Advance User Management And Monitoring Commands In Linux

Now we will see some commands which helps you to get information about current/past logged in users in Linux system. This will helps you to monitor users and mentain system services. Lets start...

1: ID and Groups : These both commands we had discussed in our previous post . These both commands are used to check user ID and group ID of any user/group respectivly.

2: Finger : This is an user information lookup utility command which fetches the details of any available user in the system. This command utility is generally not available by default but you can install it via terminal windows by giving appropriate installation command. Below are the some examples of installing the finger utility.

- For rpm base distros

#sudo yum install finger

- For deb base distros

#sudo apt install finger

- For fedora/rpm base distros

#sudo dnf install finger

Usage :

i) Simply executing the finger command will show you the current logged on users info in your Linux machine.

ii) Include -s flag with command it will display displays the user's login name, real name, terminal name and write status (as a ``*'' after the terminal name if write permission is denied), idle time,login time, office location and office phone number

iii) If you want to fetch login info about a particular user then just type username with finger command as shown below. You can add '-s' flag to improve visibility.

#finger 'username'

iv) Produces a multi-line format displaying all of the information. You can add a username for a particular user.

#finger -l

#finger -l 'username'

3: Getent : The 'getent' command displays entries from databases supported by the 'Name Service Switch' libraries, which are configured in /etc/nsswitch.conf Some databases supported by NSS are passwd,group,services,networks,protocols.

Usage :

i) If you want to see the all users created in your Linux system. Instead of concatenate /etc/passwd file just run below command.

#getent passwd

ii) Add a particular account name to access account information e.g UID,GID,NAME,SHELL etc.

#getent passwd 'account_name'

iii) Similarly you can access the group info instead of concatenate /etc/group file. You can add the group name incase want to access info about partiuclar group.

#getent group

#getent group 'group_name'

iv) Access all configured hosts information run below command.Add hostname if want to get info about particular hostname.

#getent hosts

#getent hosts 'hostname'

4: lslogins: This command display information about known users in the system. The default action is to list info about all the users in the system.

i) To list all accounts created in system run below command. It will show you the all important info e.g UID ,Acct Name, Password Lock/Deny Info, Last Login Info etc.


ii) To list user accounts only use -u flag with command as shown below.

#lslogins -u

5: Users: Simple command to check who is currently logged in the system.


i)Simple command to display current logged in user.


6: Who : Similar to users but with more options.


i)Simply run who to display users currently logged into the system.


ii) add flag ' -a ' to get more information about system including all users logged into system, last boot time, current boot run level etc .

#who -a

iii) add flag ' -l ' to get only info about login processes.

#who -l

iv) add flag ' -H ' to get info including heading columns.

#who -H

7: W : A powerfull command which is used to display information about the users currently on the machine, and their processes.The header shows, in this order, the current time, how long the system has been running, how many users are currently logged on, and the system load averages for the past 1, 5, and 15 minutes


i)Simply execute 'w' command to get info about currently logged in users and system uptime and loads info , total usrs logged in info etc.


8: Last : Another powerful command which prints the last logged in users info. It fetches this info from /etc/log/wtmp file.It also shows the last system reboot info about past reboots.


i)Simply execute 'last' command to get info about all last logged in users (including current) and their logged in time info.


#last -a

ii)Get last logged in info of any particular date and time, use below command.


9: Lastlog : This command utility will reports the most recent login of all users or of a given user.


i) Get recent logged in info about any particular user.

#lastlog -u 'username'

ii) Get logged in info older than number of days.

#lastlog -b 'days in numbers'

Post a Comment