id and whoami commands shows different user

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
1
down vote

favorite












Recently, I've noticed a strange thing, and I'm asking you to explain such behavior.



# Ok, I logged in as root

# Am I root? Sure.
╭─root@s1 ~
╰─# whoami && id
root
uid=0(root) gid=0(root) groups=0(root)


# Now i want to log in as user1
╭─root@s1 ~
╰─# su - user1


# What? nginx instead of user1?
╭─nginx@s1 ~
╰─$ whoami && id
nginx
uid=498(nginx) gid=500(user1) groups=500(user1)


# So, what is my home dir?
╭─nginx@s1 ~
╰─$ echo $HOME
/home/user1


So the question is: why whoami and id commands shows me different user?



I'm not an administrator of this server and I don't know what he did with the server but this question interesting to me.







share|improve this question




















  • try egrep 'nginx|user1' /etc/passwd my best guess is that user1 ans nginx have same userid (498), and nginx is above user1 in /etc/passwd.
    – Archemar
    Nov 19 '17 at 9:46










  • @Archemar hmm, you're totally right! nginx:x:498:498::/var/www:/bin/false user1:x:498:500::/home/user1:/bin/zsh But how did it happen?
    – Sergey Chizhik
    Nov 19 '17 at 10:18















up vote
1
down vote

favorite












Recently, I've noticed a strange thing, and I'm asking you to explain such behavior.



# Ok, I logged in as root

# Am I root? Sure.
╭─root@s1 ~
╰─# whoami && id
root
uid=0(root) gid=0(root) groups=0(root)


# Now i want to log in as user1
╭─root@s1 ~
╰─# su - user1


# What? nginx instead of user1?
╭─nginx@s1 ~
╰─$ whoami && id
nginx
uid=498(nginx) gid=500(user1) groups=500(user1)


# So, what is my home dir?
╭─nginx@s1 ~
╰─$ echo $HOME
/home/user1


So the question is: why whoami and id commands shows me different user?



I'm not an administrator of this server and I don't know what he did with the server but this question interesting to me.







share|improve this question




















  • try egrep 'nginx|user1' /etc/passwd my best guess is that user1 ans nginx have same userid (498), and nginx is above user1 in /etc/passwd.
    – Archemar
    Nov 19 '17 at 9:46










  • @Archemar hmm, you're totally right! nginx:x:498:498::/var/www:/bin/false user1:x:498:500::/home/user1:/bin/zsh But how did it happen?
    – Sergey Chizhik
    Nov 19 '17 at 10:18













up vote
1
down vote

favorite









up vote
1
down vote

favorite











Recently, I've noticed a strange thing, and I'm asking you to explain such behavior.



# Ok, I logged in as root

# Am I root? Sure.
╭─root@s1 ~
╰─# whoami && id
root
uid=0(root) gid=0(root) groups=0(root)


# Now i want to log in as user1
╭─root@s1 ~
╰─# su - user1


# What? nginx instead of user1?
╭─nginx@s1 ~
╰─$ whoami && id
nginx
uid=498(nginx) gid=500(user1) groups=500(user1)


# So, what is my home dir?
╭─nginx@s1 ~
╰─$ echo $HOME
/home/user1


So the question is: why whoami and id commands shows me different user?



I'm not an administrator of this server and I don't know what he did with the server but this question interesting to me.







share|improve this question












Recently, I've noticed a strange thing, and I'm asking you to explain such behavior.



# Ok, I logged in as root

# Am I root? Sure.
╭─root@s1 ~
╰─# whoami && id
root
uid=0(root) gid=0(root) groups=0(root)


# Now i want to log in as user1
╭─root@s1 ~
╰─# su - user1


# What? nginx instead of user1?
╭─nginx@s1 ~
╰─$ whoami && id
nginx
uid=498(nginx) gid=500(user1) groups=500(user1)


# So, what is my home dir?
╭─nginx@s1 ~
╰─$ echo $HOME
/home/user1


So the question is: why whoami and id commands shows me different user?



