Managing and monitoring user accounts on Linux

$ id george
uid=1003(george) gid=1003(george) groups=1003(george)

To view all users on the system, you can examine the contents of the /etc/passwd file, but that would include all the system accounts as well as the user account. The “ls /home” command should give you a list of all home directories.

$ ls /home
cookie  dumdum  fedora  george  lola  newuser  shs

You can also get details on user account using a command like this that selects entries that contain the word “home”.

$ grep home /etc/passwd
fedora:x:1000:1000:fedora:/home/fedora:/bin/bash
shs:x:1001:1001::/home/shs:/bin/bash
newuser:x:1002:1002::/home/newuser:/bin/bash
george:x:1003:1003::/home/george:/bin/bash
lola:x:1006:1006::/home/lola:/bin/bash 

To check which groups a user belongs to, use the groups command.

$ groups shs
shs : shs wheel techs

If you want to check out the /etc/shadow file that contains passwords in an encrypted form along with other data, you can run a command like this:

$ sudo grep george /etc/shadow
[sudo] password for shs:
george:$y$j9T$igg/m6Ixl7kvW/i7mPP891$oq/zlqU8DGOPwnGbnvoVaaDmDbspK/R92XnrEKcPKk0:20033:0:99999:7:::

The fields in this colon-separated file include:

1. the username
2. the encrypted password (that very long field)
3. the number of days since the password was last changed *
4. the minimum number of days before the password can be changed again
5. the maximum number of days before the password must be changed
6. the number of days before password expiration that the user is warned that their password will expire
7. the number of days after password expiration before the account is locked (inactive period)
8. the date the password expires *
9. a reserved field

Note that the third and eighth fields are expressed as the number of days since the Unix “epoch” (Epoch time is based on the number of seconds since 00:00:00 on January 1, 1970). This allows these fields to have a longer duration. The last three fields, however, are often empty.