1. Overview

In a Linux system, users are accounts that we can use to log in. A unique identification number or UID identifies each such user.

This article will discuss various methods to list all users in a Linux group.

2. Using the /etc/passwd File

The /etc/passwd file contains all the information of users in a Linux system. We can obtain the list of users currently available on the Linux system by slicing the /etc/passwd file using the cut command:

$ cut -d: -f1 /etc/passwd
daemon
mail
postmaster
ftp
sshd
at
cyrus
ntp
smmsp
svn

A direct method to display both user and group information involves slicing the /etc/group file with the cut command:

$ cut -d: -f1,4 /etc/group
root:root
bin:root,bin,daemon
daemon:root,bin,daemon
sys:root,bin,adm
adm:root,adm,daemon

The output produced consists of the group name(s) and associated user(s) separated by ‘:’.

An indirect approach to display the list of users belonging to a certain group would be obtaining the GID (numeric group ID) of the group from the /etc/group file:

$ cut -d: -f1,3 /etc/group | grep daemon
daemon:2

And then, employing this GID in the command ‘grep :$’ , we can filter the /etc/passwd file content:

$ cut -d: -f1,3 /etc/passwd | grep :2$
daemon:2

3. Using getent

As we know, the /etc/group file defines the groups on the Linux system, whereas the /etc/passwd file describes its user login accounts. Unlike the /etc/group file, which contains the user names for a given group, the /etc/passwd file only contains the associated group’s GID.

Using this GID, which is common for a user and its associated group, we can, however, retrieve the user list for a given group from the /etc/passwd file.

The command to obtain the list of user(s) belonging to a group with the name, say “daemon”, as their primary group is:

$ cut -d: -f1,4 /etc/passwd | grep ":$(getent group daemon|cut -d: -f3)$" | cut -d: -f1
daemon

This command snippet, with logic similar to what we’ve seen in section 2, holds three different parts. The underlying difference is the use of getent. Let’s break down what each part of the command does.

Step 1: Using getent, we obtain the GID for a group with the name “daemon”:

$ getent group daemon|cut -d: -f3
2

Step 2: We then slice the /etc/passwd file to obtain a list consisting of user(s) with their respective GID:

$ cut -d: -f1,4 /etc/passwd 
root:0 
bin:1 
daemon:2 
adm:4 
lp:7 
sync:0

Step 3: Using grep, we shortlist users for the group “daemon” using its GID (step #1) from the list of user(s) with their respective GIDs (step #2):

$ cut -d: -f1,4 /etc/passwd | grep ":$(getent group daemon|cut -d: -f3)$"
daemon:2

Step 4: Finally, we slice the output (step #3) to display only the respective user(s).

We can also list the user(s) belonging to the group with the name we’re looking for, in this case, “daemon”, as their secondary group by using cut with tr:

$ getent group daemon | cut -d: -f4 | tr ',' '\n'
root
bin
daemon

One of the reasons why getent is so popular is because it’s portable with most forms of Linux, and it works with local group/password files.

4. Using awk

Let’s write a simple awk script that displays users belonging to the group named “daemon”:

$ awk -F: '/^daemon/ {print $4;}' /etc/group
root,bin,daemon

This command displays only those users that the /etc/group database manages. It won’t print LDAP, NIS, or other kinds of users managed elsewhere.

It’s also important to note that it only works for secondary groups. It won’t display users with that group set as primary since the /etc/passwd file stores the primary group as GID (numeric).

5. Conclusion

The Linux system contains user-specific information in different files. Sometimes, it becomes essential to know the user details, and Linux offers some commands that can help us achieve that.

In this article, we discussed a few approaches using Linux commands to obtain the user details and the group to which they belong.