I'm not an administrator of this server and I don't know what he did with the server but this question interesting to me.









share|improve this question











share|improve this question




share|improve this question










asked Nov 19 '17 at 9:36









Sergey Chizhik

1166




1166











  • try egrep 'nginx|user1' /etc/passwd my best guess is that user1 ans nginx have same userid (498), and nginx is above user1 in /etc/passwd.
    – Archemar
    Nov 19 '17 at 9:46










  • @Archemar hmm, you're totally right! nginx:x:498:498::/var/www:/bin/false user1:x:498:500::/home/user1:/bin/zsh But how did it happen?
    – Sergey Chizhik
    Nov 19 '17 at 10:18

















  • try egrep 'nginx|user1' /etc/passwd my best guess is that user1 ans nginx have same userid (498), and nginx is above user1 in /etc/passwd.
    – Archemar
    Nov 19 '17 at 9:46










  • @Archemar hmm, you're totally right! nginx:x:498:498::/var/www:/bin/false user1:x:498:500::/home/user1:/bin/zsh But how did it happen?
    – Sergey Chizhik
    Nov 19 '17 at 10:18
















try egrep 'nginx|user1' /etc/passwd my best guess is that user1 ans nginx have same userid (498), and nginx is above user1 in /etc/passwd.
– Archemar
Nov 19 '17 at 9:46




try egrep 'nginx|user1' /etc/passwd my best guess is that user1 ans nginx have same userid (498), and nginx is above user1 in /etc/passwd.
– Archemar
Nov 19 '17 at 9:46












@Archemar hmm, you're totally right! nginx:x:498:498::/var/www:/bin/false user1:x:498:500::/home/user1:/bin/zsh But how did it happen?
– Sergey Chizhik
Nov 19 '17 at 10:18





@Archemar hmm, you're totally right! nginx:x:498:498::/var/www:/bin/false user1:x:498:500::/home/user1:/bin/zsh But how did it happen?
– Sergey Chizhik
Nov 19 '17 at 10:18











1 Answer
1






active

oldest

votes

















up vote
1
down vote



accepted










Is it safe ?



This won't break the OS, you can spy on nginx (and nginx on you). It is more a hindrance to human (hence your question) than dangerous to OS.



For unix/linux kernel, process and files are onwed by user-id (I'll drop group for simplicity).



When using ps or ls -l thoses commands (ps and ls) will read /etc/passwd to match id against username. The rule, if an id is mentioned more than once is to stop at first occurence.



How can two user have same id ?



default option for useradd will prevent those conflicting issues, however



  1. you can force useradd to use an existing id (-o, --non-unique options)

  2. you can edit /etc/passwd manualy, or by have a script include a bunch of user

In your case, it is likely admin didn't do this purposfully, they simply have shell, lots of host to manage, and didn't bother to check for conflicting issue.



nginx might be installed upon host creation (install process will create user nginx), thus adding



nginx:x:498:498::/var/www:/bin/false


to /etc/passwd



then latter on, users are added by a combination of editing /etc/passwd and mkdir+chown, adding in turn



user1:x:498:500::/home/user1:/bin/zsh
user2:x:499:500::/home/user2:/bin/zsh


to /etc/passwd



Why would one do that on purpose ?



You might whish to have more than one login shell (e.g. bash, csh, fish, kde, ...), in this case you can use multiple entry like :



archemar:x:101:101:Archemar:/home/archemar/bash:/bin/bash
arcsh:x:101:101:Archemar:/home/archemar/csh:/bin/csh
arfish:x:101:101:Archemar:/home/archemar/fish:/bin/fish
arkde1:x:101:101:Archemar:/home/archemar/kde1:/bin/bash
arkde2:x:101:101:Archemar:/home/archemar/kde2:/bin/bash


This would allow me to use different login and keep specific configuration file and edit each other without sudo. On the downside there are five different password, this is not the proper way to switch KDE's env, and there is a chsh command should I need to switch shell.



Above configuration would be (should be) frown upon by sysadmin, different $HOME value, will yield different PATH=$HOME/bin:.. (which is what you are looking), yet you still have to have a common part in $PATH, and in the end it is not likely you configuration would be easiest.



You can also be running automatic software tests and want to keep separate directories (home dir in this case), with a unique id for test user.



but, I mean ...



pwck (password check) will issue a warning






share|improve this answer






















    Your Answer







    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "106"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    convertImagesToLinks: false,
    noModals: false,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );













     

    draft saved


    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f405572%2fid-and-whoami-commands-shows-different-user%23new-answer', 'question_page');

    );

    Post as a guest






























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes








    up vote
    1
    down vote



    accepted










    Is it safe ?



    This won't break the OS, you can spy on nginx (and nginx on you). It is more a hindrance to human (hence your question) than dangerous to OS.



    For unix/linux kernel, process and files are onwed by user-id (I'll drop group for simplicity).



    When using ps or ls -l thoses commands (ps and ls) will read /etc/passwd to match id against username. The rule, if an id is mentioned more than once is to stop at first occurence.



