who command parameters and usage details (Linux view online user commands)

Feature Description: Displays the user information currently logged into the system.
Syntax: Who [-himqsw][--help][--version][am i][record file]
Additional note: The implementation of this directive will be informed that there are currently users logged into the system, the individual implementation of the WHO command would list the login account, the terminal used, login time and from where to log in or use which x monitor.
Parameters
-H or--heading displays the header information column for each field.
-I or-u or--idle displays idle time, and if the user has performed any action within the first minute, it will be marked as "." If the user has not had any action for more than 24 hours, the "old" string is marked.
-M The effect of this parameter is the same as specifying the "Am I" string.
-Q or--count only displays the account name and total number of logged-in systems.

Examples of WHO commands

To display information about who is using the Local System node, enter:
W.H.O.
Displays information similar to the following:

[email protected] ~]$ who
Root PTS/1 2015-12-22 15:23 (192.168.61.33)
Root PTS/2 2015-12-23 09:29 (192.168.61.29)
Root PTS/3 2015-12-23 09:39 (192.168.61.253)

to display your user name, enter:
Who am I
Displays information similar to the following:

[email protected] ~]$ who am I
Root PTS/3 2015-12-23 09:39 (192.168.61.253)

to display a history of logon, logoff, system startup, and system shutdown, enter:
Who/var/adm/wtmp
Displays information similar to the following:
Hank lft/0 June 8 08:34 (AUSNIX5)
John lft/0 June 8 08:34 (Jikey)
Mary lft/0 June 8 08:22 (MACHINE.AUSTIN.IBM)
Jan Pts4 June 8 09:19 (puff.wisc.edu)

To display the operating level of the Local System node, enter:
Who-r
Displays information similar to the following:

Run Level 3 2015-12-21 18:38

To display any active processes that are currently active and that were previously generated by INIT, enter:
Who-p
Displays information similar to the following
Srcmstr. June 8 04:15 Old 2896
Cron. June 8 04:15 Old 4809
Uprintfd. June 8 04:15 Old 5158

To process the/var/adm/wtmp file by specifying the-BDLPRTTU flag, enter:
Who-a/var/adm/wtmp
Displays information similar to the following:
. System Boot June 19 10:13
. Run-level 2 June 19 10:13
. . June 10:14 Old
. . June 10:14 Old
. . June 10:14 Old
RC-. June 10:13 Old
. . June 10:16 Old
. . June 10:14 Old
Srcmstr-. June 10:14 Old
Rctcpip-. June 10:14 Old
Rcdce-. June 10:14 Old
RCCM-. June 10:15 Old
DCEUPDT-. June 10:15 Old
Rcnfs-. June 10:15 Old
Cron-. June 10:16 Old
Piobe-. June 10:16 Old
Qdaemon-. June 10:16 Old
Writesrv-. June 10:16 Old
UPRINTFD-. June 10:16 Old
. . June 10:16 Old
Login-lft0 June 10:16 Old
. . June 10:16 Old
. . June 10:16 Old

Because the Linux server allows multiple users to log on, many people in the company know the password, work creates some obstacles, so it is necessary to kick out the specified user sometimes

1/#who Isolated currently have those terminal login (with w command more detail)

# WHO
Root pts/0 2010-10-28 09:36 (192.168.1.236)
Root PTS/2 2010-10-28 09:40 (192.168.1.27)
Root PTS/3 2010-10-28 10:02 (192.168.1.82)
Root PTS/4 2010-10-20 16:06 (192.168.1.244)

2/I want to kick out the login with IP 82, its corresponding TTY is PTS/3

# pkill-kill-t PTS/3

3/view again

# WHO
Root pts/0 2010-10-28 09:36 (192.168.1.236)
Root PTS/2 2010-10-28 09:40 (192.168.1.27)
Root PTS/4 2010-10-20 16:06 (192.168.1.244)

has successfully kicked out

who command parameters and usage details (Linux view online user commands)