Listing all users is trivial - I don't think that's what he's asking. He's asking is "how do I list all *system* users", presumably in a way that differentiates them from user accounts in some kind of authoritative way.
I don't think there is a way. You could: - Assume all users < uid 1000 are system users, but that is not hard enforced to my knowledge. IIRC the OS will start with 1001 but an admin could override that at user creation time. - Use your preferred programming language or utility to parse out entries that begin with _ in /etc/passwd. That won't get non-service-account entries like root, bin, etc. Also, I don't think there's a technical prohibition to creating a new user account that starts with an underscore. - Differentiate by groups. i.e., if all your users are in one group, then you know who isn't. I think if your admins don't do stupid things (create user accounts under 1000, create accounts starting with _, etc.) then just parsing /etc/passwd would likely be the simplest way. As practical experience, that's what I've done when migrating systems, etc. I assume that people play by the rules, so if I need to identify all the user accounts (to recreate them on a new system or something), I exclude uids under 1000 as a starting point. On Mon, May 8, 2017 at 4:51 AM, Marcus MERIGHI <mcmer-open...@tor.at> wrote: > and...@msu.edu (STeve Andre'), 2017.05.06 (Sat) 20:37 (CEST): > > On 05/06/17 14:27, Luke Small wrote: > > > Is there a way to determine all users on a system that the users > command > > > doesn't seem to show? like _x11 and _ntpd > > users(1) - list current users > > I'd try ps(1) and get all active users from there. > > If you are after *all* users (inactive ones as well) you could use > "getent(1) passwd" and parse from there. > > Marcus > > > What's a user? > > > > Maybe you want to look at /etc/passwd. The first four lines are > > > > root:*:0:0:Charlie &:/root:/bin/ksh > > daemon:*:1:1:The devil himself:/root:/sbin/nologin > > operator:*:2:5:System &:/operator:/sbin/nologin > > bin:*:3:7:Binaries Commands and Source:/:/sbin/nologin > > > > You can parse that with awk and do stuff. Read about passwd(5) to > > understand the format. A login shell of /sbin/nologin means > > it isn't interactive. That might get you started? > > > > --STeve Andre' > > > > > > !DSPAM:590e28ea17913841584367! > > > > -- andrew fabbro and...@fabbro.org
