DISCUSSION: How to list all your USERs..

This thread is to discuss the article titled: How to list all your USERs..

Well when I tried to execute this command this is the answer any idea why has this turned up

[root@unisa ~]# cat /etc/passwd |grep /bin/bash |grep [5-9][0-9][0-9] |cut -d: -f1
Harry
harry
steve
master
help
[root@unisa ~]# alias listuser=cat /etc/passwd |grep /bin/bash |grep [5-9][0-9][0-9] |cut -d: -f1
-bash: alias: /etc/passwd: not found
[root@unisa ~]#

You need to wrap it in quotes the way they do in the article:

Code:

alias userlist='cat /etc/passwd |grep "/bin/bash" |grep "[5-9][0-9][0-9]" |cut -d: -f1'

awk -F":" '{ print "username: " $1 "\t\tuid:" $3 }' /etc/passwd

Quote:

Originally Posted by sysconfig awk -F":" '{ print "username: " $1 "\t\tuid:" $3 }' /etc/passwd

Wow! Awesome alternate method. Thx Sysconfig!
awk and gawk are really powerful, I need to spend some time studying them.

how do you list users and passwords? I need to do that.
Thank you

Quote:

Originally Posted by eponcedeleonc how do you list users and passwords?

Hmm, so you want a potential security hole that allows any hacker who can get the root password (or even get briefly to a terminal in use by a root user) to get every login password on the system? Are you really sure that's a good idea?

PS: I wouldn't tell you even if I knew. Which I don't.

Quote:

Originally Posted by eponcedeleonc how do you list users and passwords? I need to do that.

Being able to list users' passwords would imply that the passwords are stored somewhere on the system, which is not the case. What is stored are salted hashes of the passwords. So unless you've changed something to the standard way GNU/Linux handles user passwords, you won't be able to get any password list.

well I have a user from another company that has access to the server and DB as root and due to company problems with their company we are going manage the server and DB and i need to know how to block him from having any access to the server and DB.. its just a precaution that needs to be considered, and i dunno if changing the root password would be enough!

Quote:

Originally Posted by eponcedeleonc well I have a user from another company that has access to the server and DB as root and due to company problems with their company we are going manage the server and DB and i need to know how to block him from having any access to the server and DB.. its just a precaution that needs to be considered, and i dunno if changing the root password would be enough!

Changing the root password might be enough if you had a way to be sure that he didn't install any sort of backdoor. And you don't have any way to be sure of that unless you did something like take a HIDS snapshot or something before you gave him root access. That said, I'm still not sure how this relates to getting a listing of users' passwords. I mean, you don't need to know that passwords in order to change them. And the guy with root could have easily installed a password sniffer to get everyone's passwords if he wanted them (since cracking the salted hashes would probably be infeasible for him).

Quote:

Originally Posted by sysconfig awk -F":" '{ print "username: " $1 "\t\tuid:" $3 }' /etc/passwd

Oh so KEWL, first time I am using awk THANK YOU =)

Did my own variation:
awk -F":" '{ print "Linux_name: " $1 "\t\tFull_Name: " $5 }' /etc/passwd

Quote:

Originally Posted by eponcedeleonc well I have a user from another company that has access to the server and DB as root and due to company problems with their company we are going manage the server and DB and i need to know how to block him from having any access to the server and DB.. its just a precaution that needs to be considered, and i dunno if changing the root password would be enough!

It was not designed to allow other people to be given root access.
The security permissions are exactly designed around limiting access to only that which is required to perform the task at hand.
If the other company requires unlimited database access that is alowable through your specific DB admin tool or command?
Regards

cat /etc/passwd (to display all user )
cat /etc/passwd | wc -l (to count how many user is there ur system )