LinuxCommandLibrary

getent

Get entries from administrative database sources

TLDR

Get list of all groups

$ getent group
copy

See the members of a group
$ getent group [group_name]
copy

Get list of all services
$ getent services
copy

Find a username by UID
$ getent passwd 1000
copy

Perform a reverse DNS lookup
$ getent hosts [host]
copy

SYNOPSIS

getent [options] database [key ...]

PARAMETERS

-h, --help
    print this help, then exit

-s SERVICE-DATABASE, --service=SERVICE-DATABASE
    use specified service database (e.g., ldap:files) instead of defaults

-i, --noaddr
    for hosts/ethers, print only aliases, no addresses

-n SERVICE-NUMBER, --numeric=SERVICE-NUMBER
    use decimal service number instead of name

--usage
    print brief usage message, then exit

-V, --version
    print program version, then exit

DESCRIPTION

getent is a versatile command-line tool for retrieving records from system databases managed by the Name Service Switch (NSS). It queries sources like local files (/etc/passwd), LDAP, NIS, or DNS, as defined in /etc/nsswitch.conf, making it ideal for portable scripts that must work across diverse authentication setups.

Unlike directly cat-ing files, getent transparently handles remote or cached data, ensuring consistent output. Common uses include fetching user info (getent passwd username), group members (getent group wheel), host IPs (getent hosts example.com), or services (getent services ssh).

If no key is specified, it lists all entries, useful for enumeration. Output mimics standard formats (e.g., colon-separated for passwd), but respects NSS ordering and modules. It's efficient, secure (no direct file access), and essential for sysadmin tasks, automation, and troubleshooting NSS configurations.

CAVEATS

Output format varies by database and NSS config; large databases may produce verbose output. Requires NSS modules for non-local sources; fails silently if unsupported.

SUPPORTED DATABASES

passwd, group, shadow, gshadow, hosts, networks, services, protocols, rpc, netgroup, bootparams, aliases, ethers, netmasks; varies by NSS modules.

EXAMPLES

getent passwd $USER — show current user entry
getent group sudo — list sudo group members
getent hosts localhost — resolve localhost IPs
getent services http — find HTTP service port.

HISTORY

Introduced in glibc 2.2 (2000), getent evolved with NSS enhancements; now standard in util-linux and glibc, widely used for multi-source auth since Linux 2.4 era.

SEE ALSO

id(1), host(1), groups(1), ypcat(1)

Copied to clipboard