MONITORING USERS
User-management is always one of the basic tasks for Linux administrators, here we are going to see some basics user related “Monitoring Commands”.
1) “finger” is a command which will give full details about user properties such as name, login, shell what he is using etc.
Syntax:
#finger username
Example:
[root@localhost ~]# finger root
Login: root Name: root
Directory: /root Shell: /bin/bash
On since Sat Jun 6 19:20 (EDT) on tty1 4 hours 12 minutes idle
On since Sun Jun 7 02:18 (EDT) on pts/0 from :0.0
On since Sun Jun 7 03:48 (EDT) on pts/1 from :0.0
16 minutes 9 seconds idle
New mail received Sun Jun 7 04:02 2009 (EDT)
Unread since Sat Jun 6 22:17 2009 (EDT)
No Plan.
Here you can see so many user related information
one security information you can see is when he loged in last time and from where he loged in etc.
2)“id” is one more command which will show the user details such as his primary group and his secondary group.
Syntax:
#id username
Example:
[root@localhost ~]# id root
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel) context=root:system_r:unconfined_t:SystemLow–SystemHigh
[root@localhost ~]#
3)“chage“ is one more command which is used to see user related “threshold details” such as user disable time etc.
Syntax:
#chage -l username
Example:
[root@localhost ~]# chage -l root
Last password change : Jun 06, 2009
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7
[root@localhost ~]#
4)“who” is one more command to see who other people logged in and from where they logged in.
Syntax:
#who
Example:
[root@localhost ~]# who
root tty1 2009-06-06 19:20
root pts/0 2009-06-07 02:18 (:0.0)
root pts/1 2009-06-07 03:48 (:0.0)
[root@localhost ~]#
5)“w” is one more command which is similar to “who” command but will give some more details.
Example:
[root@localhost ~]# w
06:36:49 up 11:23, 3 users, load average: 0.54, 0.38, 0.42
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root tty1 – 19:20 4:27m 0.69s 0.69s -bash
root pts/0 :0.0 02:18 0.00s 0.16s 0.02s w
root pts/1 :0.0 03:48 31:25 0.10s 0.10s bash
[root@localhost ~]#
6)“groups” is one more wonderful command which will show which user belongs to what groups, we can say it’s a subset of id command
Syntax:
#groups username
Example:
[root@localhost ~]# groups root
root : root bin daemon sys adm disk wheel
[root@localhost ~]#
7)”users” is one more monitoring command to see which users loged in at present in to the system
Example:
[root@localhost ~]# groups root
root : root bin daemon sys adm disk wheel
[root@localhost ~]#
Pleaseadd if you know some other user related monitoring commands.