id
Display user and group identification numbers
TLDR
Display current user's ID (UID), group ID (GID) and groups to which they belong
Display the current user identity
Display the current user identity as a number
Display the current primary group identity
Display the current primary group identity as a number
Display an arbitrary user's ID (UID), group ID (GID) and groups to which they belong
SYNOPSIS
id [OPTION]... [USERNAME]
PARAMETERS
-g, --group
Print only the effective group ID.
-G, --groups
Print all group IDs (real, effective, and supplementary).
-n, --name
Print name instead of number for -ugG options.
-r, --real
Print real ID instead of effective ID for -ugG options.
-u, --user
Print only the effective user ID.
-Z, --context
Print only the security context (e.g., SELinux context).
-z, --zero
Delimit entries with NUL characters, useful for scripting.
--help
Display a help message and exit.
--version
Output version information and exit.
DESCRIPTION
The id command in Linux is used to display user and group identity information for the current user or a specified USERNAME.
By default, when invoked without any arguments, id shows the real user ID (RUID), effective user ID (EUID), and saved user ID (SUID), along with the real group ID (RGID), effective group ID (EGID), saved group ID (SGID), and all supplementary group IDs that the user belongs to.
This command is crucial for understanding the security context of a process or a user. It helps in diagnosing permission issues by revealing exactly which user and group IDs a process is operating under. The distinction between real and effective IDs is particularly important in scenarios involving setuid/setgid programs, where the effective ID changes to that of the file owner while the real ID remains that of the invoking user.
id is part of the GNU Core Utilities, making it a fundamental and universally available tool on most Linux distributions.
CAVEATS
When a program is executed with the setuid or setgid bit set, its effective user/group ID changes to that of the file owner/group, while the real user/group ID remains that of the user who executed it. The id command helps differentiate these, but understanding the implications of effective vs. real IDs is crucial for security. The -Z option for security context is specific to systems with Mandatory Access Control (MAC) frameworks like SELinux or AppArmor; it will not show meaningful output on systems without these enabled.
UNDERSTANDING IDS
RUID/RGID: Real User/Group ID, identifies the actual user/group who started the process.
EUID/EGID: Effective User/Group ID, determines the process's permissions for accessing resources. This can change for setuid/setgid programs.
SUID/SGID: Saved User/Group ID, used by a process to temporarily revert its effective ID to the real ID and then restore the effective ID.
EXAMPLES
To show your own IDs:id
To show IDs for a specific user (e.g., 'root'):id root
To get only your effective username:id -un
To list all groups a user (e.g., 'myuser') belongs to, by name:id -Gn myuser
HISTORY
The id command has been a standard utility in Unix-like operating systems for decades, providing a simple way to query user and group identities. Its inclusion in GNU Core Utilities ensures its widespread availability and consistent behavior across Linux distributions. Over time, options like -Z were added to accommodate new security features (e.g., SELinux), and others like -a became default behavior, simplifying the command's usage. Its core functionality, however, remains unchanged: to display identity information.