    How can two user have same id ?



    default option for useradd will prevent those conflicting issues, however



    1. you can force useradd to use an existing id (-o, --non-unique options)

    2. you can edit /etc/passwd manualy, or by have a script include a bunch of user

    In your case, it is likely admin didn't do this purposfully, they simply have shell, lots of host to manage, and didn't bother to check for conflicting issue.



    nginx might be installed upon host creation (install process will create user nginx), thus adding



    nginx:x:498:498::/var/www:/bin/false


    to /etc/passwd



    then latter on, users are added by a combination of editing /etc/passwd and mkdir+chown, adding in turn



    user1:x:498:500::/home/user1:/bin/zsh
    user2:x:499:500::/home/user2:/bin/zsh


    to /etc/passwd



    Why would one do that on purpose ?



    You might whish to have more than one login shell (e.g. bash, csh, fish, kde, ...), in this case you can use multiple entry like :



    archemar:x:101:101:Archemar:/home/archemar/bash:/bin/bash
    arcsh:x:101:101:Archemar:/home/archemar/csh:/bin/csh
    arfish:x:101:101:Archemar:/home/archemar/fish:/bin/fish
    arkde1:x:101:101:Archemar:/home/archemar/kde1:/bin/bash
    arkde2:x:101:101:Archemar:/home/archemar/kde2:/bin/bash


    This would allow me to use different login and keep specific configuration file and edit each other without sudo. On the downside there are five different password, this is not the proper way to switch KDE's env, and there is a chsh command should I need to switch shell.



    Above configuration would be (should be) frown upon by sysadmin, different $HOME value, will yield different PATH=$HOME/bin:.. (which is what you are looking), yet you still have to have a common part in $PATH, and in the end it is not likely you configuration would be easiest.



    You can also be running automatic software tests and want to keep separate directories (home dir in this case), with a unique id for test user.



    but, I mean ...



    pwck (password check) will issue a warning






    share|improve this answer


























      up vote
      1
      down vote



      accepted










      Is it safe ?



      This won't break the OS, you can spy on nginx (and nginx on you). It is more a hindrance to human (hence your question) than dangerous to OS.



      For unix/linux kernel, process and files are onwed by user-id (I'll drop group for simplicity).



      When using ps or ls -l thoses commands (ps and ls) will read /etc/passwd to match id against username. The rule, if an id is mentioned more than once is to stop at first occurence.



      How can two user have same id ?



      default option for useradd will prevent those conflicting issues, however



      1. you can force useradd to use an existing id (-o, --non-unique options)

      2. you can edit /etc/passwd manualy, or by have a script include a bunch of user

      In your case, it is likely admin didn't do this purposfully, they simply have shell, lots of host to manage, and didn't bother to check for conflicting issue.



      nginx might be installed upon host creation (install process will create user nginx), thus adding



      nginx:x:498:498::/var/www:/bin/false


      to /etc/passwd



      then latter on, users are added by a combination of editing /etc/passwd and mkdir+chown, adding in turn



      user1:x:498:500::/home/user1:/bin/zsh
      user2:x:499:500::/home/user2:/bin/zsh


      to /etc/passwd



      Why would one do that on purpose ?



      You might whish to have more than one login shell (e.g. bash, csh, fish, kde, ...), in this case you can use multiple entry like :



      archemar:x:101:101:Archemar:/home/archemar/bash:/bin/bash
      arcsh:x:101:101:Archemar:/home/archemar/csh:/bin/csh
      arfish:x:101:101:Archemar:/home/archemar/fish:/bin/fish
      arkde1:x:101:101:Archemar:/home/archemar/kde1:/bin/bash
      arkde2:x:101:101:Archemar:/home/archemar/kde2:/bin/bash


      This would allow me to use different login and keep specific configuration file and edit each other without sudo. On the downside there are five different password, this is not the proper way to switch KDE's env, and there is a chsh command should I need to switch shell.



      Above configuration would be (should be) frown upon by sysadmin, different $HOME value, will yield different PATH=$HOME/bin:.. (which is what you are looking), yet you still have to have a common part in $PATH, and in the end it is not likely you configuration would be easiest.



      You can also be running automatic software tests and want to keep separate directories (home dir in this case), with a unique id for test user.



      but, I mean ...



      pwck (password check) will issue a warning






      share|improve this answer
























        up vote
        1
        down vote



        accepted







        up vote
        1
        down vote



        accepted






        Is it safe ?



        This won't break the OS, you can spy on nginx (and nginx on you). It is more a hindrance to human (hence your question) than dangerous to OS.



        For unix/linux kernel, process and files are onwed by user-id (I'll drop group for simplicity).



        When using ps or ls -l thoses commands (ps and ls) will read /etc/passwd to match id against username. The rule, if an id is mentioned more than once is to stop at first occurence.



