≡ Menu

Linux Command: List All Users In The System

I'm a new Linux sys admin and I'm unable to find the command to list all users on my RHEL server. What is the command to list users under Linux operating systems?

/etc/passwd file contains one line for each user account, with seven fields delimited by colons. This is a text file. You can easily list users using the cat command as follows:
$ cat /etc/passwd
Sample outputs:

root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
....
..
...

OR use pages as follows to view /etc/passwd file:
$ more /etc/passwd
$ less /etc/passwd

Sample outputs:

Centos / RHEL /  Fedora / Debian / Ubuntu List Users Command

Fig.01: List users using /etc/passwd


All fields are separated by a colon (:) symbol. Total seven fields exists. The first field is username. It is used when user logs in. It should be between 1 and 32 characters in length.

Task: Linux List Users Command

To list only usernames type the following awk command:
$ awk -F':' '{ print $1}' /etc/passwd
Sample outputs:

root
daemon
bin
sys
sync
games
man
lp
mail
news
....
..
..hplip
vivek
bind
haldaemon
sshd
mysql
radvd

A Note About System and General Users

Each user has numerical user ID called UID. It is defined in /etc/passwd file. The UID for each user is automatically selected using /etc/login.defs file when you use useradd command. To see current value, enter:
$ grep "^UID_MIN" /etc/login.defs
$ grep UID_MIN /etc/login.defs

Sample outputs:

UID_MIN			 1000
#SYS_UID_MIN		  100

1000 is minimum values for automatic uid selection in useradd command. In other words all normal system users must have UID >= 1000 and only those users are allowed to login into system if shell is bash/csh/tcsh/ksh etc as defined /etc/shells file. Type the following command to list all login users:

 
## get UID limit ##
l=$(grep "^UID_MIN" /etc/login.defs)
## use awk to print if UID >= $UID_LIMIT ##
awk -F':' -v "limit=${l##UID_MIN}" '{ if ( $3 >= limit ) print $1}' /etc/passwd
 

To see maximum values for automatic uid selection in useradd command, enter:
awk -F':' -v "min=${l##UID_MIN}" -v "max=${l1##UID_MAX}" '{ if ( $3 >= min && $3 <= max ) print $0}' /etc/passwd
$ grep "^UID_MAX" /etc/login.defs
Sample outputs:

UID_MAX			60000

In other words all normal system users must have UID >= 1000 (MIN) and UID <= 60000 (MAX) and only those users are allowed to login into system if shell is bash/csh/tcsh/ksh etc as defined /etc/shells file. Here is an updated code:

 
## get mini UID limit ##
l=$(grep "^UID_MIN" /etc/login.defs)
 
## get max UID limit ##
l1=$(grep "^UID_MAX" /etc/login.defs)
 
## use awk to print if UID >= $MIN and UID <= $MAX   ##
awk -F':' -v "min=${l##UID_MIN}" -v "max=${l1##UID_MAX}" '{ if ( $3 >= min && $3 <= max ) print $0}' /etc/passwd
 

Sample outputs:

vivek:x:500:500::/home/vivek:/bin/bash
raj:x:501:501::/home/raj:/bin/ksh
ash:x:502:502::/home/ash:/bin/zsh
jadmin:x:503:503::/home/jadmin:/bin/sh
jwww:x:504:504::/htdocs/html:/sbin/nologin
wwwcorp:x:505:505::/htdocs/corp:/sbin/nologin
wwwint:x:506:506::/htdocs/intranet:/bin/bash
scpftp:x:507:507::/htdocs/ftpjail:/bin/bash
rsynftp:x:508:508::/htdocs/projets:/bin/bash
mirror:x:509:509::/htdocs:/bin/bash
jony:x:510:510::/home/jony:/bin/ksh
amyk:x:511:511::/home/amyk:/bin/ksh

/sbin/nologin is used to politely refuse a login i.e. /sbin/nologin displays a message that an account is not available and exits non-zero. It is intended as a replacement shell field for accounts that have been disabled or you do not want user to login into system using ssh. To filter /sbin/nologin, enter:

#!/bin/bash
# Name: listusers.bash
# Purpose: List all normal user accounts in the system. Tested on RHEL / Debian Linux
# Author: Vivek Gite <www.cyberciti.biz>, under GPL v2.0+
# -----------------------------------------------------------------------------------
_l="/etc/login.defs"
_p="/etc/passwd"
 
## get mini UID limit ##
l=$(grep "^UID_MIN" $_l)
 
## get max UID limit ##
l1=$(grep "^UID_MAX" $_l)
 
## use awk to print if UID >= $MIN and UID <= $MAX and shell is not /sbin/nologin   ##
awk -F':' -v "min=${l##UID_MIN}" -v "max=${l1##UID_MAX}" '{ if ( $3 >= min && $3 <= max  && $7 != "/sbin/nologin" ) "$_p"

