search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
id: add -z, --zero option
[coreutils.git] / src / id.c
bloba0334ba737fdc7ec6a13f99549c495ea4d1d61e4
1 /* id -- print real and effective UIDs and GIDs
2 Copyright (C) 1989-2013 Free Software Foundation, Inc.
3
4 This program is free software: you can redistribute it and/or modify
5 it under the terms of the GNU General Public License as published by
6 the Free Software Foundation, either version 3 of the License, or
7 (at your option) any later version.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program. If not, see <http://www.gnu.org/licenses/>. */
16
17 /* Written by Arnold Robbins.
18 Major rewrite by David MacKenzie, djm@gnu.ai.mit.edu. */
19
20 #include <config.h>
21 #include <stdio.h>
22 #include <sys/types.h>
23 #include <pwd.h>
24 #include <grp.h>
25 #include <getopt.h>
26 #include <selinux/selinux.h>
27
28 #include "system.h"
29 #include "error.h"
30 #include "mgetgroups.h"
31 #include "quote.h"
32 #include "group-list.h"
33 #include "smack.h"
34
35 /* The official name of this program (e.g., no 'g' prefix). */
36 #define PROGRAM_NAME "id"
37
38 #define AUTHORS \
39 proper_name ("Arnold Robbins"), \
40 proper_name ("David MacKenzie")
41
42 /* If nonzero, output only the SELinux context. -Z */
43 static int just_context = 0;
44
45 static void print_user (uid_t uid);
46 static void print_full_info (const char *username);
47
48 /* If true, output user/group name instead of ID number. -n */
49 static bool use_name = false;
50
51 /* The real and effective IDs of the user to print. */
52 static uid_t ruid, euid;
53 static gid_t rgid, egid;
54
55 /* True unless errors have been encountered. */
56 static bool ok = true;
57
58 /* The SELinux context. Start with a known invalid value so print_full_info
59 knows when 'context' has not been set to a meaningful value. */
60 static security_context_t context = NULL;
61
62 static struct option const longopts[] =
63 {
64 {"context", no_argument, NULL, 'Z'},
65 {"group", no_argument, NULL, 'g'},
66 {"groups", no_argument, NULL, 'G'},
67 {"name", no_argument, NULL, 'n'},
68 {"real", no_argument, NULL, 'r'},
69 {"user", no_argument, NULL, 'u'},
70 {"zero", no_argument, NULL, 'z'},
71 {GETOPT_HELP_OPTION_DECL},
72 {GETOPT_VERSION_OPTION_DECL},
73 {NULL, 0, NULL, 0}
74 };
75
76 void
77 usage (int status)
78 {
79 if (status != EXIT_SUCCESS)
80 emit_try_help ();
81 else
82 {
83 printf (_("Usage: %s [OPTION]... [USERNAME]\n"), program_name);
84 fputs (_("\
85 Print user and group information for the specified USERNAME,\n\
86 or (when USERNAME omitted) for the current user.\n\
87 \n"),
88 stdout);
89 fputs (_("\
90 -a ignore, for compatibility with other versions\n\
91 -Z, --context print only the security context of the current user\n\
92 -g, --group print only the effective group ID\n\
93 -G, --groups print all group IDs\n\
94 -n, --name print a name instead of a number, for -ugG\n\
95 -r, --real print the real ID instead of the effective ID, with -ugG\n\
96 -u, --user print only the effective user ID\n\
97 -z, --zero delimit entries with NUL characters, not whitespace;\n\
98 not permitted in default format\n\
99 "), stdout);
100 fputs (HELP_OPTION_DESCRIPTION, stdout);
101 fputs (VERSION_OPTION_DESCRIPTION, stdout);
102 fputs (_("\
103 \n\
104 Without any OPTION, print some useful set of identified information.\n\
105 "), stdout);
106 emit_ancillary_info ();
107 }
108 exit (status);
109 }
110
111 int
112 main (int argc, char **argv)
113 {
114 int optc;
115 int selinux_enabled = (is_selinux_enabled () > 0);
116 bool smack_enabled = is_smack_enabled ();
117 bool opt_zero = false;
118
119 /* If true, output the list of all group IDs. -G */
120 bool just_group_list = false;
121 /* If true, output only the group ID(s). -g */
122 bool just_group = false;
