LinuxCommandLibrary

lslogins

List system users' login information

TLDR

Display users in the system

$ lslogins
copy

Display users belonging to a specific group
$ lslogins [[-g|--groups]] [groups]
copy

Display user accounts
$ lslogins [[-u|--user-accs]]
copy

Display last logins
$ lslogins [[-L|--last]]
copy

Display system accounts
$ lslogins [[-s|--system-accs]]
copy

Display supplementary groups
$ lslogins [[-G|--supp-groups]]
copy

SYNOPSIS

lslogins [options]

PARAMETERS

-a, --all
    Show all user logins, including those without active sessions.

-b, --boot
    Show information about boot sessions, linking sessions to system boots.

-F, --failed
    Display information about failed login attempts.

-f, --fsid
    Show session filesystem ID, providing unique identifiers for filesystems involved in sessions.

-g, --group ...
    Filter output to show information for specific groups by name or GID. Multiple groups can be specified as a comma-separated list.

-h, --help
    Display a help message and exit.

-i, --invert
    Invert the meaning of specified columns when used with --output, for example, showing only non-matching data.

-J, --json
    Output the results in JSON format, suitable for machine parsing.

-L, --last
    Show the last login time for each user.

-l, --logins
    Force the display of only login information, excluding session details unless explicitly requested by other options.

-n, --noheadings
    Suppress the printing of column headers in the output.

-o, --output
    Specify a comma-separated list of columns to display. Use --help to see available column names.

-P, --plain
    Use a plain output format, disabling default processing and column headers, useful for scripting.

-p, --port
    Show information related to ports (TTYs) associated with sessions.

-r, --raw
    Produce raw output without any column alignment or post-processing.

-s, --session
    Include detailed session information in the output, such as TTY, origin (FROM), and idle time.

-u, --user ...
    Filter output to show information for specific users by name or UID. Multiple users can be specified as a comma-separated list.

-v, --version
    Display version information and exit.

--active
    Show only active user logins. This is the default behavior.

--inactive
    Show only inactive user logins.

--hide-empty-columns
    Suppress the display of columns that contain no data for any row.

DESCRIPTION

The lslogins command displays information about user logins and their associated sessions managed by systemd. It retrieves data directly from the systemd login manager, providing details such as user names, UIDs, GIDs, current session counts, login creation times, and last login occurrences. Unlike traditional tools that might scan /etc/passwd or /var/log/wtmp, lslogins focuses on users known to systemd, which primarily includes users with active sessions or those who have recently had sessions. By default, it lists logins with active sessions or users with a UID of 1000 or higher. Users can filter results by specific users or groups, or expand the output to include detailed session or boot information, last login times, and even failed login attempts. It supports customizable output columns and can produce output in various formats including plain text and JSON, making it versatile for both interactive use and scripting.

CAVEATS

lslogins relies on the systemd login manager for its data. It will not list all system users, but only those known to systemd's current or past sessions. Therefore, it may not provide a complete list of all users on a system, especially those without any interactive sessions. The information provided is dynamic and reflects the state managed by systemd, which means it might differ from information gathered by traditional tools that parse static log files.

DEFAULT OUTPUT COLUMNS

By default, lslogins outputs columns such as USER, UID, GID, SESS (session count), STATE, LOGIN (creation time), and LTIME (last login time). The exact columns can vary based on the version and system configuration, but these are generally included to provide a concise overview of login information.

EXIT STATUS

The command returns an exit status of 0 upon successful completion, indicating that the command ran without errors. An exit status of 1 signifies that lslogins encountered an error during its execution. This standard behavior is useful for scripting and error handling in automated tasks.

HISTORY

The lslogins command is a relatively recent addition to the suite of Linux utilities, introduced as part of the util-linux project in version 2.36. Its development reflects the growing reliance on systemd for managing login sessions and user activity on modern Linux systems. It provides a more integrated and structured way to query login information directly from the systemd login manager compared to older tools that often parse log files or specific pseudo-terminals. Its inclusion in util-linux signifies its role as a standard utility for login information retrieval in systemd-centric environments.

SEE ALSO

loginctl(1), last(1), users(1), who(1), systemd(1)

Copied to clipboard