Project 64. Get Information about Users"What's my name?" This project covers standard Unix commands that report on user account information and active users. It covers the commands who, w, last, id, and groups. Project 65 covers Apple-supplied tools that manage user accounts. Project 7 explains the concepts behind users and groups, as well as user and group identification numbers (UIDs and GIDs). Who's There?To access a computer running Unix, you must have an account on that computer, identified by a username and password. When you boot your Mac and type your username and password at the login window, you are logging in. (If you don't type a username and password at startup, your Mac is set to log in automatically in System Preferences.) There are other ways to log in, such as starting a new Terminal window or using Remote Login (ssh) on another Mac, or host. Unix allows each user many simultaneous logins, and many different users can be logged in concurrently. It provides several ways to discover who is currently logged in and who logged in previously. Use the who and w commands to display who is currently logged in. The two commands are similar; w provides more information. $ w 11:07 up 4 days, 2:13, 2 users, load averages:1.44 1.47 1.32 USER TTY FROM LOGIN@ IDLE WHAT saruman console - 15Jul05 24days - saruman p0 - 10:55 - w $ who saruman console Jul 15 12:56 saruman ttyp0 Aug 9 10:55 The first line displayed by w is equivalent to results obtained from the uptime command. It reports how long your Mac has been running since the last restart, giving the load average over the past 1, 5, and 15 minutes. Load average is the average number of tasks queuing for processor time; a value of 1.00 indicates a well-used but not overloaded system. Tip
Both who and w list users who are logged in, and each indicates the TTY (TeleTYpe, or terminal) to which each login is attached. You'll always see the first two entries shown in the example above; console is the master terminal or, in the case of Mac OS X, the main log in under which the Finder, the Dock, and all other applications run. The second line displayed by who, and the fourth displayed by w, shows the open terminal window used to issue the command itself. Start a new terminal window, and if you are able, log in from a remote machine too. You'll see an extra couple of lines displayed. $ who saruman console Jul 15 12:56 saruman ttyp0 Aug 9 10:55 saruman ttyp1 Aug 9 11:34 saruman ttyp3 Aug 9 11:35 (saruman.wless) Note
The third line shows the login started by the new Terminal window; the fourth line shows the remote login and the IP address or hostname of the remote host.
AmnesiaA variant of who reminds you who you are and to which Terminal window the current login is attached. It's useful when you operate several user accounts or need to determine the current user from a shell script. $ who am i saruman ttyp0 Aug 8 20:54 List Login HistoryUse the last command to list a history of logins, both closed and current. $ last loraine ttyp4 Tue Aug 9 12:57 still logged in saruman ttyp3 saruman.wlessTue Aug 9 12:11 - 12:57 (00:46) saruman ttyp1 Tue Aug 9 11:34 still logged in saruman ttyp1 Tue Aug 9 11:34 - 11:34 (00:00) saruman ttyp0 Tue Aug 9 10:55 still logged in ... Tip
This information is held in the file /var/log/wtmp. The file is archived every month by periodic maintenance, as we discover by typing $ grep -R "wtmp" /etc/periodic/ /etc/periodic/monthly/500.monthly:for i in wtmp install... (See Project 72 to learn about periodic maintenance.) Report on Users and GroupsProject 7 explains that every user is identified by a username and a numeric user identity (UID). Every user belongs to at least one group (his self-named primary group) and may belong to any number of other groups. Like a user, a group has a name and a numeric group identity (GID). The commands id and groups show this information about the current user or any other specified user. Let's check my (saruman's) credentials. $ id uid=501(saruman) gid=501(saruman) groups=501(saruman), 81(appserveradm), 79(appserverusr), 80(admin) $ groups saruman appserveradm appserverusr admin This shows that my UID is 501 (username saruman) and my primary group is 501 (group name saruman). As an administrator user, I also belong to three other groups called appserveradm, appserverusr, and admin. View the same information for other users, toofor example, the normal (nonadministrator) user loraine. $ id loraine uid=504(loraine) gid=504(loraine) groups=504(loraine) $ groups loraine loraine If you wish to use this information in a shell script, try the following variations, which yield results more amenable to automatic processing. Use option -u with id to display the UID of the specified user. $ id -u saruman 501 Option -g displays the designated user's primary-group GID. $ id -g loraine 504 Option -G displays all GIDs, in no particular order. Like the other id options, it assumes that the current user is intended if no username is given as an argument. $ id -G 501 81 79 80 Add n to any of the id option codes above to display names instead of numbers. Can you see that command id -Gn is equivalent to command groups? |