I want to find out what 'normal' users are available on a system. By normal, I mean those who are manually created, not those like sshd or gdm.
Asked
Active
Viewed 549 times
4 Answers
3
Do grep UID_MIN /etc/login.defs.
Then do getent passwd and look which users have a UID >= the UID_MIN value from above.
Explanation: Whenever a user is manually added, it grabs the first available UID >= the UID_MIN value from login.defs (unless UID is manually specified)
phemmer
- 71,831
-
indeed your solution is nice, but /etc/login.defs is used on GNU/Linux systems and doesn't apply on all the unix flavors. Then getent is not a standard as well, but just a tool. – tmow Feb 03 '11 at 08:20
-
@tmow, Ya, its OS dependent. And getent is on all the linux and solaris boxes we run, so seems to be common enough. – phemmer Feb 03 '11 at 23:22
2
I don't think there's a way to tell which users have been "manually created". Probably the best you can do is look for users that have a valid shell, as typically system users like sshd and gdm have shells like /bin/false and /sbin/nologin to prevent logins. The list of valid shells is in /etc/shells, so you can use grep to get a list of users with one of those shells:
$ grep -f /etc/shells /etc/passwd
If you just want usernames:
$ grep -f /etc/shells /etc/passwd | cut -d: -f1
Michael Mrozek
- 93,103
- 40
- 240
- 233
2
Typically "normal users" are assigned user ID's >= 1000. If this is the case on your system, then the following could work:
awk -F: '{if ($3 > 999) print $1}' /etc/passwd
Steven D
- 46,160
1
ls -l /home
But that's also not the most reliable source.
If once logged in:
lastlog | grep -v 'Never logged in'
wag
- 35,944
- 12
- 67
- 51
-
1Another reason it's not reliable is that you may remove a user without removing their home directory. – tshepang Jan 31 '11 at 17:50