How do I check the user's group details on Linux

  • 2020-11-18 06:36:06
  • OfStack

preface

Adding users to an existing group is one of the regular activities of the Linux administrator. This is the daily activity of some administrators working in the larger environment.

I even do this every day in my environment because of business requirements. It is one of the most important commands to help you identify existing groups in your environment.

In addition, these commands can help you identify groups to which users belong. All users are listed in /etc/passwd, and groups are listed in /etc/group.

Whatever command we use, we will get the information from these files. In addition, each command has its own unique function to help users individually obtain the information they need.

What is /etc/passwd?

/etc/passwd is a text file containing each user information necessary to log in to the Linux system. It maintains useful user information such as username, password, user ID, group ID, user ID information, home directory, and shell. Each line of passwd contains the user's details, and there are seven fields as described above.


$ grep "daygeek" /etc/passwd
daygeek:x:1000:1000:daygeek,,,:/home/daygeek:/bin/bash

What is /etc/group?

/etc/group is a text file that defines the group to which the user belongs. We can add multiple users to a single group. It allows users to access other user files and folders because Linux permissions fall into three categories: users, groups, and others. It maintains useful information about groups, such as group name, group password, group ID (GID), and member list. Each of them is on a separate row. Each line of the group file contains the details of each group, and there are four fields as described above.

This can be done by using the following method.

groups: Displays all members of a group. id: Prints user and group information for the specified user name. lid: Shows the user's group or group of users. getent: Get the entry from the Name Service Switch library. grep: Stands for "global regular expression print global regular expression print", which prints matching patterns.

What is the groups command?

The groups command prints the name of the primary group and any supplementary group for each given user name.


$ groups daygeek
daygeek : daygeek adm cdrom sudo dip plugdev lpadmin sambashare

If you want to check the list of groups associated with the current user. Just run the groups command without any user name.


$ groups
daygeek adm cdrom sudo dip plugdev lpadmin sambashare

What is the id command?

id stands for "identity identity". It prints real and valid users and groups ID. Prints user and group information for the specified user or current user.


$ id daygeek
uid=1000(daygeek) gid=1000(daygeek) groups=1000(daygeek),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),118(lpadmin),128(sambashare)

If you want to check the list of groups associated with the current user. Just run the id command without any user name.


$ id
uid=1000(daygeek) gid=1000(daygeek) groups=1000(daygeek),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),118(lpadmin),128(sambashare)

What is the lid command?

It shows the user's group or group of users. Displays information about the group that contains the user name or the user that is contained in the group name. This command requires administrator privileges.


$ sudo lid daygeek
 adm(gid=4)
 cdrom(gid=24)
 sudo(gid=27)
 dip(gid=30)
 plugdev(gid=46)
 lpadmin(gid=108)
 daygeek(gid=1000)
 sambashare(gid=124)

What is the getent command?

The getent command shows the entries in the database supported by the Name Service Switch library, configured in /etc/ nsswitch.conf.


$ getent group | grep daygeek
adm:x:4:syslog,daygeek
cdrom:x:24:daygeek
sudo:x:27:daygeek
dip:x:30:daygeek
plugdev:x:46:daygeek
lpadmin:x:118:daygeek
daygeek:x:1000:
sambashare:x:128:daygeek

If you only want to print the associated group name, use awk in the command above.


$ getent group | grep daygeek | awk -F: '{print $1}'
adm
cdrom
sudo
dip
plugdev
lpadmin
daygeek
sambashare

Run the following command to print only the main group information.


$ getent group daygeek
daygeek:x:1000:

What is the grep command?

grep stands for "global regular expression print global regular expression print", which prints the pattern that the file matches.


$ grep "daygeek" /etc/group
adm:x:4:syslog,daygeek
cdrom:x:24:daygeek
sudo:x:27:daygeek
dip:x:30:daygeek
plugdev:x:46:daygeek
lpadmin:x:118:daygeek
daygeek:x:1000:
sambashare:x:128:daygeek

If you only want to print the associated group name, use awk in the command above.


$ groups daygeek
daygeek : daygeek adm cdrom sudo dip plugdev lpadmin sambashare
0

via: https://www.2daygeek.com/how-to-check-which-groups-a-user-belongs-to-on-linux/

conclusion


Related articles: