首页 文章

如何列出Linux组中的所有用户?

提问于
浏览
265

如何在Linux(以及可能的其他unices)中列出组中的所有成员?

linux unix

18 回答

  • 3
    getent group insert_group_name_here | awk -F ':' '{print $4}' | sed 's|,| |g'

    这将返回一个空格分隔的用户列表,我在脚本中使用它来填充数组 .

    for i in $(getent group ftp | awk -F ':' '{print $4}' | sed 's|,| |g')
    do
        userarray+=("$i")
    done

    要么

    userarray+=("$(getent group GROUPNAME | awk -F ':' '{print $4}' | sed 's|,| |g')")
    回复于
  • 227

    不幸的是,我知道没有好的,可移植的方法来做到这一点 . 如果您尝试解析/ etc / group,正如其他人所建议的那样,您将错过将该组作为其主要组的用户以及通过UNIX平面文件以外的机制(即LDAP,NIS,已添加到该组)的任何人pam-pgsql等) .

    如果我自己绝对必须这样做,我可能会反过来做:使用 id 来获取系统上每个用户的组(这会将所有源都提供给NSS),并使用Perl或类似的东西来维护发现每个组的哈希表,注意到该用户的成员身份 .

    编辑:当然,这会给您留下类似的问题:如何获取系统上每个用户的列表 . 由于我的位置仅使用平面文件和LDAP,因此我可以从两个位置获取列表,但这可能适用于您的环境,也可能不适用 .

    编辑2:传递给我的人提醒我, getent passwd 将返回系统上所有用户的列表,包括来自LDAP / NIS /等的用户,但 getent group 仍然会遗漏仅通过默认组条目成员的用户,因此受到启发我写这个快速的黑客 .

    #!/usr/bin/perl -T
#
# Lists members of all groups, or optionally just the group
# specified on the command line
#
# Copyright © 2010-2013 by Zed Pobre (zed@debian.org or zed@resonant.org)
#
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#

use strict; use warnings;

$ENV{"PATH"} = "/usr/bin:/bin";

my $wantedgroup = shift;

my %groupmembers;
my $usertext = `getent passwd`;

my @users = $usertext =~ /^([a-zA-Z0-9_-]+):/gm;

foreach my $userid (@users)
{
    my $usergrouptext = `id -Gn $userid`;
    my @grouplist = split(' ',$usergrouptext);

    foreach my $group (@grouplist)
    {
        $groupmembers{$group}->{$userid} = 1;
    }
}

if($wantedgroup)
{
    print_group_members($wantedgroup);
}
else
{
    foreach my $group (sort keys %groupmembers)
    {
        print "Group ",$group," has the following members:\n";
        print_group_members($group);
        print "\n";
    }
}

sub print_group_members
{
    my ($group) = @_;
    return unless $group;

    foreach my $member (sort keys %{$groupmembers{$group}})
    {
        print $member,"\n";
    }
}
    回复于
  • 39
    getent group <groupname>;

    它可以在Linux和Solaris上移植,并且可以与本地组/密码文件,NIS和LDAP配置一起使用 .

    回复于
  • 2

    使用Python列出组成员:

    python -c“import grp; print grp.getgrnam('GROUP_NAME')[3]”

    https://docs.python.org/2/library/grp.html

    回复于
  • 99
    lid -g groupname | cut -f1 -d'('
    回复于
  • 1

    以下命令将列出属于 <your_group_name> 的所有用户,但仅列出由 /etc/group 数据库管理的用户,而不是LDAP,NIS等 . 它也不会列出将该组设置为主要用户的用户,因为主要组存储为文件 /etc/passwd 中的 GID (数字组ID) .

    grep <your_group_name> /etc/group
    回复于
  • 0

    以下命令将列出属于 <your_group_name> 的所有用户,但仅列出由 /etc/group 数据库管理的用户,而不是LDAP,NIS等 . 它也是 works for secondary groups only ,它不会列出将该组设置为主要用户的用户,因为主要组存储为文件 /etc/passwd 中的 GID (数字组ID) .

    awk -F: '/^groupname/ {print $4;}' /etc/group
    回复于
  • 3

    以下shell脚本将遍历所有用户并仅打印属于给定组的用户名:

    #!/usr/bin/env bash
getent passwd | while IFS=: read name trash
do
    groups $name 2>/dev/null | cut -f2 -d: | grep -i -q -w "$1" && echo $name
done
true

    用法示例:

    ./script 'DOMAIN+Group Name'

    Note: 此解决方案将检查用户和组的NIS和LDAP(不仅是 passwdgroup 文件) . 它还会考虑未添加到组但将组设置为主组的用户 .

