How to use the command 'users' (with examples)
The users
command is a simple yet effective utility used in Unix-like operating systems to display a list of users that are currently logged into the system. It helps system administrators quickly assess who is accessing the system at any given time, which can be essential for monitoring and managing user activity. users
is part of the GNU Core Utilities and is often used in conjunction with other user management commands such as useradd
, userdel
, and usermod
. This command is exceptionally valuable for maintaining an overview of system usage in real-time or through historical log files.
Use case 1: Print logged in usernames
Code:
users
Motivation:
This use case is important for system administrators who need to obtain a snapshot of current user activity. By running the users
command without any arguments, administrators can quickly list all usernames that are currently logged into the system. This is especially useful for auditing and monitoring purposes, ensuring that only authorized users are accessing the system. Additionally, with systems where multiple users have access, it serves as an efficient way to manage and troubleshoot user-related issues.
Explanation:
users
: This is the main command, and by invoking it with no additional arguments, the system queries the/var/run/utmp
file. This file contains information about current users who are logged into the system. Theusers
command reads this file to extract and display the list of usernames currently logged in.
Example Output:
john alice michael
In this example, the output indicates that three users—John, Alice, and Michael—are currently logged into the system. The usernames are displayed as a single line of space-separated values.
Use case 2: Print logged in usernames according to a given file
Code:
users /var/log/wmtp
Motivation:
There are occasions when system administrators or security analysts need to review historical login data to assess past user activities or diagnose issues related to system access. By providing the path to a specific file, such as /var/log/wmtp
, the users
command offers insights into who was logged into the system at times recorded within the specified file. This is an invaluable resource for forensic investigations and maintaining a comprehensive audit trail, as it allows administrators to track user activity beyond the current session.
Explanation:
users
: As before, this is the command used to extract user information./var/log/wmtp
: This is a path to a file that keeps historical records of user logins (and logouts) on the system. Thewmtp
file differs fromutmp
in that it logs all past sessions, providing a more extensive historical account of user activity. By specifying this file, theusers
command can glean information regarding past system access, depending on the log data contained within.
Example Output:
mike sarah david
In this example, the output displays usernames based on past records stored in the file specified. Mike, Sarah, and David were logged into the system during the periods captured in the /var/log/wmtp
file.
Conclusion:
The users
command is a straightforward but effective tool for real-time and historical monitoring of user logins on Unix-like systems. Each use case provided extends its utility, whether by offering a quick view of current users or delving into historical login data stored in specified log files. This versatility makes users
an essential part of any sysadmin’s toolkit, aiding in system security, monitoring, and user management.