How can I find out which users are in a group within Linux?

Question

I've recently been creating new users and assigning them to certain groups. I was wondering if there is a command that shows all the users assigned to a certain group? I have tried using the 'groups' command however whenever I use this it says 'groups: not found'

Answer 1

I prefer to use the getent command ...

Since getent uses the same name service as the system, getent will show all information, including that gained from network information sources such as LDAP.

So for a group, you should use the following ...

getent group name_of_group

where name_of_group is replaced with the group you want to look up. Note that this only returns supplementary group memberships, it doesn't include the users who have this group as their primary group.

There are a whole lot of other lookups that you can do ... passwd being another useful one, which you'll need to list primary groups.

Answer 2

You can use grep:

grep '^group_name_here:' /etc/group

This only lists supplementary group memberships, not the user who have this group as their primary group. And it only finds local groups, not groups from a network service such as LDAP.

Answer 3

Easier to do groups [username]

If you want to list all local users and their local groups you can do

cat /etc/passwd | awk -F':' '{ print $1}' | xargs -n1 groups

If you get "groups: command not found", it is likely you've edited your environmental path for the worse, to reset your path do PATH=$(getconf PATH)

Answer 4

groupmems -g groupname -l

lists all users in the named group.

Answer 5

groups command prints group memberships for a user. You can use lid command to list users in a group like:

# lid -g <groupname>

Update: On Debian based distributions the command name differs as libuser-lid. Both commands are provided by libuser package as @chris-down mentioned.

$ sudo libuser-lid -g lpadmin
kadir(uid=xxxx)

Answer 6

I am surprised nobody mentioned

id <user>

This command will give a list of groups the user is in.

Answer 7

Works like a charm:

cut -d: -f1,4 /etc/passwd | grep $(getent group <groupname> | cut -d: -f3) | cut -d: -f1

Answer 8

Some will tell you to install libuser (for 'lid') or members (for 'members'). But building upon the answer https://unix.stackexchange.com/a/349648/77959 which handled this issue with login group membership I found another group not being covered by that script. So - here's the best of both approaches combined:

#!/bin/bash
if [ $# -eq 1 ]; then
        gid=`getent group "$1"|cut -d: -f3`
        list_a=`cut -d: -f1,4 /etc/passwd | grep ":$gid$" | cut -d: -f1`
        list_b=`getent group "$1"|cut -d: -f4|sed 's/,/\n/g'`
        echo -e "$list_a\n$list_b"|grep -v "^$"|sort|uniq
else
        echo "pass me a group to find the members of"
fi

Answer 9

OP phrased the question to exclude the possibility of using the groups command. Since that is part of coreutils on Linux, either (a) it was removed, or (b) OP is mistyping the name.

OP could have used groups like this, for instance:

for name in $(cut -d: -f1 /etc/passwd);do groups $name|grep -w sudo|awk '{print $1;}';done

One suggested answer just grep's for the group name in /etc/group. Sometimes that works as intended.

A slightly better use of grep takes into account the syntax of /etc/group:

group_name:password:GID:user_list

so that only the part before the first colon is a valid group-name. A plain grep without regard to syntax can (and will) pick up misleading matches from the file. Use regular expressions to make the grep match exactly what is needed:

grep -E '^users:' /etc/group |sed -e 's/^.*://'

or using a shell variable:

grep -E '^'$groupname':' /etc/group |sed -e 's/^.*://'

However, that only lists those not in a default group. To add those, you need to take into account the password file, e.g., by extracting the group-id number from /etc/group, and printing the users whose default group matches from /etc/passwd, e.g.,

grp=$(awk -F: '$1 ~ /^users$/ {print $3; }' </etc/group)
awk -F: '$4 ~ /^'$grp'$/ { print $1; }' </etc/passwd

You could do the same thing using just grep and sed, but it is more work than using awk.

Another suggested answer proposed using getent, which also is likely to be on a Linux machine (with Debian, it is part of GNU libc). However a quick check of that shows it providing only the /etc/group content.

I (like most) do not have libusers or lid installed, so I cannot comment on whether it satisfies OP's conditions.

There is also the id program, which gives group information. Someone might expand on that as a possible answer.

Answer 10

This modification of user3717722 approach will list groupmembers in an NIS database:

ypcat passwd | cut -d: -f1,4 | grep $(getent group <groupname> | cut -d: -f3) | cut -d: -f1

Answer 11

function members {

echo "$(getent group $1 | cut -d: -f1,2,3):$(getent passwd | cut -d: -f1,4 | grep $(getent group $1 | cut -d: -f3) | cut -d: -f1 | paste -sd ','):$(getent group $1 | cut -d: -f4)"

}

Lists primary and secondary members separated by a ":"