    Edit: 添加了针对罕见场景的修复,其中用户不属于具有相同名称的组 .

    Edit: 以shell脚本的形式编写;添加 true@Max Chernyak aka hakunin建议以 0 状态退出;丢弃 stderr 以便偶尔跳过那些 groups: cannot find name for group ID xxxxxx .

    回复于
  • 2

    您可以在一个命令行中执行此操作:

    cut -d: -f1,4 /etc/passwd | grep $(getent group <groupname> | cut -d: -f3) | cut -d: -f1

    以上命令列出了将groupname作为主要组的所有用户

    如果还要列出具有groupname作为其辅助组的用户,请使用以下命令

    getent group <groupname> | cut -d: -f4 |  tr ',' '\n'
    回复于
  • 6

    Zed's implementation should probably be expanded to work on some of the other major UNIX.

    有人可以访问Solaris或HP-UX硬件吗?没有测试那些案件 .

    #!/usr/bin/perl
#
# Lists members of all groups, or optionally just the group
# specified on the command line
#
# Date:         12/30/2013
# Author:       William H. McCloskey, Jr.
# Changes:      Added logic to detect host type & tailor subset of getent (OSX)
# Attribution:
#   The logic for this script was directly lifted from Zed Pobre's work.
#     See below for Copyright notice.
#   The idea to use dscl to emulate a subset of the now defunct getent on OSX
#     came from
#       http://zzamboni.org/\
#         brt/2008/01/21/how-to-emulate-unix-getent-with-macosxs-dscl/
#     with an example implementation lifted from
#       https://github.com/petere/getent-osx/blob/master/getent
#
# Copyright © 2010-2013 by Zed Pobre (zed@debian.org or zed@resonant.org)
#
# Permission to use, copy, modify, and/or distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#

use strict; use warnings;

$ENV{"PATH"} = "/usr/bin:/bin";

# Only run on supported $os:
my $os;
($os)=(`uname -a` =~ /^([\w-]+)/);
unless ($os =~ /(HU-UX|SunOS|Linux|Darwin)/)
    {die "\$getent or equiv. does not exist:  Cannot run on $os\n";}

my $wantedgroup = shift;

my %groupmembers;

my @users;

# Acquire the list of @users based on what is available on this OS:
if ($os =~ /(SunOS|Linux|HP-UX)/) {
    #HP-UX & Solaris assumed to be like Linux; they have not been tested.
    my $usertext = `getent passwd`;
    @users = $usertext =~ /^([a-zA-Z0-9_-]+):/gm;
};
if ($os =~ /Darwin/) {
    @users = `dscl . -ls /Users`;
    chop @users;
}

# Now just do what Zed did - thanks Zed.
foreach my $userid (@users)
{
    my $usergrouptext = `id -Gn $userid`;
    my @grouplist = split(' ',$usergrouptext);

    foreach my $group (@grouplist)
    {
        $groupmembers{$group}->{$userid} = 1;
    }
}

if($wantedgroup)
{
    print_group_members($wantedgroup);
}
else
{
    foreach my $group (sort keys %groupmembers)
    {
        print "Group ",$group," has the following members:\n";
        print_group_members($group);
        print "\n";
    }
}

sub print_group_members
{
    my ($group) = @_;
    return unless $group;

    foreach my $member (sort keys %{$groupmembers{$group}})
    {
        print $member,"\n";
    }
}

    如果有更好的方式来分享这个建议,请告诉我;我考虑了很多方法,这就是我提出的方法 .

    回复于
  • 0

    我这样做与上面的perl代码类似,但用本机perl函数替换了getent和id . 它更快,应该适用于不同的* nix风格 .

