70
12
How can I find out, in a shell script, whether a given user name exists on the current system?
/etc/passwd and /etc/shadow are incomplete. Consider OS X's Directory Services, or Linux with Likewise Active Directory integration.
Daniel Beck
Posted 2011-09-16T07:28:07.387
Reputation: 98 421
105
One of the most basic tools to be used for that is probably id.
#!/bin/bash
if id "$1" >/dev/null 2>&1; then
echo "user exists"
else
echo "user does not exist"
fi
Which produces
$ ./userexists root
user exists
$ ./userexists alice
user does not exist
$ ./userexists
user does not exist
barbaz
Posted 2011-09-16T07:28:07.387
Reputation: 2 696
20
getent
This command is designed to gather entries for the databases that can be backed by /etc files and various remote services like LDAP, AD, NIS/Yellow Pages, DNS and the likes.
To figure out if a username is known by one of the password naming services, simply run:
getent passwd username
This works also with group, hosts and others, depending on the OS and implementation.
jlliagre
Posted 2011-09-16T07:28:07.387
Reputation: 12 469
1getent is nice because you can query multiple usernames where id only supports a single username. – nall – 2015-06-04T21:45:37.657
1While Solaris and Linux, and more recently also most BSDs have getent, there is no getent on Mac OS X – barbaz – 2011-09-17T15:37:27.510
Indeed, I missed Mac OS/X is missing getent. – jlliagre – 2011-09-17T20:57:27.500
Nevertheless it's quite useful on the systems it supports. – Daniel Beck – 2011-09-19T07:52:16.157
6
fingerParse the output of finger -m <username>. No error code if no user was found, unfortunately, but if not found, error output will be written. No drawbacks so far.
finger -ms <username> 2>&1 1>/dev/null | wc -l
Will print 0 if user is found (because there's no error output), larger numbers otherwise.
chownRun (as any user, surprisingly):
T=$( mktemp -t foo.XXX ) ; chown <username> $T
If it fails as root, the account name is invalid.
If it fails as non-root user, parse the possibly localized output for Operation not permitted or invalid user (or equivalents). Set LANG beforehand to do this reliably.
Daniel Beck
Posted 2011-09-16T07:28:07.387
Reputation: 98 421
0
I would say that you would want to rely on /etc/passwd and similar (e.g. /etc/shadow for Shadow-based systems; on an off-topic side-note, some similar systems might use /etc/master.passwd or other such files).
The /etc/passwd is typically treated as the absolute authoritative decision on whether a user exists or not. If you use any of the other methods described on this page, and if those other methods point to an existing user but /etc/passwd does not, then I would say that the user does not properly exist on the system, by definition of the most common standard that software would likely rely on.
That said, I'll throw in another way to add to the mix of some other options that could be used.
ls -l /home | grep ^customUserName$<BR>
echo $?
Clearly, replace "customuserName" with the name of the user you want to check for. Replace /home with /users if that is what your system uses. This might not find all users in /etc/passwd if no home directory was made for the particular user, which could occur if you simply imported users (that is, lines of text into /etc/passwd) and if home directories don't get made unless/until a person logs in.
TOOGAM
Posted 2011-09-16T07:28:07.387
Reputation: 12 651
I don't get why you state a user who has no entry in the /etc/password file but is reported to be valid by either id or getent does not "properly" exist on the system, especially when the OP is clearly stating naming services are to be considered. – jlliagre – 2015-06-04T23:03:00.010
"-u" also seems unnecessary – palacsint – 2015-10-24T20:38:05.243
Wha's if I needed only
ifwith negative result checker? – Yura Shinkarev – 2018-01-04T21:49:04.417id -u $1 1>/dev/null 2>&1; echo $?can be used for pipe – JasonWayne – 2018-02-07T02:12:24.463On older Solaris it may be worthwhile to use
idlocated at/usr/xpg4/bin/idrather than/usr/bin/id. – jww – 2018-07-23T12:43:53.650So in general a stdout is true and stderr is false? – wordsforthewise – 2019-08-15T02:35:05.730
@wordsforthewise Processes have "exit codes" they return upon termination - zero for success, non-zero for failure. This is independent from their output on stdout and stderr. – barbaz – 2019-08-16T06:59:12.780
2You don't need the backquotes here -- just use
if id -u "$1" >/dev/null 2>&1; then... – Gordon Davisson – 2011-09-17T03:03:49.1471@Gordon absolutely right of course. Thanks :) – barbaz – 2011-09-17T11:17:23.143