LSLOGINS(1)                          User Commands                          LSLOGINS(1)

NAME
       lslogins - display information about known users in the system

SYNOPSIS
       lslogins [options] [-s|-u[=UID]] [-g groups] [-l logins] [username]

DESCRIPTION
       Examine  the  wtmp and btmp logs, /etc/shadow (if necessary) and /etc/passwd and
       output the desired data.

       The optional argument username forces lslogins to print  all  available  details
       about  the specified user only. In this case the output format is different than
       in case of -l or -g and unknown is username reported as an error.

       The default action is to list info about all the users in the system.

OPTIONS
       Mandatory arguments to long options are mandatory for short options too.

       -a, --acc-expiration
              Display data about the date of last password change and the account expi‐
              ration date (see shadow(5) for more info).  (Requires root privileges.)

       --btmp-file path
              Alternate path for btmp.

       -c, --colon-separate
              Separate info about each user with a colon instead of a newline.

       -e, --export
              Output data in the format of NAME=VALUE.

       -f, --failed
              Display data about the users' last failed login attempts.

       -G, --supp-groups
              Show information about supplementary groups.

       -g, --groups=groups
              Only  show data of users belonging to groups.  More than one group may be
              specified; the list has to be comma-separated.  The unknown  group  names
              are ignored.

              Note  that  relation  between user and group may be invisible for primary
              group if the user is not explicitly specify  as  group  member  (e.g.  in
              /etc/group). If the command lslogins scans for groups than it uses groups
              database only, and user database with primary GID is not used at all.

       -h, --help
              Display help information and exit.

       -L, --last
              Display data containing information about the users' last login sessions.

       -l, --logins=logins
              Only show data of users with a login specified in logins (user  names  or
              user  IDS).   More  than  one  login may be specified; the list has to be
              comma-separated.  The unknown login names are ignored.

       -n, --newline
              Display each piece of information on a separate line.

       --noheadings
              Do not print a header line.

       --notruncate
              Don't truncate output.

       -o, --output list
              Specify which output columns to print.  The default list of  columns  may
              be extended if list is specified in the format +list.

       --output-all
              Output all available columns.  --help to get a list of all supported col‐
              umns.

       -p, --pwd
              Display information related to login by password (see also -afL).

       -r, --raw
              Raw output (no columnation).

       -s, --system-accs
              Show system accounts.  These are by default all accounts with a UID below
              1000  (non-inclusive),  with  the exception of either nobody or nfsnobody
              (UID 65534).  This hardcoded  default  maybe  overwritten  by  parameters
              SYS_UID_MIN and SYS_UID_MAX in the file /etc/login.defs.

       --time-format type
              Display  dates  in short, full or iso format.  The default is short, this
              time format is designed to be space efficient and human readable.

       -u, --user-accs
              Show user accounts.  These are by default all  accounts  with  UID  above
              1000  (inclusive),  with the exception of either nobody or nfsnobody (UID
              65534).  This hardcoded default maybe overwritten by  parameters  UID_MIN
              and UID_MAX in the file /etc/login.defs.

       -V, --version
              Display version information and exit.

       --wtmp-file path
              Alternate path for wtmp.

       -Z, --context
              Display the users' security context.

       -z, --print0
              Delimit user entries with a nul character, instead of a newline.

NOTES
       The default UID thresholds are read from /etc/login.defs.

EXIT STATUS
       0      if OK,

       1      if incorrect arguments specified,

       2      if a serious error occurs (e.g. a corrupt log).

SEE ALSO
       group(5), passwd(5), shadow(5), utmp(5)

HISTORY
       The  lslogins utility is inspired by the logins utility, which first appeared in
       FreeBSD 4.10.

AUTHORS
       Ondrej Oprala ⟨ooprala@redhat.com⟩
       Karel Zak ⟨kzak@redhat.com⟩

AVAILABILITY
       The lslogins command is part of the util-linux package  and  is  available  from
       Linux Kernel Archive ⟨https://www.kernel.org/pub/linux/utils/util-linux/⟩.

util-linux                             April 2014                           LSLOGINS(1)

Usage:
 lslogins [options] [<username>]

Display information about known users in the system.

Options:
 -a, --acc-expiration     display info about passwords expiration
 -c, --colon-separate     display data in a format similar to /etc/passwd
 -e, --export             display in an export-able output format
 -f, --failed             display data about the users' last failed logins
 -G, --supp-groups        display information about groups
 -g, --groups=<groups>    display users belonging to a group in <groups>
 -L, --last               show info about the users' last login sessions
 -l, --logins=<logins>    display only users from <logins>
 -n, --newline            display each piece of information on a new line
     --noheadings         don't print headings
     --notruncate         don't truncate output
 -o, --output[=<list>]    define the columns to output
     --output-all         output all columns
 -p, --pwd                display information related to login by password.
 -r, --raw                display in raw mode
 -s, --system-accs        display system accounts
     --time-format=<type> display dates in short, full or iso format
 -u, --user-accs          display user accounts
 -Z, --context            display SELinux contexts
 -z, --print0             delimit user entries with a nul character
     --wtmp-file <path>   set an alternate path for wtmp
     --btmp-file <path>   set an alternate path for btmp

 -h, --help               display this help
 -V, --version            display version

Available output columns:
           USER  user name
            UID  user ID
          GECOS  full user name
        HOMEDIR  home directory
          SHELL  login shell
        NOLOGIN  log in disabled by nologin(8) or pam_nologin(8)
       PWD-LOCK  password defined, but locked
      PWD-EMPTY  password not required
       PWD-DENY  login by password disabled
     PWD-METHOD  password encryption method
          GROUP  primary group name
            GID  primary group ID
    SUPP-GROUPS  supplementary group names
      SUPP-GIDS  supplementary group IDs
     LAST-LOGIN  date of last login
       LAST-TTY  last tty used
  LAST-HOSTNAME  hostname during the last session
   FAILED-LOGIN  date of last failed login
     FAILED-TTY  where did the login fail?
         HUSHED  user's hush settings
       PWD-WARN  days user is warned of password expiration
     PWD-CHANGE  date of last password change
        PWD-MIN  number of days required between changes
        PWD-MAX  max number of days a password may remain unchanged
      PWD-EXPIR  password expiration date
        CONTEXT  the user's security context
           PROC  number of processes run by the user

For more details see lslogins(1).