        How can two user have same id ?



        default option for useradd will prevent those conflicting issues, however



        1. you can force useradd to use an existing id (-o, --non-unique options)

        2. you can edit /etc/passwd manualy, or by have a script include a bunch of user

        In your case, it is likely admin didn't do this purposfully, they simply have shell, lots of host to manage, and didn't bother to check for conflicting issue.



        nginx might be installed upon host creation (install process will create user nginx), thus adding



        nginx:x:498:498::/var/www:/bin/false


        to /etc/passwd



        then latter on, users are added by a combination of editing /etc/passwd and mkdir+chown, adding in turn



        user1:x:498:500::/home/user1:/bin/zsh
        user2:x:499:500::/home/user2:/bin/zsh


        to /etc/passwd



        Why would one do that on purpose ?



        You might whish to have more than one login shell (e.g. bash, csh, fish, kde, ...), in this case you can use multiple entry like :



        archemar:x:101:101:Archemar:/home/archemar/bash:/bin/bash
        arcsh:x:101:101:Archemar:/home/archemar/csh:/bin/csh
        arfish:x:101:101:Archemar:/home/archemar/fish:/bin/fish
        arkde1:x:101:101:Archemar:/home/archemar/kde1:/bin/bash
        arkde2:x:101:101:Archemar:/home/archemar/kde2:/bin/bash


        This would allow me to use different login and keep specific configuration file and edit each other without sudo. On the downside there are five different password, this is not the proper way to switch KDE's env, and there is a chsh command should I need to switch shell.



        Above configuration would be (should be) frown upon by sysadmin, different $HOME value, will yield different PATH=$HOME/bin:.. (which is what you are looking), yet you still have to have a common part in $PATH, and in the end it is not likely you configuration would be easiest.



        You can also be running automatic software tests and want to keep separate directories (home dir in this case), with a unique id for test user.



        but, I mean ...



        pwck (password check) will issue a warning






        share|improve this answer














        Is it safe ?



        This won't break the OS, you can spy on nginx (and nginx on you). It is more a hindrance to human (hence your question) than dangerous to OS.



        For unix/linux kernel, process and files are onwed by user-id (I'll drop group for simplicity).



        When using ps or ls -l thoses commands (ps and ls) will read /etc/passwd to match id against username. The rule, if an id is mentioned more than once is to stop at first occurence.



        How can two user have same id ?



        default option for useradd will prevent those conflicting issues, however



        1. you can force useradd to use an existing id (-o, --non-unique options)

        2. you can edit /etc/passwd manualy, or by have a script include a bunch of user

        In your case, it is likely admin didn't do this purposfully, they simply have shell, lots of host to manage, and didn't bother to check for conflicting issue.



        nginx might be installed upon host creation (install process will create user nginx), thus adding



        nginx:x:498:498::/var/www:/bin/false


        to /etc/passwd



        then latter on, users are added by a combination of editing /etc/passwd and mkdir+chown, adding in turn



        user1:x:498:500::/home/user1:/bin/zsh
        user2:x:499:500::/home/user2:/bin/zsh


        to /etc/passwd



        Why would one do that on purpose ?



        You might whish to have more than one login shell (e.g. bash, csh, fish, kde, ...), in this case you can use multiple entry like :



        archemar:x:101:101:Archemar:/home/archemar/bash:/bin/bash
        arcsh:x:101:101:Archemar:/home/archemar/csh:/bin/csh
        arfish:x:101:101:Archemar:/home/archemar/fish:/bin/fish
        arkde1:x:101:101:Archemar:/home/archemar/kde1:/bin/bash
        arkde2:x:101:101:Archemar:/home/archemar/kde2:/bin/bash


        This would allow me to use different login and keep specific configuration file and edit each other without sudo. On the downside there are five different password, this is not the proper way to switch KDE's env, and there is a chsh command should I need to switch shell.



        Above configuration would be (should be) frown upon by sysadmin, different $HOME value, will yield different PATH=$HOME/bin:.. (which is what you are looking), yet you still have to have a common part in $PATH, and in the end it is not likely you configuration would be easiest.



        You can also be running automatic software tests and want to keep separate directories (home dir in this case), with a unique id for test user.



        but, I mean ...



        pwck (password check) will issue a warning







        share|improve this answer














        share|improve this answer



        share|improve this answer








        edited Nov 21 '17 at 13:26


























        community wiki





        2 revs
        Archemar




























             

            draft saved


            draft discarded















































             


            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f405572%2fid-and-whoami-commands-shows-different-user%23new-answer', 'question_page');

            );

            Post as a guest













































































            Popular posts from this blog

            How to check contact read email or not when send email to Individual?

            Displaying single band from multi-band raster using QGIS

            How many registers does an x86_64 CPU actually have?