/* id -- print real and effective UIDs and GIDs This is the id utility
Copyright (C) 1989-2018 Free Software Foundation, Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>. */ The GNUv3 license
/* Written by Arnold Robbins.
Major rewrite by David MacKenzie, djm@gnu.ai.mit.edu. */
#include <config.h> Provides system specific information
#include <stdio.h> Provides standard I/O capability
#include <sys/types.h> Provides system data types
#include <pwd.h> ...!includes auto-comment...
#include <grp.h> ...!includes auto-comment...
#include <getopt.h> ...!includes auto-comment...
#include <selinux/selinux.h> ...!includes auto-comment......!includes auto-comment...
#include "system.h" ...!includes auto-comment...
#include "die.h" ...!includes auto-comment...
#include "error.h" ...!includes auto-comment...
#include "mgetgroups.h" ...!includes auto-comment...
#include "quote.h" ...!includes auto-comment...
#include "group-list.h" ...!includes auto-comment...
#include "smack.h" ...!includes auto-comment...
#include "userspec.h" ...!includes auto-comment...
/* The official name of this program (e.g., no 'g' prefix). */
#define PROGRAM_NAME "id" Line 38
#define AUTHORS \ Line 40
proper_name ("Arnold Robbins"), \ Line 41
proper_name ("David MacKenzie") Line 42
/* If nonzero, output only the SELinux context. */
static bool just_context = 0; Line 45
static void print_user (uid_t uid); Line 47
static void print_full_info (const char *username); Line 48
/* If true, output user/group name instead of ID number. -n */
static bool use_name = false; Line 51
/* The real and effective IDs of the user to print. */
static uid_t ruid, euid; Line 54
static gid_t rgid, egid; Line 55
/* True unless errors have been encountered. */
static bool ok = true; Line 58
/* The SELinux context. Start with a known invalid value so print_full_info
knows when 'context' has not been set to a meaningful value. */
static char *context = NULL; Line 62
static struct option const longopts[] = Line 64
{
{"context", no_argument, NULL, 'Z'}, Line 66
{"group", no_argument, NULL, 'g'}, Line 67
{"groups", no_argument, NULL, 'G'}, Line 68
{"name", no_argument, NULL, 'n'}, Line 69
{"real", no_argument, NULL, 'r'}, Line 70
{"user", no_argument, NULL, 'u'}, Line 71
{"zero", no_argument, NULL, 'z'}, Line 72
{GETOPT_HELP_OPTION_DECL}, Line 73
{GETOPT_VERSION_OPTION_DECL}, Line 74
{NULL, 0, NULL, 0} Line 75
}; Block 1
void Line 78
usage (int status) Line 79
{
if (status != EXIT_SUCCESS) Line 81
emit_try_help (); ...!common auto-comment...
else Line 83
{
printf (_("Usage: %s [OPTION]... [USER]\n"), program_name); Line 85
fputs (_("\ Line 86
Print user and group information for the specified USER,\n\ Line 87
or (when USER omitted) for the current user.\n\ Line 88
\n"), Line 89
stdout); Line 90
fputs (_("\ Line 91
-a ignore, for compatibility with other versions\n\ Line 92
-Z, --context print only the security context of the process\n\ Line 93
-g, --group print only the effective group ID\n\ Line 94
-G, --groups print all group IDs\n\ Line 95
-n, --name print a name instead of a number, for -ugG\n\ Line 96
-r, --real print the real ID instead of the effective ID, with -ugG\n\ Line 97
-u, --user print only the effective user ID\n\ Line 98
-z, --zero delimit entries with NUL characters, not whitespace;\n\ Line 99
not permitted in default format\n\ Line 100
"), stdout); Line 101
fputs (HELP_OPTION_DESCRIPTION, stdout); Line 102
fputs (VERSION_OPTION_DESCRIPTION, stdout); Line 103
fputs (_("\ Line 104
\n\
Without any OPTION, print some useful set of identified information.\n\ Line 106
"), stdout); Line 107
emit_ancillary_info (PROGRAM_NAME); Line 108
}
exit (status); Line 110
} Block 2
int
main (int argc, char **argv) Line 114
{
int optc; Line 116
int selinux_enabled = (is_selinux_enabled () > 0); ...!common auto-comment...
