02-D.13: User and Group Queries

Last updated
Save as PDF

Page ID: 26815

\( \newcommand{\vecs}[1]{\overset { \scriptstyle \rightharpoonup} {\mathbf{#1}} } \) \( \newcommand{\vecd}[1]{\overset{-\!-\!\rightharpoonup}{\vphantom{a}\smash {#1}}} \)\(\newcommand{\id}{\mathrm{id}}\) \( \newcommand{\Span}{\mathrm{span}}\) \( \newcommand{\kernel}{\mathrm{null}\,}\) \( \newcommand{\range}{\mathrm{range}\,}\) \( \newcommand{\RealPart}{\mathrm{Re}}\) \( \newcommand{\ImaginaryPart}{\mathrm{Im}}\) \( \newcommand{\Argument}{\mathrm{Arg}}\) \( \newcommand{\norm}[1]{\| #1 \|}\) \( \newcommand{\inner}[2]{\langle #1, #2 \rangle}\) \( \newcommand{\Span}{\mathrm{span}}\) \(\newcommand{\id}{\mathrm{id}}\) \( \newcommand{\Span}{\mathrm{span}}\) \( \newcommand{\kernel}{\mathrm{null}\,}\) \( \newcommand{\range}{\mathrm{range}\,}\) \( \newcommand{\RealPart}{\mathrm{Re}}\) \( \newcommand{\ImaginaryPart}{\mathrm{Im}}\) \( \newcommand{\Argument}{\mathrm{Arg}}\) \( \newcommand{\norm}[1]{\| #1 \|}\) \( \newcommand{\inner}[2]{\langle #1, #2 \rangle}\) \( \newcommand{\Span}{\mathrm{span}}\)\(\newcommand{\AA}{\unicode[.8,0]{x212B}}\)

EXAM OBJECTIVES COVERED
2.2 Given a scenario, manage users and groups.

User and Group Queries

Adding users and groups is only a part of the job. Now that you have users/groups created you need to administer them all. As an administrator you have a set of commands that you will get very familiar with which will help you care for your users.

These commands shown here do have options, but are seldom used with those options, so there is not a more in-depth description of them.

To see how these commands work, and when you might want to use them take a look at this video.

The whoami Command

This command prints the username that is associated with the current effective user ID.

Notice in the image to the right that user pbmac issues the whoami command and it prints pbmac. The user then issues a sudo su command to switch to the root user and issues the whoami command again - now it responds with root.

pbmac@pbmac-server $ whoami
pbmac
pbmac@pbmac-server $ sudo su
[sudo] password for pbmac: 
root@pbmac-server:/home/pbmac/Documents# whoami
root

Identification Via the Prompt

Also, notice that on this system the prompt shows the user name - pbmac, then after the su command was entered the prompt shows root. This is a configurable parameter, and so this might not be the same on all systems you work on. The prompt also shows the current directory when the user is logged in as root; it changes from /home/pbmac to /etc after the cd command.

The who Command

Use this command to find out which users are currently logged into the system. The who command has several options but is usually entered without using any. The command shows the username, the name of the system where the user is logged in from - in this case pbmac is directly logged in, and santiago is logged in from 192.168.1.7 onto the psuedo port 3 - and the date and time that user was logged into the system.

pbmac@pbmac-server $ who
pbmac    :0           2020-11-16 09:48 (:0)
santiago pts/3        2020-11-16 16:17 (192.168.1.7)

The w Command

The w command displays information about the users currently on the machine and their processes. The header shows, in this order, the current time, how long the system has been running, how many users are currently logged on, and the system load averages for the past 1, 5, and 15 minutes.

The following entries are displayed for each user: login name, the tty name, the remote host, login time, idle time, JCPU, PCPU, and the command line of their current process.

The JCPU time is the time used by all processes attached to the tty. It does not include past background jobs, but does include currently running background jobs.

The PCPU time is the time used by the current process, named in the "what" field.

pbmac@pbmac-server $ w
 17:21:23 up 25 days,  7:34,  1 user,  load average: 0.31, 1.00, 1.72
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
pbmac    :0       :0               16Nov20 ?xdm?   1:50m  0.00s /usr/lib/gdm
santiago pts/3    192.168.1.7      16:26    21:00s 0.08s  0.08s -bash

The id Command

A simple command to show the user and group information for the specified user, or if the username is omitted, it will show information for the current user.

pbmac@pbmac-server $ id
uid=1000(pbmac) gid=1000(pbmac) groups=1000(pbmac),4(adm),20(dialout),24(cdrom),27(sudo),46(plugdev),50(staff),
107(lpadmin),108(sambashare),109(admin),131(wireshark),133(vboxusers),148(lxd),1001(samba),1004(chrome-remote-desktop)

The last Command

The last command in Linux is used to display the list of all the users logged in and out since the file /var/log/wtmp was created. One or more usernames can be given as an argument to display their login in (and out) time and their host-name.

pbmac@ubuntu $ last
pbmac    tty2         tty2             Tue Jul 12 15:28   still logged in
reboot   system boot  5.4.0-1065-raspi Wed Dec 31 16:00   still running
pbmac    tty2         tty2             Mon Jul 11 18:28 - down   (21:00)
reboot   system boot  5.4.0-1065-raspi Wed Dec 31 16:00 - 15:28 (19185+22:28)
pbmac    tty2         tty2             Mon Jul 11 09:59 - down   (08:27)
reboot   system boot  5.4.0-1065-raspi Wed Dec 31 16:00 - 18:27 (19185+01:27)
santiago tty4         tty4             Sat Jul  9 17:31 - still logged in
reboot   system boot  5.4.0-1065-raspi Wed Dec 31 16:00 - 09:58 (19184+16:58)
santiago tty4         tty4             Tue Jul  5 16:47 - down  (4+00:12)
pbmac    :0           :0               Tue Jul  5 16:21 - 16:46  (00:25)

"last command in Linux with Examples" by basilmohamed, Geeks for Geeks is licensed under CC BY-SA 4.0