In Linux, an essential part of system administration is managing users. This is because, as part of managing users, we can make certain as system administrators that malicious login user sessions can be flagged and terminated. However, first, we should know if the user exists or not.
In this article, we’ll take a look at two ways useful in checking if a user exists in our system.
2. Using the /etc/passwd File
Each user created in Linux is stored in the /etc/passwd text file, which stores user information essential during login. Moreover, this file should have read permissions since a lot of commands use it to link user IDs to their usernames. However, this file must have write permissions restricted to the superuser for security purposes.
Let’s have a look:
$ cat /etc/passwd root:x:0:0:root:/root:/bin/bash ... peter:x:1000:1000:PETER KARANJA,,,:/home/peter:/bin/bash sam:x:1001:1001:Samuel Njuguna Karanja,,,:/home/sam:/bin/bash
Above, every line represents a unique user. Furthermore, in these lines, there are seven fields containing additional information on the user. For each line, a colon (:) separates the different fields.
Now, for checking the existence of a user, we’ll only need the first field, which is the username. This is because it’s the login name for our user, the one we see in lowercase.
Let’s check for a username named peter:
$ grep peter /etc/passwd peter:x:1000:1000:PETER KARANJA,,,:/home/peter:/bin/bash
Here, we see a line printed out in our terminal containing the user information for peter. The grep command searches in the /etc/passwd file for lines containing a match to the word peter.
However, if the user does not exist, the terminal will print out nothing:
$ grep robert /etc/passwd
In this case, the user robert does not exist in our system.
Great, now what if we want to check the existence of more than one user? For this action, we’ll utilize the egrep command:
$ egrep -w '^(robert|sam|peter)' /etc/passwd peter:x:1000:1000:PETER KARANJA,,,:/home/peter:/bin/bash sam:x:1001:1001:Samuel Njuguna Karanja,,,:/home/sam:/bin/bash
The output above clearly shows that both users peter and sam are in our system.
Next, let’s check out if user peter exists in the /etc/passwd file using the getent command:
$ getent passwd peter peter:x:1000:1000:PETER KARANJA,,,:/home/peter:/bin/bash
This command allows us to read various text files known as databases. It has various options for databases, but in our case, we only needed the password option.
We can also work with multiple users:
$ getent passwd peter sam peter:x:1000:1000:PETER KARANJA,,,:/home/peter:/bin/bash sam:x:1001:1001:Samuel Njuguna Karanja,,,:/home/sam:/bin/bash
Clearly, we see that getent works the same as grep in terms of output.
3. Using the id Linux Command
What does the id command do in this case? Well, it displays the user information of whoever we type after it.
Let’s try it out:
$ id peter uid=1000(peter) gid=1000(peter) groups=1000(peter),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),122(lpadmin),134(lxd),135(sambashare)
Above, the id command displays information related to the user peter because they exist. For instance, Linux assigns every user an ID unique only to them, in this case, the uid (USER ID) of 1000. It is important to note that the user id is, by default, the same as the gid (GROUP ID).
What happens if the user does not exist? We’ll take a look:
$ id robert id: ‘robert’: no such user
Since there is no user robert in our system, we get a very clear message of id: ‘robert’: no such user.
In this tutorial, being familiar with the /etc/passwd file contents will help us manage the users with access to our Linux system. Also, we can always clarify the content labels for this file by going through its documentation. Now, with the id command, we can get the details like the user ID and group ID of a user. These processes will help us ensure the security of our system.