Finding User Information
When administering systems, you often need to find out who is using the system and what they are doing. This section describes the commands— w, who, finger, rusers -l, whodo, id—that you can use to find information about users.
Determining Who Is Logged In to a System (w, who, finger, rusers -l, whodo)
You can use any one of the following commands (w, who, finger, rusers -l, or whodo) to find out who is logged in to a system. Each command gives you different information.
Using the w Command
The w command displays a summary of the current activity on the system, including what each user is doing. The header line shows the current time, the length of time the system has been up, the number of users logged in to the system, and the average number of jobs in the run queue over the last 1, 5, and 15 minutes. w is a combination of who, uptime, and ps -a.
The following example shows the output of the w command on the system paperbark.
paperbark% w
3:29pm up 1:45, 1 user, load average: 0.00, 0.00, 0.01
User tty login@ idle JCPU PCPU what
winsor console 1:46pm 1:43 /usr/dt/bin/sdt_shell -c
unseten
winsor pts/4 1:46pm 1:42 /bin/csh
winsor pts/5 1:46pm 1:42 /bin/csh
winsor pts/6 1:46pm 1:42 /bin/csh
winsor pts/7 1:46pm 1:22 w
paperbark%
Using the who Command
The who command displays a list of the users logged in to a system, with the login TTY port and the date and time. When a user is logged in remotely, the remote system name for that user is also displayed. To use the who command, type who and press Return.
In the following example, irving is logged in remotely (as shown by the system name in parentheses), and ignatz is logged in locally to the system oak.
oak% who
irving pts/1 Oct 31 14:33 (elm)
ignatz console Oct 31 12:22
oak%
Using the finger Command
The finger command displays a list of the login names of users logged in to a system, along with the complete name of the user (from the GECOS field of their /etc/password entry), the TTY port, the day of the week, the login time, and the remote system name if the user is logged in remotely. To use the finger command, type finger and press Return.
In the following example, user winsor is logged in remotely from castle.
oak% rlogin drusilla
drusilla% finger
Login Name TTY Idle When Where
winsor Janice Winsor pts/0 11 Thu 09:59 castle
drusilla%
Using the rusers -l Command
The rusers -l (remote users, login) command displays a list of login names of users who are logged in on remote systems, along with the name of the system a user is logged in to, the TTY port, the month, date, login time, and idle time. If the host is not idle, no time is displayed in the last field. To use the rusers -l command, type rusers -l and press Return.
The following example shows six users logged in to the console and two users logged in to TTY ports.
cinderella% rusers -l
Sending broadcast for rusersd protocol version 3...
Sending broadcast for rusersd protocol version 2...
jah caps:console Mar 3 13:03 22:03
amber facehole:console Mar 2 07:40
sebree ondine:console Mar 2 10:35 14
tut cairo:console Mar 2 10:48
jrt cairo:ttyp5 Mar 2 16:20 47:54 (gap)
ramseyis mowthelawn:console Mar 2 16:33 28
ramseyis mowthelawn:ttyp6 Mar 3 14:20 25:14 (:0.0)
(More logins not shown)
cinderella%
Using the whodo Command
The whodo command displays the date, time, and system name. For each user logged in, the terminal device name, UID, and login time are shown, followed by a list of active processes associated with the UID. The list includes the terminal device name, PID, CPU minutes and seconds used, and process name.
To find out who is logged in and doing what, type whodo and press Return.
The following example shows that user winsor is running a number of CDE applications and Netscape Navigator.
paperbark% whodo
Wed May 3 15:34:41 WST 2000paperbark
console winsor 13:46
? 376 0:00 Xsession
pts/3 422 0:00 sdt_shell
pts/3 488 0:00 dtfile
pts/3 485 0:00 dtfile
pts/3 484 0:00 sh
pts/3 462 0:00 dtpad
pts/3 460 0:00 sh
pts/3 440 0:00 ttsession
pts/3 441 0:00 dtsession
? 448 0:02 dtwm
? 452 0:00 sdtperfmeter
? 451 0:00 dtterm
pts/6 472 0:00 csh
pts/5 469 0:00 csh
pts/4 466 0:00 csh
pts/4 536 0:00 ftp
? 449 0:00 netscape
? 463 0:00 netscape
? 461 0:06 .netscape.bin
? 477 0:00 .netscape.bin
pts/3 424 0:00 csh
? 386 0:00 fbconsole
? 425 0:00 dsdm
pts/4 winsor 13:46
pts/5 winsor 13:46
pts/6 winsor 13:46
pts/7 winsor 13:46
pts/7 475 0:00 csh
pts/7 539 0:00 whodo
paperbark%
Finding User UID and GID Settings (id)
Use the id command to display the user ID and group ID number for a user who is logged in. This information can be helpful for troubleshooting problems when users cannot access files they think they own or when users want to find out which group they belong to. To use the id command, have the user log in, type id, and press Return. If the UID, GID, or secondary GIDs of a user do not match the owner or the group for the troublesome file, you may need to change the ownership or group on the file or add the user to the appropriate group.
See "Changing File Ownership or Permissions (chown, chmod, chgrp)" on page 77 and "Setting Up and Administering Groups" on page 164 for more information.
The following example shows that the UID for user winsor is 6693 and the GID is 10. For superuser, the UID is 0 and the GID is 1.
mopoke% id
uid=6693(winsor) gid=10(staff)
mopoke% su
Password:
# id
uid=0(root) gid=1(other)
#
 | You can use the id -a option to display the user name, user ID, and all of the groups to which the user belongs, as shown in the following example. |
mopoke% id -a
uid=6693(winsor) gid=10(staff) groups=10(staff)
mopoke%
| 
