|Front | Info | Lists | Newsfeeds | Study Guide | What is BSD?|
This is the BSDA Study Guide Book written via a wiki collaboration. This is a work in progress. You may contribute to or discuss this specific page at http://bsdwiki.reedmedia.net/wiki/Determine_identity_and_group_membership.html.
Determine identity and group membership
In the context of the Unix permission system, determining one's identity and group membership is essential to determine what authorizations are available. Be able to determine, and as required, change identity or group membership.
The user's priviledges determine what kind of access (if any) to given files and directories a user have. Groups are a mean to simplify user management.
We can determine our identity -- that is our username and groups to which we belong -- using id, groups and whoami commands.
Our username can be determined by simply executing whoami command without any parameters.
In the above example we're logged into the system as a user. The whoami command is equivalent to id -un.
The groups command let us check to which groups we're currently begin assigned to. It can also be used to check other existing user's group membership. Executing groups without a username will display information on us.
The groups command is equivalent to id -Gn.
The id command may take few arguments and can output many informations on given user. In most basic usage it displays our user ID (uid), our basic group id (gid) and groups to which we belong to.
It can also be used to display the very same information on other user.
Note, that the above mentioned commands will not display our new groups membership untill we'll logout and login again.
As explained above, some commands let us peek into other user's identity information, which might be useful to system administrators for checking other logged in users. To see who is currently logged in execute who command:
This command outputs some more information on all logged users: username, tty name, date and time of login and remote host's IP address if it is not local. It can also display the very same information only about us:
Finaly, having determined who we are -- our username and groups membership -- we may sometimes need to switch to more priviledged account (most commonly root) without completely logging out current user. To do so, we'll use the su command.
The su command may be given with or without a username. Given without a username su switches do superuser root. Password is not echoed in any form (not even with * marks).
Most commonly, when switching to normal user account, we'd like to simulate a full login. This is done with the - parameter:
id(1), groups(1), who(1), whoami(1), su(1)