bool smack_enabled = is_smack_enabled (); ...!common auto-comment...
bool opt_zero = false; Line 119
char *pw_name = NULL; Line 120
/* If true, output the list of all group IDs. -G */
bool just_group_list = false; Line 123
/* If true, output only the group ID(s). -g */
bool just_group = false; Line 125
/* If true, output real UID/GID instead of default effective UID/GID. -r */
bool use_real = false; Line 127
/* If true, output only the user ID(s). -u */
bool just_user = false; Line 129
initialize_main (&argc, &argv); VMS-specific entry point handling wildcard expansion
set_program_name (argv[0]); Retains program name and discards path
setlocale (LC_ALL, ""); Sets up internationalization (i18n)
bindtextdomain (PACKAGE, LOCALEDIR); Assigns i18n directorySets text domain for _() [gettext()] function
textdomain (PACKAGE); Sets text domain for _() [gettext()] function
atexit (close_stdout); Close stdout on exit (see gnulib)
while ((optc = getopt_long (argc, argv, "agnruzGZ", longopts, NULL)) != -1) Line 139
{
switch (optc) Line 141
{
case 'a': Line 143
/* Ignore -a, for compatibility with SVR4. */
break; Line 145
case 'Z': Line 147
/* politely decline if we're not on a SELinux/SMACK-enabled kernel. */
#ifdef HAVE_SMACK Line 149
if (!selinux_enabled && !smack_enabled) Line 150
die (EXIT_FAILURE, 0, Line 151
_("--context (-Z) works only on " Line 152
"an SELinux/SMACK-enabled kernel")); Line 153
#else Line 154
if (!selinux_enabled) Line 155
die (EXIT_FAILURE, 0, Line 156
_("--context (-Z) works only on an SELinux-enabled kernel")); Line 157
#endif Line 158
just_context = true; Line 159
break; Line 160
case 'g': Line 162
just_group = true; Line 163
break; Line 164
case 'n': Line 165
use_name = true; Line 166
break; Line 167
case 'r': Line 168
use_real = true; Line 169
break; Line 170
case 'u': Line 171
just_user = true; Line 172
break; Line 173
case 'z': Line 174
opt_zero = true; Line 175
break; Line 176
case 'G': Line 177
just_group_list = true; Line 178
break; Line 179
case_GETOPT_HELP_CHAR; Line 180
case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS); Line 181
default: Line 182
usage (EXIT_FAILURE); Line 183
}
}
size_t n_ids = argc - optind; Line 187
if (1 < n_ids) Line 188
{
error (0, 0, _("extra operand %s"), quote (argv[optind + 1])); Line 190
usage (EXIT_FAILURE); Line 191
}
if (n_ids && just_context) Line 194
die (EXIT_FAILURE, 0, Line 195
_("cannot print security context when user specified")); Line 196
if (just_user + just_group + just_group_list + just_context > 1) Line 198
die (EXIT_FAILURE, 0, _("cannot print \"only\" of more than one choice")); Line 199
bool default_format = ! (just_user Line 201
|| just_group Line 202
|| just_group_list Line 203
|| just_context); Line 204
if (default_format && (use_real || use_name)) Line 206
die (EXIT_FAILURE, 0, Line 207
_("cannot print only names or real IDs in default format")); Line 208
if (default_format && opt_zero) Line 210
die (EXIT_FAILURE, 0, Line 211
_("option --zero not permitted in default format")); Line 212
/* If we are on a SELinux/SMACK-enabled kernel, no user is specified, and
either --context is specified or none of (-u,-g,-G) is specified,
and we're not in POSIXLY_CORRECT mode, get our context. Otherwise,
leave the context variable alone - it has been initialized to an
