How do I list all superusers?

Question

On a linux box, how do I list all users that possess identical privilege to the superuser (and even better, all users in general along with if they are able to escalate their privilege to that level or not)?

Answer 1

Don't forget to change the root password. If any user has UID 0 besides root, they shouldn't. Bad idea. To check:

grep 'x:0:' /etc/passwd

Again, you shouldn't do this but to check if the user is a member of the root group:

grep root /etc/group

To see if anyone can execute commands as root, check sudoers:

cat /etc/sudoers

To check for SUID bit, which allows programs to be executed with root privileges:

find / -perm -04000

Answer 2

To see who is UID 0:

getent passwd 0

To see who is in groups root, wheel adm and admin:

getent group root wheel adm admin

To list all users and the groups they are members of:

getent passwd | cut -d : -f 1 | xargs groups

Answer 3

Pure root is user id "0".

All the users in the system are in the /etc/passwd file:

less /etc/passwd

Those who are root have "0" as the user id, which is the 3rd column. Those with "0" as the group (4th column) may also have some root privileges.

Next, you'll want to look at the groups, and see who is an additional member of the "root" or "wheel" or "admin" groups:

less /etc/group

Users listed in those groups could have some root privileges, especially via the "sudo" command.

The final thing you will want to check is the "sudo" config and see who is listed as having authorisation to run this command. This file itself is well documented so I won't reproduce it here:

less /etc/sudoers

That covers the main areas of who could have root access.

Answer 4

To print all users

perl -n -e '@user = split /:/ ; print "@user[0]\n";' < /etc/passwd

To print only those users with UID 0, being as others have said, the users with implicit root privileges:

perl -n -e '@user = split /:/ ; print "@user[0]\n" if @user[2] == "0";' < /etc/passwd

Answer 5

For a quick list of all users, try hitting tab twice (to auto-complete) after typing the passwd command followed by a space. This works with the su command as well.

Must be done as a root-privileged user.

Answer 6

None of the other answers work for enterprise-grade systems with LDAP-based permissions management. Try the following command that works universally on all setups to check whether a user has sudo access:

sudo -l -U $(whoami)

Answer 7

IEEE Standard 1003.1-2017 Shell Command Language

The undermentioned provides the name of the superuser across any UNIX-based OS without non-standard dependencies:

1. Code

   #!/usr/bin/env sh
   ps -o user= -p 1
   

2. Explanation

   1. ps outputs process status information.

   2. -o user=

      1. -o specifies a custom output format.
      2. user requests the username of the process owner.
      3. = removes the column header, so only the username is printed.

   3. -p 1 filters the output to show only process ID 1 (which is typically systemd or init).

Microsoft PowerShell Core ≥ 7.4.6

I've written this to be as cross-platform as is possible:

#!/usr/bin/env pwsh
#Requires -PSEdition Core
#Requires -version 7.4.6
If ([OperatingSystem]::IsLinux() -Eq $True)
{
    Get-Process -IncludeUserName | Sort-Object -Property 'ID' |
    Select-Object -First 1 -ExpandProperty 'Username'
}
ElseIf ([OperatingSystem]::IsWindows() -Eq $True)
{
    Get-WmiObject -Class 'Win32_SystemAccount' | Where-Object {
        (Get-Variable -Name _ | Select-Object -ExpandProperty Value).SID -Eq 'S-1-5-18' } | Select-Object -ExpandProperty 'Name'
}

Although a/208356 provides this ability well, it does not operate via PowerShell, because the undermentioned requires installation of Perl, which is not available by default on macOS:

The '<' operator is reserved for future use.

Answer 8

It was annoying me that there wasnt a one-liner answer... If you want to list all UID 0 (root) accounts use the following:

cat /etc/passwd | cut -f1,3,4 -d":" | grep"0:0" | cut -f1 -d":" | awk '{print $1}'

Best,