The
who utility displays a list of all users currently logged on, showing for each user the login name, tty name, the date and time of login, and hostname if not local.
Available options:
-b
Time of last system boot.
-H
Write column headings above the regular output.
-l
Print system login processes.
-m
Only print information about the current terminal. This is the POSIX way of saying who am i.
-p
Print active processes spawned by
init(8).
-q
“Quick mode”: List only the names and the number of users currently logged on. When this option is used, all other options are ignored.
-r
Print the current runlevel. Supported runlevels are:
d (DEATH)
The system has halted.
s (SINGLE_USER)
The system is running in single user mode.
r (RUNCOM)
The system is executing /etc/rc.
t (READ_TTYS)
The system is processing /etc/ttys.
m (MULTI_USER)
The system is running in multi-user mode.
T (CLEAN_TTYS)
The system is in the process of stopping processes associated with terminal devices.
c (CATATONIA)
The system is in the process of shutting down and will not create new processes.
-s
List only the name, line and time fields. This is the default.
-T
Print a character after the user name indicating the state of the terminal line: ‘+' if the terminal is writable; ‘-' if it is not; and ‘?' if a bad line is encountered.
-t
Print last system clock change.
-u
Print the idle time for each user, and the associated process ID.
-v
When printing of more information is requested with
-u, this switch can be used to also printed process termination signals, process exit status, session id for windowing and the type of the entry, see documentation of ut_type in
getutxent(3).
am I
Returns the invoker's real user name.
file
By default,
who gathers information from the file
/var/run/utmpx. An alternative
file may be specified which is usually
/var/log/wtmpx (or
/var/log/wtmp, or
/var/log/wtmpx.[0-6] or
/var/log/wtmp.[0-6] depending on site policy as
wtmpx can grow quite large and daily versions may or may not be kept around after compression by
ac(8)). The
wtmpx and
wtmp file contains a record of every login, logout, crash, shutdown and date change since
wtmpx and
wtmp were last truncated or created.
If
/var/log/wtmpx or
/var/log/wtmp are being used as the file, the user name may be empty or one of the special characters '|', '}' and '~'. Logouts produce an output line without any user name. For more information on the special characters, see
utmp(5).