Where/how in CentOS can I get a nice list of all the usernames on the system?
The file /etc/passwd should show all the system users (if you are using local loging and not NIS or other remote authentication systems), you will also see many systems users (like a user for apache, mysql, etc).
On 7/12/07, Rogelio Bastardo scubacuda@gmail.com wrote:
Where/how in CentOS can I get a nice list of all the usernames on the system? _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Thu, Jul 12, 2007 at 06:28:04PM -0700, Carlos Daniel Ruvalcaba Valenzuela wrote:
Please don't top-post. That's not standard for this list. I've fixed your message...
On 7/12/07, Rogelio Bastardo scubacuda@gmail.com wrote:
Where/how in CentOS can I get a nice list of all the usernames on the system?
This isn't really a CentOS specific question; this is generic Unix.
The file /etc/passwd should show all the system users (if you are using local loging and not NIS or other remote authentication systems), you will also see many systems users (like a user for apache, mysql, etc).
That will only work for local users. The answer you really want is "getent passwd".
This handles everything nsswitch.conf does (NIS, LDAP, xyzzy, whatever).
To get just a list of usernames: getent passwd | cut -d: -f1 | sort -u
What it _doesn't_ do is handle specialised authentication; just because a person may have an account on a box doesn't mean a person can login or otherwise access the box. Naming services do _not_ match authentication and authorisation services.
However, if your environment is that complicated then you shouldn't be asking such simple questions on this list :-) For a simple environment, or even a moderately complicated one (NIS, NIS+, LDAP with no specialised PAM rules) then "getent passwd" will do the job.
Stephen Harris spake the following on 7/12/2007 8:11 PM:
On Thu, Jul 12, 2007 at 06:28:04PM -0700, Carlos Daniel Ruvalcaba Valenzuela wrote:
Please don't top-post. That's not standard for this list. I've fixed your message...
And bash his top-posting with a top-post!! ;-P
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Rogelio Bastardo wrote:
Where/how in CentOS can I get a nice list of all the usernames on the system?
# cat /etc/passwd
Seperated by username, password, UID, GID, home directory, shell
# cat /etc/group
Use this to see group information.
Regards, Max
On Thu, Jul 12, 2007 at 06:25:06PM -0700, Rogelio Bastardo enlightened us:
Where/how in CentOS can I get a nice list of all the usernames on the system?
'getent passwd' should be portable across any account storage accessible through pam.
Matt
On Thu, Jul 12, 2007 at 09:32:11PM -0400, Matt Hyclak wrote:
'getent passwd' should be portable across any account storage accessible through pam.
You said the magic word that makes things infinitely more complicated ("PAM") and that renders your answer incorrect. "getent" uses naming services (nsswitch.conf). PAM doesn't. An account visible via getent may not be valid on a box.
On Thu, Jul 12, 2007 at 11:13:08PM -0400, Stephen Harris enlightened us:
'getent passwd' should be portable across any account storage accessible through pam.
You said the magic word that makes things infinitely more complicated ("PAM") and that renders your answer incorrect. "getent" uses naming services (nsswitch.conf). PAM doesn't. An account visible via getent may not be valid on a box.
Yes, I should have said nss, not pam. Thanks for correcting that. That ought to teach me to answer questions late at night :-)
Matt
On Thu, Jul 12, 2007 at 11:14:45PM -0400, Matt Hyclak wrote:
On Thu, Jul 12, 2007 at 11:13:08PM -0400, Stephen Harris enlightened us:
'getent passwd' should be portable across any account storage accessible through pam.
You said the magic word that makes things infinitely more complicated ("PAM") and that renders your answer incorrect. "getent" uses naming services (nsswitch.conf). PAM doesn't. An account visible via getent may not be valid on a box.
Yes, I should have said nss, not pam. Thanks for correcting that. That ought to teach me to answer questions late at night :-)
*grin*
It's actually not a trivial point and is something I ask people about in interviews. Naming services, authentication, authorisation are actually seperate systems. Historically they've all been /etc/passwd /etc/shadow. Modern unixes using PAM mean they need not be the same, and this can lead to some interesting edge cases. Just because an accounts shows on the system (eg via getent) doesn't mean that user can log in!
-
Carlos Daniel Ruvalcaba Valenzuela -
Matt Hyclak -
Max Hetrick -
Rogelio Bastardo -
Scott Silva -
Stephen Harris