how to list user groups in linux from command line
Users and User Groups are one of the primary concepts in Linux security. A big part of security is the regular maintenance of the system including removing defunct users, reviewing group membership of users and monitoring group and file permissions.
Often times, you would want to list all users or just the logged in users. Other times, you would want to list groups that are active on your system. You can then list group members of each these groups as well. Often times your distro will have a system utility with a graphical interface to display it, other times you might have to resort to command line.
list all user groups by user
First, we will see how you can list groups in the system by user.The groups command is a good way of printing out groups that the current user is a part of. So, it works best if you want to see your own user groups.
$ groups
You can also use the groups command to list the groups for a particular user other the one you are logged in as. The groups command takes a command line argument where you can specify user name.
$ groups username
The groups command have been deprecated, but can still be found on most systems. There is another alternative to the groups command that you can use, called id. The id command can be found in most modern systems.
$ id -Gn
We use two command line options with id , -G and -n. The -G or –groups option prints all group ids. The -n or –name option prints out a name for the group instead of the number or id of the group. As with the groups utility, you can specify an username as a command line argument as well to print out the groups that the user is a part of.
$ id -Gn username
list all groups
While the above options, groups and id are good for printing out groups for a user it is not for printing out all available groups on a system. To be honest, there really is no good command to do that. We can however use some command to list groups directly from the file that lists it.
As you already know, the /etc/group file has all the current groups that have been created on the system. We can just print out the file to see all the groups on the system.
$ cat /etc/group
It prints out the group, but also some other information such as the group id, users etc and in a not so readable format. We can cut and format the output to just display the group names. We use the cut utility to do this…
$ cut -d: -f1 /etc/groups
Another option to list groups or print out all groups is the getent utility. It works just about the same way as printing out the entire group file in the previous example.
$ getent group
list all group members
Now that we have the list of groups, we want to know the members of the group. This is actually easy enough, as you might have seen that information while you printed out the /etc/group file in the previous examples.
Another command that you can use is members. It outputs the members of the group that is specified. Substitute groupname in the following examples with the actual group name, such as wheel or video.
$ members groupname
You can specify the group name as a command line argument with the getent utility to print out the line for that groupname. This line also lists the members of the group in the same line of output.
$ getent group groupname
We can directly pry the members of the group straight from the /etc/group file as well, just the getent utility does. We can grep through the file to print out the line for the group name.
$ grep groupname /etc/group
If you just want the comma-separated list of members from this line, then you could use awk to split that field out. We specify the colon (:) as the field separator and print out the fourth field of the line, as below.
$ grep groupname /etc/group | awk -F: '{print $4}'
This is another variation of the above example. This one uses the awk command directly on the file, instead of having to grep and pipe it through to awk.
$ awk -F: '/groupname/{print $4}' /etc/group