Sample outputs:

vivek:x:500:500::/home/vivek:/bin/bash
raj:x:501:501::/home/raj:/bin/ksh
ash:x:502:502::/home/ash:/bin/zsh
jadmin:x:503:503::/home/jadmin:/bin/sh
wwwint:x:506:506::/htdocs/intranet:/bin/bash
scpftp:x:507:507::/htdocs/ftpjail:/bin/bash
rsynftp:x:508:508::/htdocs/projets:/bin/bash
mirror:x:509:509::/htdocs:/bin/bash
jony:x:510:510::/home/jony:/bin/ksh
amyk:x:511:511::/home/amyk:/bin/ksh

Finally, this script lists both system and users accounts:

 
#!/bin/bash
# Name: listusers.bash
# Purpose: List all normal user and system accounts in the system. Tested on RHEL / Debian Linux
# Author: Vivek Gite <www.cyberciti.biz>, under GPL v2.0+
# -----------------------------------------------------------------------------------
_l="/etc/login.defs"
_p="/etc/passwd"
 
## get mini UID limit ##
l=$(grep "^UID_MIN" $_l)
 
## get max UID limit ##
l1=$(grep "^UID_MAX" $_l)
 
## use awk to print if UID >= $MIN and UID <= $MAX and shell is not /sbin/nologin   ##
echo "----------[ Normal User Accounts ]---------------"
awk -F':' -v "min=${l##UID_MIN}" -v "max=${l1##UID_MAX}" '{ if ( $3 >= min && $3 <= max  && $7 != "/sbin/nologin" ) print $0 }' "$_p"
 
 
 
echo ""
echo "----------[ System User Accounts ]---------------"
awk -F':' -v "min=${l##UID_MIN}" -v "max=${l1##UID_MAX}" '{ if ( !($3 >= min && $3 <= max  && $7 != "/sbin/nologin")) print $0 }' "$_p"
 

Sample outputs:

----------[ Normal User Accounts ]---------------
vivek:x:500:500::/home/vivek:/bin/bash
raj:x:501:501::/home/raj:/bin/ksh
ash:x:502:502::/home/ash:/bin/zsh
jadmin:x:503:503::/home/jadmin:/bin/sh
wwwint:x:506:506::/htdocs/intranet:/bin/bash
scpftp:x:507:507::/htdocs/ftpjail:/bin/bash
rsynftp:x:508:508::/htdocs/projets:/bin/bash
mirror:x:509:509::/htdocs:/bin/bash
jony:x:510:510::/home/jony:/bin/ksh
amyk:x:511:511::/home/amyk:/bin/ksh
----------[ System User Accounts ]---------------
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
abrt:x:173:173::/etc/abrt:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
saslauth:x:499:499:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
tcpdump:x:72:72::/:/sbin/nologin
mysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bash
memcached:x:498:496:Memcached daemon:/var/run/memcached:/sbin/nologin
squid:x:23:23::/var/spool/squid:/sbin/nologin
rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
Tweet itFacebook itGoogle+ itPDF itFound an error/typo on this page?

{ 21 comments… add one }

  • John Eisenhower April 10, 2012, 12:02 am

    I would change it to `cat /etc/passwd | grep -v nologin` which gives a clearer view into which users can actually login and execute.

    • nixCraft April 10, 2012, 2:09 pm

      Thanks for the feedback! The faq has been updated with more info.

    • Carlos Ruiz July 17, 2013, 7:19 pm

      This is one of the most common mistakes of unexperimented people on UNIX-like utilities. Instead of ‘cat $file | grep $pattern’ you should use ‘grep $pattern $file’ which is much clearer and allows for easier sudoing.

      Nevertheless, I’ll take note of the ‘nologin’ advice. Thanks!

  • Claudio Nanni April 10, 2012, 5:16 pm

    I would also have a look at:

    last
    lastb
    lastlog

    quite interesting commands on users activity on a host.

    Claudio

  • marc May 4, 2012, 7:07 am

    ldap enviroment, whats about:
    # getent passwd |egrep -v ‘nologin|false’
    i recommend this to get a userlist

  • maarten May 22, 2012, 5:35 pm

    The ldap and nis scenarios for centralized login administration are omitted here.

    The local passwd file may be just the tip of the login iceberg if either of those is set in
    /etc/nsswitch.conf

    For example:
    # ypcat passwd
    would be the common command if nis is set up.

