1. Overview
When we work on the Linux command line, sometimes, we want to know who the current user is. Moreover, when we write a shell script, we may want to know who is running the script.
In this tutorial, let’s figure out how to identify the current user in Linux.
2. Introduction to the Problem
Various commands can get the current user in Linux. We’ll explore some of them in this tutorial. Also, for each method, we’ll discuss what they’ll report if we change to another user using the su command.
Further, we shouldn’t forget that the sudo command may hide the real user, too. Therefore, we’ll address what various approaches will print if they’re called by sudo.
Next, let’s see them in action.
3. Reading the $USER Variable
After we’ve logged into a Linux system through a login shell, the system sets the $USER environment variable by the current login user. Therefore, we can read the $USER variable to get the current user’s name:
kent$ echo $USER
kent
3.1. After Executing the su Command
Since the su command does not invoke a login shell by default, if we switch to root using the su command, the $USER variable still stores the original login user:
kent$ echo $USER
kent
kent$ su
Password:
root# echo $USER
kentHowever, if we execute su USERNAME, the login shell will be invoked. Thus, the $USER variable will hold the USERNAME we’ve switched to:
kent$ su guest
Password:
guest$ echo $USER
guest3.2. With the sudo Command
We run the command with superuser privileges when we execute a command with sudo. So, for example, we log in as the user kent, and when we execute sudo some-command, the login user is still kent, but the effective user is root.
Next, let’s see which user $USER will store in case of sudo. But, first, let’s create a pretty simple script:
$ cat user-by-var.sh
#!/bin/bash
echo "The current user by reading \$USER: $USER"Now, let’s execute the script with sudo:
$ sudo ./user-by-var.sh
[sudo] password for kent:
The current user by reading $USER: rootAs the output above shows, if our script gets executed with sudo, the $USER variable holds the effective user root.
3.3. The $USER Variable Can Be Overwritten
Finally, we should keep in mind that $USER is an environment variable. That is to say, we can overwrite it at any time. Therefore, if we want to get the current user in our shell script, $USER is not reliable.
Next, let’s execute our small script twice, with and without changing the $USER variable:
kent$ ./user-by-var.sh
The current user by reading $USER: kent
kent$ USER=superman; ./user-by-var.sh
The current user by reading $USER: superman
As the example above shows, if our script reads $USER to get the current user, the user can easily cheat the script by changing the $USER variable.
4. Using the whoami Command
The whoami command prints the effective username of the current user when invoked:
kent$ whoami
kent4.1. After Executing the su Command
After we switch to root by calling su, the effective user becomes root. Therefore, unlike the $USER variable, whoami will print root:
kent$ su
Password:
root# whoami
rootIf we execute su with a username, whoami will print the username as well:
kent$ su guest
Password:
guest$ whoami
guest4.2. With the sudo Command
Similar to the $USER variable, the whoami command reports the effective user root if we execute it with sudo:
kent$ sudo whoami
[sudo] password for kent:
root5. Using the id Command
Additionally, the id command can print the real and effective user and group id:
kent$ id
uid=1000(kent) gid=1000(kent) groups=1000(kent),7(lp),10(wheel), ... 108(vboxusers),990(docker)Of course, if we’re only interested in the username, we can pass the -nu options to the id command:
$ id -nu
kent
5.1. After Executing the su Command
Same as the whoami command, after we switch to another using su, the id command will print the new user’s name:
kent$ su
Password:
root# id -nu
root
kent$ su guest
Password:
guest$ whoami
guest
5.2. With the sudo Command
As the id command reports the real and the effective user, it’ll print root if we run it with the sudo command:
kent$ sudo id -nu
[sudo] password for kent:
root
6. Using the logname Command
logname is a member of the coreutils package. As the name implies, the logname command prints the user’s login name:
kent$ logname
kent6.1. After Executing the su Command
As the logname command prints the user’s login name, after we “su” to another user, the logname command still reports the original login user no matter whether we pass a username to the su command:
kent$ su
Password:
root# logname
kent
kent$ su guest
Password:
kent$ logname
kent
6.2. With the sudo Command
Unlike the whoami and id commands, when we call logname with sudo, it still prints the original login name:
kent$ sudo logname
[sudo] password for kent:
kent7. Conclusion
In this article, we’ve explored several approaches to identify the current user in the Linux command line. Further, we’ve discussed their behaviors if we execute them with the su and sudo commands.
Finally, let’s summarize what we’ve learned in a table (assuming the login user is kent):
| Approaches | After login | After su | After su guest | With sudo |
|---|---|---|---|---|
| $USER | kent | kent | guest | root |
| whoami | kent | root | root | root |
| id -nu | kent | root | root | root |
| logname | kent | kent | kent | kent |