invalid value that will be not displayed in print_full_info(). */
if (n_ids == 0 Line 219
&& (just_context Line 220
|| (default_format && ! getenv ("POSIXLY_CORRECT")))) Line 221
{
/* Report failure only if --context (-Z) was explicitly requested. */
if ((selinux_enabled && getcon (&context) && just_context) Line 224
|| (smack_enabled Line 225
&& smack_new_label_from_self (&context) < 0 Line 226
&& just_context)) Line 227
die (EXIT_FAILURE, 0, _("can't get process context")); Line 228
}
if (n_ids == 1) Line 231
{
struct passwd *pwd = NULL; Line 233
const char *spec = argv[optind]; Line 234
/* Disallow an empty spec here as parse_user_spec() doesn't
give an error for that as it seems it's a valid way to
specify a noop or "reset special bits" depending on the system. */
if (*spec) Line 238
{
if (parse_user_spec (spec, &euid, NULL, NULL, NULL) == NULL) Line 240
{
/* parse_user_spec will only extract a numeric spec,
so we lookup that here to verify and also retrieve
the PW_NAME used subsequently in group lookup. */
pwd = getpwuid (euid); Line 245
}
}
if (pwd == NULL) Line 248
die (EXIT_FAILURE, 0, _("%s: no such user"), quote (spec)); Line 249
pw_name = xstrdup (pwd->pw_name); Line 250
ruid = euid = pwd->pw_uid; Line 251
rgid = egid = pwd->pw_gid; Line 252
}
else Line 254
{
/* POSIX says identification functions (getuid, getgid, and
others) cannot fail, but they can fail under GNU/Hurd and a
few other systems. Test for failure by checking errno. */
uid_t NO_UID = -1; Line 259
gid_t NO_GID = -1; Line 260
if (just_user ? !use_real Line 262
: !just_group && !just_group_list && !just_context) Line 263
{
errno = 0; Line 265
euid = geteuid (); Line 266uid_t geteuid(void)
The geteuid() function shall return the
effective user ID of the calling process.
The geteuid() function shall not modify
errno.
if (euid == NO_UID && errno) Line 267
die (EXIT_FAILURE, errno, _("cannot get effective UID")); Line 268
}
if (just_user ? use_real Line 271
: !just_group && (just_group_list || !just_context)) Line 272
{
errno = 0; Line 274
ruid = getuid (); Line 275...!syscalls auto-comment...
if (ruid == NO_UID && errno) Line 276
die (EXIT_FAILURE, errno, _("cannot get real UID")); Line 277
}
if (!just_user && (just_group || just_group_list || !just_context)) Line 280
{
errno = 0; Line 282
egid = getegid (); Line 283...!syscalls auto-comment...
if (egid == NO_GID && errno) Line 284
die (EXIT_FAILURE, errno, _("cannot get effective GID")); Line 285
errno = 0; Line 287
rgid = getgid (); Line 288...!syscalls auto-comment...
if (rgid == NO_GID && errno) Line 289
die (EXIT_FAILURE, errno, _("cannot get real GID")); Line 290
}
}
if (just_user) Line 294
{
print_user (use_real ? ruid : euid); Line 296
}
else if (just_group) Line 298
{
if (!print_group (use_real ? rgid : egid, use_name)) Line 300
ok = false; Line 301
}
else if (just_group_list) Line 303
{
if (!print_group_list (pw_name, ruid, rgid, egid, use_name, Line 305
opt_zero ? '\0' : ' ')) Line 306
ok = false; Line 307
}
else if (just_context) Line 309
{
fputs (context, stdout); Line 311
}
else Line 313
{
print_full_info (pw_name); Line 315
}
putchar (opt_zero ? '\0' : '\n'); Line 317
IF_LINT (free (pw_name)); Line 319
return ok ? EXIT_SUCCESS : EXIT_FAILURE; Line 320
} Block 3
/* Convert a gid_t to string. Do not use this function directly.
