lslogins - display information about known users in the system
lslogins [options] [-s|-u[=UID]]
[-g groups] [-l logins] [username]
Examine the wtmp and btmp logs, /etc/shadow (if necessary)
and /passwd and output the desired data.
The optional argument username forces lslogins to
print all available details about the specified user only. In this case the
output format is different than in case of -l or -g and
unknown is username reported as an error.
The default action is to list info about all the users in the
system.
Mandatory arguments to long options are mandatory for short
options too.
-a, --acc-expiration
Display data about the date of last password change and
the account expiration date (see
shadow(5) for more info). (Requires
root privileges.)
--btmp-file path
Alternate path for btmp.
-c, --colon-separate
Separate info about each user with a colon instead of a
newline.
-e, --export
Output data in the format of NAME=VALUE. See also option
--shell.
-f, --failed
Display data about the users' last failed login
attempts.
-G, --supp-groups
Show information about supplementary groups.
-g, --groups=groups
Only show data of users belonging to
groups. More
than one group may be specified; the list has to be comma-separated. Unknown
group names are ignored.
Note that the relation between user and group may be invisible for
the primary group if the user is not explicitly specified as group member
(e.g., in /etc/group). If the command lslogins scans for
groups then it uses the groups database only, and the user database with
primary GID is not used at all.
-L, --last
Display data containing information about the users' last
login sessions.
-l, --logins=logins
Only show data of users with a login specified in
logins (user names or user IDs). More than one login may be specified;
the list has to be comma-separated. Unknown login names are ignored.
-n, --newline
Display each piece of information on a separate
line.
--noheadings
Do not print a header line.
--notruncate
Don’t truncate output.
-o, --output list
Specify which output columns to print. The default list
of columns may be extended if list is specified in the format
+list.
--output-all
Output all available columns. --help to get a list
of all supported columns.
-p, --pwd
Display information related to login by password (see
also -afL).
-r, --raw
Raw output (no columnation).
-s, --system-accs
Show system accounts. These are by default all accounts
with a UID between 101 and 999 (inclusive), with the exception of either
nobody or nfsnobody (UID 65534). This hardcoded default may be overwritten by
parameters SYS_UID_MIN and SYS_UID_MAX in the file
/etc/login.defs.
--time-format type
Display dates in short, full or iso format. The default
is short, this time format is designed to be space efficient and human
readable.
-u, --user-accs
Show user accounts. These are by default all accounts
with UID above 1000 (inclusive), with the exception of either nobody or
nfsnobody (UID 65534). This hardcoded default maybe overwritten by parameters
UID_MIN and UID_MAX in the file /etc/login.defs.
-h, --help
Display help text and exit.
-V, --version
Print version and exit.
--wtmp-file path
Alternate path for wtmp.
--lastlog path
-y, --shell
The column name will be modified to contain only
characters allowed for shell variable identifiers. This is usable, for
example, with --export. Note that this feature has been automatically
enabled for --export in version 2.37, but due to compatibility issues,
now it’s necessary to request this behavior by --shell.
-Z, --context
Display the users' security context.
-z, --print0
Delimit user entries with a nul character, instead of a
newline.
0
if OK,
1
if incorrect arguments specified,
2
if a serious error occurs (e.g., a corrupt log).
The default UID thresholds are read from
/etc/login.defs.
Multiple fields describe password status.
"Password is locked"
The password is prefixed by '!!', and the user cannot
login although the password is set or empty. This is common for new accounts
without a set password.
"Password not required (empty)"
The password is not set (hash is missing); this is common
for locked system accounts. Not requiring a password does not mean the user
can log-in without a password. It depends on the password "lock"
status.
"Login by password disabled"
'yes' means that there is no valid password. The password
hash is missing, or the hash method is unknown or contains invalid
chars.
The lslogins utility is inspired by the logins
utility, which first appeared in FreeBSD 4.10.
Ondrej Oprala <ooprala@redhat.com>, Karel Zak
<kzak@redhat.com>