DESCRIPTION
 The 
who utility displays a list of all users currently logged on, showing for each user the login name, tty name, the date and time of login, and hostname if not local.
Available options:
- 
-a
- 
Same as --bdlprTtuv.
- 
-b
- 
Time of last system boot.
- 
-d
- 
Print dead processes.
- 
-H
- 
Write column headings above the regular output.
- 
-l
- 
Print system login processes.
- 
-m
- 
Only print information about the current terminal. This is the POSIX way of saying who am i.
- 
-p
- 
Print active processes spawned by init(8).
- 
-q
- 
“Quick mode”: List only the names and the number of users currently logged on. When this option is used, all other options are ignored.
- 
-r
- 
Print the current runlevel. Supported runlevels are:
- 
d (DEATH)
- 
The system has halted.
- 
s (SINGLE_USER)
- 
The system is running in single user mode.
- 
r (RUNCOM)
- 
The system is executing /etc/rc.
- 
t (READ_TTYS)
- 
The system is processing /etc/ttys.
- 
m (MULTI_USER)
- 
The system is running in multi-user mode.
- 
T (CLEAN_TTYS)
- 
The system is in the process of stopping processes associated with terminal devices.
- 
c (CATATONIA)
- 
The system is in the process of shutting down and will not create new processes.
 
- 
-s
- 
List only the name, line and time fields. This is the default.
- 
-T
- 
Print a character after the user name indicating the state of the terminal line: ‘+’ if the terminal is writable; ‘-’ if it is not; and ‘?’ if a bad line is encountered.
- 
-t
- 
Print last system clock change.
- 
-u
- 
Print the idle time for each user, and the associated process ID.
- 
-v
- 
When printing of more information is requested with -u, this switch can be used to also printed process termination signals, process exit status, session id for windowing and the type of the entry, see documentation of ut_type in getutxent(3).
- 
am I
- 
Returns the invoker's real user name.
- 
file
- 
By default, who gathers information from the file /var/run/utmpx. An alternative file may be specified which is usually /var/log/wtmpx (or /var/log/wtmp, or /var/log/wtmpx.[0-6] or /var/log/wtmp.[0-6] depending on site policy as wtmpx can grow quite large and daily versions may or may not be kept around after compression by ac(8)). The wtmpx and wtmp file contains a record of every login, logout, crash, shutdown and date change since wtmpx and wtmp were last truncated or created.
If /var/log/wtmpx or /var/log/wtmp are being used as the file, the user name may be empty or one of the special characters '|', '}' and '~'. Logouts produce an output line without any user name. For more information on the special characters, see utmp(5).