Id command in Linux

Posted 

3 min read

id is a command-line utility that prints the real and effective user and group IDs.

Using the id Command

The syntax for the id command is as follows:

id [OPTIONS] [USERNAME]

If the username is omitted, the id command displays information about the currently logged-in user.

When invoked without any option, id prints the real user ID (uid), the user’s real primary group ID (gid), and real IDs of the supplemental groups (groups) the user belongs to. Effective user ID, group ID, and supplemental group IDs are printed only when they are different from the real ones.

id
uid=1000(linuxize) gid=1000(linuxize) groups=1000(linuxize),4(adm),27(sudo),998(docker)

If SELinux is enabled, then id also prints the user’s security context (context):

uid=1000(linuxize) gid=1000(linuxize) groups=1000(linuxize) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

To obtain information about another user, pass the username or user ID as an argument to the id command:

id mark
uid=1001(mark) gid=1001(mark) groups=1001(mark),998(docker)

In case when a user with a name same as the supplied ID exists on the system, the name look-up is taking precedence. When using the user ID as an argument, prefix the ID with the + symbol to avoid interpreting the ID as a name.

For example, if you have a user with name 1010 and another user with ID 1010, if you type id 1010 the command will display information about the user with name 1010. To obtain information about the user with ID 1010, type id +1010.

id Command Options

The id command accepts several options that allow you to display only specific information. This is useful when using id in shell scripts.

To print only the effective user ID, use the -u (--user) option:

id -u 
1000

The -g (--group) option tells id to print only the effective group ID:

id -g
1000 4 27 998

Use the -G (--groups) option to print effective IDs of all groups the user belongs to:

id -G
1000

To print names instead of numbers use the -n, --name option. This option can be used only in combination with -u, -g and -G.

id -un
linuxize

Running the id command with the -un options produce the same output as running whoami, and the output of id -Gn is equivalent to the output of the groups command.

The -r, (--real) option can be used in combination with -u, -g and -G to print the real, instead of effective values:

id -ur

To print only the security context of the process, which is usually the user’s security context, use the -Z (--context) option:

id -Z
unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

If SELinux is disabled, id prints an error message:

id: --context (-Z) works only on an SELinux-enabled kernel

The -z (--zero) option tells id to delimit the output items with the NUL character, not whitespace:

id -znG
linuxizeadmsudodocker

This can be useful when piping the output to a command that can parse newlines

Conclusion

The id command prints information about a given user, or the currently logged in user if no user name or ID is provided as an argument.

Feel free to leave a comment if you have any questions.