3 Ways to List Groups for a User in Linux
Okay, today’s post will be the back-to-basics style, but to make it more interesting I’ve come up with as many (reasonable) ways to list groups of a Linux user as possible. As always, these Unix commands are actually quite universal, so will likely work in most Unix and Unix-like flavours.
Use the groups Command to List Groups for a User
This is probably the most obvious way of getting the job done. Use the groups command, simply type “groups” followed by a username and you will get the list of all the groups that user belongs to:
greys@ubuntu$ groups greys greys : greys adm dialout cdrom plugdev lpadmin sambashare admin
Now, as you noticed, I’m confirming my own groups (running groups greys as user greys), so this means that we can omit the longer form shown above and simply type “groups” to get the same result:
greys@ubuntu$ groups greys : greys adm dialout cdrom plugdev lpadmin sambashare admin
Use id Command to Identify Unix Groups for a User
Another way to confirm groups is to use the id command, it’s very simple and I tend to use this approach in most case.
Here’s how using the id command will look like:
greys@ubuntu$ id greys uid=1000(greys) gid=1000(greys) groups=1000(greys),4(adm),20(dialout),24(cdrom),46(plugdev),115(lpadmin),116(sambashare),117(admin)
Inspect /etc/group File to Confirm Groups for a User
This last approach may be helpful when the above things don’t work. I tend to use it for another indirect benefit – comparing a user’s group membership against other users.
What you do for this situation is simply grep for a username in the /etc/group file:
greys@ubuntu$ grep greys /etc/group adm:x:4:greys dialout:x:20:greys cdrom:x:24:greys plugdev:x:46:greys greys:x:1000: lpadmin:x:115:greys sambashare:x:116:greys admin:x:117:greys
Bonus: confirming groups for a user using getent
This last approach will help you confirm the group membership regardless of where your usernames/passwords and groups are stored. As you know, they are most often local to your Unix system, but sometimes can be managed using NIS/NIS+ or LDAP.
So here’s a universal way for listing groups for a user, it relies on the getent command:
greys@ubuntu$ getent group | grep greys adm:x:4:greys dialout:x:20:greys cdrom:x:24:greys plugdev:x:46:greys greys:x:1000: lpadmin:x:115:greys sambashare:x:116:greys admin:x:117:greys
That’s it for today, thanks for your time and hope I made it worthwhile!