On a linux box, how do I list all users that possess identical privilege to the superuser (and even better, all users in general along with if they are able to escalate their privilege to that level or not)?
All the users in the system are in the /etc/passwd file:
less /etc/passwd
Those who are root have "0" as the user id, which is the 3rd column. Those with "0" as the group (4th column) may also have some root privileges.
Next, you'll want to look at the groups, and see who is an additional member of the "root" or "wheel" or "admin" groups:
less /etc/group
Users listed in those groups could have some root privileges, especially via the "sudo" command.
The final thing you will want to check is the "sudo" config and see who is listed as having authorisation to run this command. This file itself is well documented so I won't reproduce it here:
less /etc/sudoers
That covers the main areas of who could have root access.
For a quick list of all users, try hitting tab twice (to auto-complete) after typing the passwd command followed by a space. This works with the su command as well.
None of the other answers work for enterprise-grade systems with LDAP-based permissions management. Try the following command that works universally on all setups to check whether a user has sudo access:
ps -jf 1 | tail -n 1 | awk '{print $1}' provides the name of the superuser across any unix-based operating-system without extra dependencies, and operates if invoked via pwsh/pwsh-preview, etcetera.
Although this answer provides this ability well, it does not operate via PowerShell, because The '<' operator is reserved for future use., and it requires installation of perl, which is not necessary available, and not available by default on macOS, which may be important.
Don't forget to change the root password. If any user has UID 0 besides root, they shouldn't. Bad idea. To check:
grep 'x:0:' /etc/passwdAgain, you shouldn't do this but to check if the user is a member of the root group:
grep root /etc/groupTo see if anyone can execute commands as root, check sudoers:
cat /etc/sudoersTo check for SUID bit, which allows programs to be executed with root privileges:
find / -perm -04000To see who is UID 0:
To see who is in groups
root,wheeladmandadmin:To list all users and the groups they are members of:
Pure root is user id "0".
All the users in the system are in the /etc/passwd file:
Those who are root have "0" as the user id, which is the 3rd column. Those with "0" as the group (4th column) may also have some root privileges.
Next, you'll want to look at the groups, and see who is an additional member of the "root" or "wheel" or "admin" groups:
Users listed in those groups could have some root privileges, especially via the "sudo" command.
The final thing you will want to check is the "sudo" config and see who is listed as having authorisation to run this command. This file itself is well documented so I won't reproduce it here:
That covers the main areas of who could have root access.
To print all users
To print only those users with UID 0, being as others have said, the users with implicit root privileges:
For a quick list of all users, try hitting tab twice (to auto-complete) after typing the
passwdcommand followed by a space. This works with thesucommand as well.Must be done as a root-privileged user.
It was annoying me that there wasnt a one-liner answer... If you want to list all UID 0 (root) accounts use the following:
Best,
None of the other answers work for enterprise-grade systems with LDAP-based permissions management. Try the following command that works universally on all setups to check whether a user has sudo access:
ps -jf 1 | tail -n 1 | awk '{print $1}'provides the name of the superuser across any unix-based operating-system without extra dependencies, and operates if invoked via pwsh/pwsh-preview, etcetera.Although this answer provides this ability well, it does not operate via PowerShell, because
The '<' operator is reserved for future use., and it requires installation of perl, which is not necessary available, and not available by default on macOS, which may be important.