command to find out users

manoj.linux · 05-17-2010, 01:30 AM

Hi,

I want to know the command which will list the local users created by me not system users.

Regards,

Manoj

catkin · 05-17-2010, 01:48 AM

There is not and cannot be any such command. All the users are listed in the /etc/passwd file but there is no way to determine which are made by you.

alli_yas · 05-17-2010, 03:46 AM

To add on to catkin's response above - useradd is a priveleged command; meaning you either need to be logged in as root or be a sudoer on the machine to be able to add users. Please see a useful set listing of priveleged commands here: http://linux.die.net/man/8/

Therefore by default; all users added are classified as being added by the super user - since any command you run via sudo is considered to have originated by a super user such as root.

What you can achieve is that you do not allow direct root login into a machine; but either:

1. Force users to login using an assigned username with sudoer priveleges
2. Force users to login using a "normal" user first; and then su - (that is login as root).

By doing the above; you'll be able to trace the commands run by different users; and be able to search for users added.

But in summary; catkin is 100% right - Linux is not Windows like; where you can check which user creates other users - the OS is not designed to work in this way.

Cheers
Yas

catkin · 05-17-2010, 04:12 AM

In /etc/passwd, each user has a name and a numeric user ID (UID). There are some conventions about the use of UIDs but the only one that is widely observed is that 0-99 are reserved for base system use. Another common but by no means universal convention is that UIDs 100-999 are used for applications UIDs, leaving 1000+ for ordinary users. Commonly user "nobody" has UID 65534 (the largest number available on the original *n*x systems).

The Debian Policy Manual, Chapter 9 - The Operating System, in 9.2.2 "UID and GID classes" describes a UID usage scheme.

What you have on your system depends on what UIDs you set or on the provided defaults.

chrism01 · 05-17-2010, 06:58 AM

On RHEL the default cutoff for non-system users starts at uid 500 http://www.linuxtopia.org/online_boo...l#s2-users-add

trey85stang · 05-24-2010, 09:09 PM

awk -F: {if($3>=1000) print $1}' /etc/passwd

replace 1000 where you added users start.. as mentioned above 500 is where it starts on Redhat.

orangesky · 05-25-2010, 03:58 PM

Code:

$cd /home/
$ls