LinuxCommandLibrary

id

Display user and group identification numbers

TLDR

Display current user's ID (UID), group ID (GID), and groups to which they belong

$ id
copy

Display the current user identity
$ id [[-un|--user --name]]
copy

Display the current user identity as a number
$ id [[-u|--user]]
copy

Display the current primary group identity
$ id [[-gn|--group --name]]
copy

Display the current primary group identity as a number
$ id [[-g|--group]]
copy

Display all groups the current user belongs to
$ id [[-Gn|--groups --name]]
copy

Display an arbitrary user's ID (UID), group ID (GID), and groups to which they belong
$ id [username]
copy

Skip name lookup and specify the UID number explicitly
$ id +[uid_number]
copy

SYNOPSIS

id [OPTION]... [USERNAME]

PARAMETERS

-a, --all
    print all (ignored in recent versions)

-G, --group
    print all group IDs

-g, --gid
    print effective group ID

-n, --name
    use names instead of numbers (with -G, -g, -u)

-r, --real
    print real ID instead of effective (with -g, -u)

-u, --uid
    print effective user ID

-Z, --context
    print SELinux security context

--help
    display help and exit

--version
    output version information and exit

DESCRIPTION

The id command prints the real and effective user and group IDs, as well as supplementary group IDs, for the specified username or the current user if none is provided. It retrieves this information from the system's password and group databases using system calls like getuid(), getgid(), and getgroups().

Without options, id outputs a line in the format:
uid=NUM(username) gid=NUM(groupname) groups=NUM(groupname),NUM(groupname),...
where NUM are numeric IDs and names are resolved from /etc/passwd and /etc/group.

Options allow customization: numeric-only output, names only with -n, specific IDs with -u (user), -g (group), or all groups with -G. The -r flag shows real IDs instead of effective ones, useful in setuid/setgid contexts. SELinux users can print security contexts with -Z or --context.

This command is essential for scripting, debugging permissions, and verifying effective identities in processes. It works for any user without special privileges, as ID info is publicly queryable.

CAVEATS

Output for other users may not show effective IDs if not running as that user; real IDs are always shown unless -r is used. SELinux context requires SELinux support.

OUTPUT EXAMPLE

id
uid=1000(alice) gid=1000(alice) groups=1000(alice),4(adm),24(cdrom),27(sudo)
id -Gn
alice alice adm cdrom sudo

EXIT STATUS

0 if OK, 1 if errors (e.g., unknown user)

HISTORY

Originated in POSIX.1-2001; part of GNU coreutils since early versions. Enhanced with SELinux support in coreutils 6.11 (2007). Widely available on Unix-like systems.

SEE ALSO

whoami(1), groups(1), getent(1), logname(1)

Copied to clipboard