10, 2012 at 2:09 pm

Thanks for the feedback! The faq has been updated with more info.

Reply

3 Carlos Ruiz July 17, 2013 at 7:19 pm

This is one of the most common mistakes of unexperimented people on UNIX-like utilities. Instead of ‘cat $file | grep $pattern’ you should use ‘grep $pattern $file’ which is much clearer and allows for easier sudoing.

Nevertheless, I’ll take note of the ‘nologin’ advice. Thanks!

Reply

4 Claudio Nanni April 10, 2012 at 5:16 pm

I would also have a look at:

last
lastb
lastlog

quite interesting commands on users activity on a host.

Claudio

Reply

5 nixCraft April 10, 2012 at 5:28 pm

Good call. Appreciate your comment.

Reply

6 marc May 4, 2012 at 7:07 am

ldap enviroment, whats about:
# getent passwd |egrep -v ‘nologin|false’
i recommend this to get a userlist

Reply

7 maarten May 22, 2012 at 5:35 pm

The ldap and nis scenarios for centralized login administration are omitted here.

The local passwd file may be just the tip of the login iceberg if either of those is set in
/etc/nsswitch.conf

For example:
# ypcat passwd
would be the common command if nis is set up.

Reply

8 Luís Pedro Algarvio May 22, 2013 at 12:31 am

new version, with columns

#!/bin/bash
# Name: listusers.bash
# Purpose: List all normal user and system accounts in the system. Tested on RHEL / Debian Linux
# Author: Vivek Gite , under GPL v2.0+
# http://www.cyberciti.biz/faq/linux-list-users-command/
# ———————————————————————————–
_l=”/etc/login.defs”
_p=”/etc/passwd”

## get mini UID limit ##
l=$(grep “^UID_MIN” $_l)

## get max UID limit ##
l1=$(grep “^UID_MAX” $_l)

## use awk to print if UID >= $MIN and UID = min && $3 = min && $3 <= max && $7 != "/sbin/nologin" ) printf "%-15s %-5s %-5s %-25s %-10sn", $1, $3, $4, $6, $7 }' "$_p"

echo " "

## use awk to print if UID $MAX ##
echo “—————————-[ System User Accounts ]—————————”
printf “%-15s %-5s %-5s %-25s %-10sn” “Login” “UID” “GID” “Home” “Shell”
echo “——————————————————————————-”
#awk -F’:’ -v “min=${l##UID_MIN}” -v “max=${l1##UID_MAX}” ‘{ if ( !( $3 >= min && $3 = min && $3 <= max && $7 != "/sbin/nologin" ) ) printf "%-15s %-5s %-5s %-25s %-10sn", $1, $3, $4, $6, $7 }' "$_p"

Reply

9 Luís Pedro Algarvio May 22, 2013 at 12:32 am

and a group list script

#!/bin/bash
# Name: listgroups.bash
# Purpose: List all normal user and system groups in the system. Tested on RHEL / Debian Linux
# Author: Vivek Gite , under GPL v2.0+
# http://www.cyberciti.biz/faq/linux-list-users-command/
# ———————————————————————————–
_l=”/etc/login.defs”
_g=”/etc/group”

## get mini GID limit ##
l=$(grep “^GID_MIN” $_l)

## get max GID limit ##
l1=$(grep “^GID_MAX” $_l)

## use awk to print if GID >= $MIN and GID = min && $3 = min && $3 <= max ) printf "%-15s %-5s %-10sn", $1, $3, $4 }' "$_g"

echo " "

## use awk to print if GID $MAX ##
echo “—————————–[ System User Groups ]—————————-”
printf “%-15s %-5s %-10sn” “Group” “GID” “Logins”
echo “——————————————————————————-”
#awk -F’:’ -v “min=${l##GID_MIN}” -v “max=${l1##GID_MAX}” ‘{ if ( !( $3 >= min && $3 = min && $3 <= max ) ) printf "%-15s %-5s %-10sn", $1, $3, $4 }' "$_g"

Reply

10 Luís Pedro Algarvio May 22, 2013 at 12:34 am

humm looks like it got cut.

drop me an email and ill send both scripts

Reply

11 theresa May 29, 2013 at 8:56 am

hi there,

great script, really helps me a lot, and it’s also very well documented! great work!

however, since i’m a newbie when it comes to shell scripting, how do I direct the output from stdout into a file?
I’ve found something like this:
2>&1 | tee -a users.txt

but somehow this doesn’t quite work :(

any help would be appreciated!

thanks!

Reply

12 Tyler June 14, 2013 at 3:17 am

Redirect the output to a file with the first command and then append the second command output:


## use awk to print if UID >= $MIN and UID /tmp/userlist
awk -F’:’ -v “min=${l##UID_MIN}” -v “max=${l1##UID_MAX}” ‘{ if ( $3 >= min && $3 > /tmp/userlist

echo “” >> /tmp/userlist
echo “———-[ System User Accounts ]—————” >> /tmp/userlist
awk -F’:’ -v “min=${l##UID_MIN}” -v “max=${l1##UID_MAX}” ‘{ if ( !($3 >= min && $3 > /tmp/userlist

Reply

13 rk September 8, 2013 at 3:09 am

can some body help me with the following question?

Find the number of users on your system whose user ids are greater than 8?

Reply

14 Liviu September 13, 2013 at 7:55 am

Thanks. Short and to the point.

Reply

15 Sanchit March 19, 2014 at 2:58 pm

Can even use this!
cat /etc/passwd | grep “/home/” | awk -F’:’ ‘{ print $1}’

Reply

Leave a Comment

Tagged as: , , , , , , , , , , , , , , , , , , , , , ,

Previous Faq:

Next Faq: