id Command in Linux: Display User and Group Information
The id command prints real and effective user and group IDs. It is one of the quickest ways to check which user account you are operating as, what primary group you belong to, and which supplemental groups grant you additional permissions.
This article covers the id command syntax, its options, and practical examples of using it in everyday administration and shell scripts.
Using the id Command
The syntax for the id command is as follows:
id [OPTIONS] [USERNAME]If the username is omitted, id displays information about the currently logged-in user.
When invoked without any option, id prints the real user ID (uid), the user’s real primary group ID (gid), and real IDs of the supplemental groups (groups) the user belongs to. Effective IDs are printed only when they differ from the real ones.
iduid=1000(linuxize) gid=1000(linuxize) groups=1000(linuxize),4(adm),27(sudo),998(docker)If SELinux is enabled, id also prints the user’s security context (context):
uid=1000(linuxize) gid=1000(linuxize) groups=1000(linuxize) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023To obtain information about another user, pass the username or user ID as an argument:
id markuid=1001(mark) gid=1001(mark) groups=1001(mark),998(docker)When a user with a name identical to the supplied numeric ID exists on the system, the name lookup takes precedence. Prefix the ID with the + symbol to force numeric lookup.
For example, if you have a user with name 1010 and another user with ID 1010, running id 1010 will display information about the user whose name is 1010. To query the user with UID 1010 instead, run id +1010.
id Command Options
The id command accepts several options that limit output to a specific field. These are especially useful in shell scripts where you need a single value rather than the full line.
Print User ID
The -u (--user) option prints only the effective user ID:
id -u1000Print Primary Group ID
The -g (--group) option prints only the effective primary group ID:
id -g1000Print All Group IDs
The -G (--groups) option prints the IDs of every group the user belongs to, including the primary group and all supplemental groups
:
id -G1000 4 27 998Print Names Instead of Numbers
The -n (--name) option prints names instead of numeric IDs. It must be combined with -u, -g, or -G:
id -unlinuxizeRunning id -un produces the same output as the whoami
command, and id -Gn is equivalent to the groups command.
Print Real IDs
The -r (--real) option prints real IDs instead of effective ones. Like -n, it must be combined with -u, -g, or -G:
id -urIn most situations the real and effective IDs are the same. They diverge when a process runs under a setuid or setgid binary.
Print SELinux Context
The -Z (--context) option prints the security context of the current process:
id -Zunconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023If SELinux is disabled
, id prints an error message:
id: --context (-Z) works only on an SELinux-enabled kernelNUL-Delimited Output
The -z (--zero) option separates output items with a NUL character instead of whitespace, which is useful when piping into tools like xargs -0:
id -zGUsing id in Scripts
The id command is commonly used in shell scripts to verify permissions before running privileged operations.
Check whether the current user is root:
if [ "$(id -u)" -eq 0 ]; then
echo "Running as root"
else
echo "This script requires root privileges"
exit 1
fiCheck whether the current user belongs to the docker group:
if id -Gn | grep -qw docker; then
echo "User is in the docker group"
else
echo "User is not in the docker group"
fiStore the current username in a variable for logging:
CURRENT_USER="$(id -un)"
echo "Script started by $CURRENT_USER"Quick Reference
| Option | Description |
|---|---|
-u (--user) | Print effective user ID |
-g (--group) | Print effective primary group ID |
-G (--groups) | Print all group IDs |
-n (--name) | Print names instead of numbers (combine with -u, -g, or -G) |
-r (--real) | Print real IDs instead of effective (combine with -u, -g, or -G) |
-Z (--context) | Print SELinux security context |
-z (--zero) | NUL-delimit output instead of whitespace |
FAQ
What is the difference between real and effective user ID?
The real user ID is the account that started the process. The effective user ID is the identity the kernel uses for permission checks. They are usually the same, but they can differ when a setuid binary (such as passwd or sudo) temporarily elevates privileges.
How do I check if a user belongs to a specific group?
Run id -Gn username to list all group names, then pipe the output through grep -qw groupname. For example: id -Gn mark | grep -qw docker.
What is the difference between id and whoami?
The whoami command prints only the effective username, which is equivalent to id -un. The id command provides more detail, including numeric IDs and all group memberships.
Conclusion
The id command displays user and group identity for any account on the system. For related tasks, see how to create users
, manage groups
, or list group memberships
.
Tags
Linuxize Weekly Newsletter
A quick weekly roundup of new tutorials, news, and tips.
About the authors
Dejan Panovski
Dejan Panovski is the founder of Linuxize, an RHCSA-certified Linux system administrator and DevOps engineer based in Skopje, Macedonia. Author of 800+ Linux tutorials with 20+ years of experience turning complex Linux tasks into clear, reliable guides.
View author page