Are you in the console?
One thing you can do is cat out the /etc/passwd file. Regular users use a different UID range then system users.
A user might not have a home directory. This is the case where a user has group access, or is a samba user, or has their home directory located on a network share.
If you print out the /etc/group file, look for user names at the end of the root and wheel root:x:0:
wheel:x:10:jschiwal
Often, members of the wheel group are allowed to use "sudo". You can run "visudo" to examine the sudo file.
Code:
# Uncomment to allow people in group wheel to run all commands
# %wheel ALL=(ALL) ALL
If this line or the one below it is uncommented, then all "wheel" group members can run sudo. It is possible that sudo is setup so that wheel members enter their own password. This makes it possible to restrict the commands wheel members can execute, and keep the root password a secret. Read the "man sudoers" man page for more details.
If you google for "sudoers security" you may find web pages on how to secure sudo access.
It can get a bit complicated, because some common programs have shell escapes. This would allow them to execute commands as root without being logged. Unfortunately, one of these programs is "vim". Entering ":!/bin/bash" might allow wheel members to start a new shell. I'd need to read up on vim to find if ":!" can be disabled.
You may want to get in the habit of logging in as yourself and su'ing to root or using sudo, if this is a server on a network with multiple users, consider disabling root login.
