Previous Section  < Day Day Up >  Next Section

Recipe 8.2. Sorting Human Users from System Users

8.2.1 Problem

Every Linux system has a bunch of system accounts (root, uucp, daemon, etc.) in addition to regular users. They're all lumped together in /etc/password. How do you list your human users separately from system accounts?

8.2.2 Solution

Take advantage of Linux's user identification (UID) numbering scheme and awk's ability to sort by fields or columns. This is for a Debian or Slackware system:

$ awk -F: '$3 > 999 { print $0}' /etc/passwd

nobody:x:65534:65534:nobody:/nonexistent:/bin/sh

carla:x:1000:1000::/home/carla:/bin/bash

foober:x:1001:1001::/home/test:/bin/false

bitchkat:x:1002:1002::/home/test2:/bin/bash

colby:x:1003:1003::/home/test3:/bin/bash

To show a subset use:

$ awk -F: '($3 >= 1000) &&($3 <=1005)  { print $0}' /etc/passwd

This is for a Red Hat or SuSE system:

$ awk -F: '$3 > 499 { print $0}' /etc/passwd

To sort them alphabetically use:

$ awk -F: '$3 > 499 { print $0}' /etc/passwd | sort

There's a neat trick you can do with UIDs, if you cannily plot out a numbering scheme in advance. For example:

  • Trainers 1000-1100

  • Coaches 1101-1200

  • Players 1200-2000

Following a convention like this gives you a simple tool to sort your users and add them in batches to groups.

8.2.3 Discussion

Using a numbering scheme like the "Trainers, Coaches, Players" example works all right for smaller user bases that are fairly static. For large, busy establishments with a lot of change, it's more headache than help. In those circumstances, it's better to put your energy into keeping group assignments orderly and up-to-date.

As always, there are interesting little differences between distributions.

UIDs and GIDs on all Linuxes range from 0 to 65534.


For example, on Debian:

  • IDs 0-99 are for system accounts.

  • IDs 100-999 are for user-installed programs and daemons, such as Postfix, Fetchmail, gdm, dictd, and so on.

  • IDs 1000-29999 are ordinary user accounts.

  • IDs 30000-65533 are reserved, according to the Debian policy manual, but you may use them however you like.

  • ID 65534 is user "nobody," an account with no rights or permissions.

And on Red Hat:

  • IDs 0-499 are reserved for system use.

  • IDs 500-60000 are for ordinary users.

  • ID 65534 is user "nobody," an account with no rights or permissions.

Most Linuxes follow similar numbering schemes. Feel free to tinker with the number ranges reserved for ordinary user accounts, but don't mess with the system or UIDs.

8.2.4 See Also

    Previous Section  < Day Day Up >  Next Section