When you manage a system with many user accounts, groups, and, by default, passwords, it is necessary that individual information for a particular account can be viewed quickly. It may be tedious to try to locate information about a particular user in a file with hundreds or thousands of records.
In most cases, the grep command is used to search for specific records in a file:
$ grep mvps /etc/passwd
$ mvps:x:1000:100::/home/mvps:/bin/bash
Another method of obtaining information is the gentent command (get entry). The getent command allows you to access the information stored in one of the system databases. Only databases specified in the Name Service Switch (NSS) – /etc/nsswitch.conf can be accessed.
The general syntax of the getent command is:
getent database key
The database parameter can be one of the databases configured in the NSS file. For our purposes, this parameter may be one of the following files:
passwd (/etc/passwd)
shadow (/etc/shadow file)
group (/etc/group file)
The key parameter is the item in the database we want to view. For our purpose, we will use a username. Let’s say we want to look into the /etc/passwd file for the mvps account:
$ getent passwd mvps
mvps:x:1000:100::/home/mvps:/bin/bash
It is not possible to search in multiple databases at the same time. To browse the shadow database (/etc/shadow file), superuser privileges are required. Anyone else will get a response like the one below:
$ getent shadow mvps
If we request the same root-based information, the extracted response from the /etc/shadow file will be as follows:
$ sudo getent shadow mvps
[sudo] password for mvps:
mvps:testpass[…].:17322:0:99999:7:::
Also, the getent command is also useful to see which of the users are part of a particular group. In this case, the key parameter of the getent command is the name of the group.
Please note that in the /etc/group file, a record for a particular user does not show all the groups that user belongs to. Thus, if we use the getent command for a particular user in the group database, only the primary user group will be returned to that group:
$ getent group mvps
mvps:x:1000:
$
To see all of a user’s groups we will use the groups command:
$ groups mvps
mvps : mvps projects
$
If we do not write the key parameter when writing the getent command, the entire content of the query database will be displayed.
To learn more about the getent command, type man getent in the terminal.