  • Luís Pedro Algarvio May 22, 2013, 12:31 am

    new version, with columns

    #!/bin/bash
    # Name: listusers.bash
    # Purpose: List all normal user and system accounts in the system. Tested on RHEL / Debian Linux
    # Author: Vivek Gite , under GPL v2.0+
    # http://www.cyberciti.biz/faq/linux-list-users-command/
    # ———————————————————————————–
    _l=”/etc/login.defs”
    _p=”/etc/passwd”

    ## get mini UID limit ##
    l=$(grep “^UID_MIN” $_l)

    ## get max UID limit ##
    l1=$(grep “^UID_MAX” $_l)

    ## use awk to print if UID >= $MIN and UID = min && $3 = min && $3 <= max && $7 != "/sbin/nologin" ) printf "%-15s %-5s %-5s %-25s %-10sn", $1, $3, $4, $6, $7 }' "$_p"

    echo " "

    ## use awk to print if UID $MAX ##
    echo “—————————-[ System User Accounts ]—————————”
    printf “%-15s %-5s %-5s %-25s %-10sn” “Login” “UID” “GID” “Home” “Shell”
    echo “——————————————————————————-”
    #awk -F':’ -v “min=${l##UID_MIN}” -v “max=${l1##UID_MAX}” ‘{ if ( !( $3 >= min && $3 = min && $3 <= max && $7 != "/sbin/nologin" ) ) printf "%-15s %-5s %-5s %-25s %-10sn", $1, $3, $4, $6, $7 }' "$_p"

  • Luís Pedro Algarvio May 22, 2013, 12:32 am

    and a group list script

    #!/bin/bash
    # Name: listgroups.bash
    # Purpose: List all normal user and system groups in the system. Tested on RHEL / Debian Linux
    # Author: Vivek Gite , under GPL v2.0+
    # http://www.cyberciti.biz/faq/linux-list-users-command/
    # ———————————————————————————–
    _l=”/etc/login.defs”
    _g=”/etc/group”

    ## get mini GID limit ##
    l=$(grep “^GID_MIN” $_l)

    ## get max GID limit ##
    l1=$(grep “^GID_MAX” $_l)

    ## use awk to print if GID >= $MIN and GID = min && $3 = min && $3 <= max ) printf "%-15s %-5s %-10sn", $1, $3, $4 }' "$_g"

    echo " "

    ## use awk to print if GID $MAX ##
    echo “—————————–[ System User Groups ]—————————-”
    printf “%-15s %-5s %-10sn” “Group” “GID” “Logins”
    echo “——————————————————————————-”
    #awk -F':’ -v “min=${l##GID_MIN}” -v “max=${l1##GID_MAX}” ‘{ if ( !( $3 >= min && $3 = min && $3 <= max ) ) printf "%-15s %-5s %-10sn", $1, $3, $4 }' "$_g"

  • Luís Pedro Algarvio May 22, 2013, 12:34 am

    humm looks like it got cut.

    drop me an email and ill send both scripts

  • theresa May 29, 2013, 8:56 am

    hi there,

    great script, really helps me a lot, and it’s also very well documented! great work!

    however, since i’m a newbie when it comes to shell scripting, how do I direct the output from stdout into a file?
    I’ve found something like this:
    2>&1 | tee -a users.txt

    but somehow this doesn’t quite work :(

    any help would be appreciated!

    thanks!

    • Tyler June 14, 2013, 3:17 am

      Redirect the output to a file with the first command and then append the second command output:


      ## use awk to print if UID >= $MIN and UID /tmp/userlist
      awk -F':’ -v “min=${l##UID_MIN}” -v “max=${l1##UID_MAX}” ‘{ if ( $3 >= min && $3 > /tmp/userlist

      echo “” >> /tmp/userlist
      echo “———-[ System User Accounts ]—————” >> /tmp/userlist
      awk -F':’ -v “min=${l##UID_MIN}” -v “max=${l1##UID_MAX}” ‘{ if ( !($3 >= min && $3 > /tmp/userlist

  • rk September 8, 2013, 3:09 am

    can some body help me with the following question?

    Find the number of users on your system whose user ids are greater than 8?

  • Liviu September 13, 2013, 7:55 am

    Thanks. Short and to the point.

  • Sanchit March 19, 2014, 2:58 pm

    Can even use this!
    cat /etc/passwd | grep “/home/” | awk -F':’ ‘{ print $1}’

    • Martin March 2, 2015, 7:06 pm

      Thanks for this!

  • rahul kumar April 21, 2014, 4:47 pm

    how can see only system users in linux using command

  • Robert Nix June 9, 2014, 12:53 pm

    Note that none of this accounts for systems using an external source for its users. If you are using ldap or (gasp!) Active Directory to source your users, then listing /etc/passwd will not yield the desired results, as you won’t see the bulk of your users.

    The command we use, insted of “cat /etc/passwd”, is “getent passwd”, which returns the combined list of users from /etc/passwd (local users) and other sources. The getent command will give you a more realistic view of your users, on any system you encounter.

    • BobH November 5, 2014, 6:45 pm

      Could you show how I would use your command in the final script as posted by the original poster? I think that is the issue I’m having where it is only showing the users with Local Authentication, not AD Users (yes ack.. AD).

      Thanks,
      Bob

  • aaron April 16, 2015, 8:12 am

    Excellent explanation and script of list users in linux! Congrats Mate!
    Aaron

  • Harsh Jain May 7, 2015, 11:26 am

    Thanks for detailed tutorial.

    I configured the VNC as per given step. How to access the same GUI from host machine as we accessing from VNC client.

Leave a Comment