    #!/usr/bin/env perl

use strict;
my $arg=shift;
my %groupMembers; # defining outside of function so that hash is only built once for multiple function calls

sub expandGroupMembers{
my $groupQuery=shift;
unless (%groupMembers){
    while (my($name,$pass,$uid,$gid,$quota,$comment,$gcos,$dir,$shell,$expire)=getpwent()) {
            my $primaryGroup=getgrgid($gid);
            $groupMembers{$primaryGroup}->{$name}=1;
    }
    while (my($gname,$gpasswd,$gid,$members)=getgrent()) {
            foreach my $member (split / /, $members){
                    $groupMembers{$gname}->{$member}=1;
            }
    }
}
my $membersConcat=join(",",sort keys %{$groupMembers{$groupQuery}});
return "$membersConcat" || "$groupQuery Does have any members";
}
print &expandGroupMembers($arg)."\n";
    回复于
  • -1

    只是一点点grep和tr:

    $ grep ^$GROUP /etc/group | grep -o '[^:]*$' | tr ',' '\n'
user1
user2
user3
    回复于
  • 0

    有一个方便的Debian和Ubuntu包叫做“ members ”,它提供了这个功能:

    描述:显示组的成员;默认情况下,所有成员成员都是组的补充:组显示指定用户所属的组,成员显示属于指定组的用户 . ...您可以在一条线上要求主要成员,次要成员,每条成员都在不同的行上 .

    回复于
  • 0

    这是一个脚本,它返回/ etc / passwd和/ etc / group中的用户列表,它不检查NIS或LDAP,但它确实显示将该组作为其默认组的用户在Debian 4.7和solaris 9上测试

    #!/bin/bash

MYGROUP="user"

# get the group ID
MYGID=`grep $MYGROUP /etc/group | cut -d ":" -f3`
if [[ $MYGID != "" ]]
then
  # get a newline-separated list of users from /etc/group 
  MYUSERS=`grep $MYGROUP /etc/group | cut -d ":" -f4| tr "," "\n"`
  # add a newline
  MYUSERS=$MYUSERS$'\n'
  # add the users whose default group is MYGROUP from /etc/passwod 
  MYUSERS=$MYUSERS`cat /etc/passwd |grep $MYGID | cut -d ":" -f1`

  #print the result as a newline-separated list with no duplicates (ready to pass into a bash FOR loop)
  printf '%s\n' $MYUSERS  | sort | uniq
fi

    或作为一个单行,你可以削减和从这里直接粘贴(更改第一个变量中的组名)

    MYGROUP="user";MYGID=`grep $MYGROUP /etc/group | cut -d ":" -f3`;printf '%s\n' `grep $MYGROUP /etc/group | cut -d ":" -f4| tr "," "\n"`$'\n'`cat /etc/passwd |grep $MYGID | cut -d ":" -f1`  | sort | uniq
    回复于
  • 12

    在UNIX(与GNU / Linux相对)中,有listusers命令 . 见Solaris man page for listusers .

    请注意,此命令是开源Heirloom Project的一部分 . 我认为它相信组和权限 . :-)

    回复于
  • 38

    这是一个非常简单的awk脚本,它考虑了其他答案中列出的所有常见陷阱:

    getent passwd | awk -F: -v group_name="wheel" '
  BEGIN {
    "getent group " group_name | getline groupline;
    if (!groupline) exit 1;
    split(groupline, groupdef, ":");
    guid = groupdef[3];
    split(groupdef[4], users, ",");
    for (k in users) print users[k]
  }
  $4 == guid {print $1}'

    我正在使用我的ldap启用设置,运行任何符合标准的getent和awk,包括solaris 8和hpux .

    回复于
  • 24
    getent group groupname | awk -F: '{print $4}' | tr , '\n'

    这有3个部分:

    1 - getent group groupname 显示"/etc/group"文件中组的行 . cat /etc/group | grep groupname 的替代品 .

    2 - awk print 's only the members in a single line separeted with ',' .

    3 - tr 用新行替换's ','并连续打印每个用户 .

    4 - 可选:如果用户太多,您还可以使用带有 sort 的其他管道 .

    问候

    回复于
  • 16

    我已经尝试了 grep 'sample-group-name' /etc/group ,它将根据示例here列出您指定的组的所有成员

    回复于

相关问题