Instead, use it via the gidtostr macro.
Beware that it returns a pointer to static storage. */
static char * Line 326
gidtostr_ptr (gid_t const *gid) Line 327
{
static char buf[INT_BUFSIZE_BOUND (uintmax_t)]; Line 329
return umaxtostr (*gid, buf); Line 330
} Block 4
#define gidtostr(g) gidtostr_ptr (&(g)) Line 332
/* Convert a uid_t to string. Do not use this function directly.
Instead, use it via the uidtostr macro.
Beware that it returns a pointer to static storage. */
static char * Line 337
uidtostr_ptr (uid_t const *uid) Line 338
{
static char buf[INT_BUFSIZE_BOUND (uintmax_t)]; Line 340
return umaxtostr (*uid, buf); Line 341
} Block 5
#define uidtostr(u) uidtostr_ptr (&(u)) Line 343
/* Print the name or value of user ID UID. */
static void Line 347
print_user (uid_t uid) Line 348
{
struct passwd *pwd = NULL; Line 350
if (use_name) Line 352
{
pwd = getpwuid (uid); Line 354
if (pwd == NULL) Line 355
{
error (0, 0, _("cannot find name for user ID %s"), Line 357
uidtostr (uid)); Line 358
ok = false; Line 359
}
}
char *s = pwd ? pwd->pw_name : uidtostr (uid); Line 363
fputs (s, stdout); Line 364
} Block 6
/* Print all of the info about the user's user and group IDs. */
static void Line 369
print_full_info (const char *username) Line 370
{
struct passwd *pwd; Line 372
struct group *grp; Line 373
printf (_("uid=%s"), uidtostr (ruid)); Line 375
pwd = getpwuid (ruid); Line 376
if (pwd) Line 377
printf ("(%s)", pwd->pw_name); Line 378
printf (_(" gid=%s"), gidtostr (rgid)); Line 380
grp = getgrgid (rgid); Line 381
if (grp) Line 382
printf ("(%s)", grp->gr_name); Line 383
if (euid != ruid) Line 385
{
printf (_(" euid=%s"), uidtostr (euid)); Line 387
pwd = getpwuid (euid); Line 388
if (pwd) Line 389
printf ("(%s)", pwd->pw_name); Line 390
}
if (egid != rgid) Line 393
{
printf (_(" egid=%s"), gidtostr (egid)); Line 395
grp = getgrgid (egid); Line 396
if (grp) Line 397
printf ("(%s)", grp->gr_name); Line 398
}
{
gid_t *groups; Line 402
gid_t primary_group; Line 404
if (username) Line 405
primary_group = pwd ? pwd->pw_gid : -1; Line 406
else Line 407
primary_group = egid; Line 408
int n_groups = xgetgroups (username, primary_group, &groups); Line 410...!syscalls auto-comment...
if (n_groups < 0) Line 411
{
if (username) Line 413
error (0, errno, _("failed to get groups for user %s"), Line 414
quote (username)); Line 415
else Line 416
error (0, errno, _("failed to get groups for the current process")); Line 417
ok = false; Line 418
return; Line 419
}
if (n_groups > 0) Line 422
fputs (_(" groups="), stdout); Line 423
for (int i = 0; i < n_groups; i++) Line 424
{
if (i > 0) Line 426
putchar (','); Line 427
fputs (gidtostr (groups[i]), stdout); Line 428
grp = getgrgid (groups[i]); Line 429
if (grp) Line 430
printf ("(%s)", grp->gr_name); Line 431
}
free (groups); Line 433
}
/* POSIX mandates the precise output format, and that it not include
any context=... part, so skip that if POSIXLY_CORRECT is set. */
if (context) Line 438
printf (_(" context=%s"), context); Line 439
} Block 7