123 /* If true, output real UID/GID instead of default effective UID/GID. -r */
124 bool use_real = false;
125 /* If true, output only the user ID(s). -u */
126 bool just_user = false;
127
128 initialize_main (&argc, &argv);
129 set_program_name (argv[0]);
130 setlocale (LC_ALL, "");
131 bindtextdomain (PACKAGE, LOCALEDIR);
132 textdomain (PACKAGE);
133
134 atexit (close_stdout);
135
136 while ((optc = getopt_long (argc, argv, "agnruzGZ", longopts, NULL)) != -1)
137 {
138 switch (optc)
139 {
140 case 'a':
141 /* Ignore -a, for compatibility with SVR4. */
142 break;
143
144 case 'Z':
145 /* politely decline if we're not on a SELinux/SMACK-enabled kernel. */
146 #ifdef HAVE_SMACK
147 if (!selinux_enabled && !smack_enabled)
148 error (EXIT_FAILURE, 0,
149 _("--context (-Z) works only on "
150 "an SELinux/SMACK-enabled kernel"));
151 #else
152 if (!selinux_enabled)
153 error (EXIT_FAILURE, 0,
154 _("--context (-Z) works only on an SELinux-enabled kernel"));
155 #endif
156 just_context = 1;
157 break;
158
159 case 'g':
160 just_group = true;
161 break;
162 case 'n':
163 use_name = true;
164 break;
165 case 'r':
166 use_real = true;
167 break;
168 case 'u':
169 just_user = true;
170 break;
171 case 'z':
172 opt_zero = true;
173 break;
174 case 'G':
175 just_group_list = true;
176 break;
177 case_GETOPT_HELP_CHAR;
178 case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);
179 default:
180 usage (EXIT_FAILURE);
181 }
182 }
183
184 size_t n_ids = argc - optind;
185 if (1 < n_ids)
186 {
187 error (0, 0, _("extra operand %s"), quote (argv[optind + 1]));
188 usage (EXIT_FAILURE);
189 }
190
191 if (n_ids && just_context)
192 error (EXIT_FAILURE, 0,
193 _("cannot print security context when user specified"));
194
195 if (just_user + just_group + just_group_list + just_context > 1)
196 error (EXIT_FAILURE, 0, _("cannot print \"only\" of more than one choice"));
197
198 bool default_format = (just_user + just_group + just_group_list
199 + just_context == 0);
200
201 if (default_format && (use_real || use_name))
202 error (EXIT_FAILURE, 0,
203 _("cannot print only names or real IDs in default format"));
204
205 if (default_format && opt_zero)
206 error (EXIT_FAILURE, 0,
207 _("option --zero not permitted in default format"));
208
209 /* If we are on a SELinux/SMACK-enabled kernel, no user is specified, and
210 either --context is specified or none of (-u,-g,-G) is specified,
211 and we're not in POSIXLY_CORRECT mode, get our context. Otherwise,
212 leave the context variable alone - it has been initialized to an
213 invalid value that will be not displayed in print_full_info(). */
214 if (n_ids == 0
215 && (just_context
216 || (default_format && ! getenv ("POSIXLY_CORRECT"))))
217 {
218 /* Report failure only if --context (-Z) was explicitly requested. */
219 if ((selinux_enabled && getcon (&context) && just_context)
220 || (smack_enabled
221 && smack_new_label_from_self ((char **) &context) < 0
222 && just_context))
223 error (EXIT_FAILURE, 0, _("can't get process context"));
224 }
225
226 if (n_ids == 1)
227 {
228 struct passwd *pwd = getpwnam (argv[optind]);
229 if (pwd == NULL)
230 error (EXIT_FAILURE, 0, _("%s: no such user"), argv[optind]);
231 ruid = euid = pwd->pw_uid;
232 rgid = egid = pwd->pw_gid;
233 }
234 else
235 {
236 /* POSIX says identification functions (getuid, getgid, and
237 others) cannot fail, but they can fail under GNU/Hurd and a
238 few other systems. Test for failure by checking errno. */
239 uid_t NO_UID = -1;
240 gid_t NO_GID = -1;
241
242 if (just_user ? !use_real
243 : !just_group && !just_group_list && !just_context)
244 {
245 errno = 0;
246 euid = geteuid ();
247 if (euid == NO_UID && errno)
248 error (EXIT_FAILURE, errno, _("cannot get effective UID"));
249 }
250
251 if (just_user ? use_real
252 : !just_group && (just_group_list || !just_context))
253 {
254 errno = 0;
255 ruid = getuid ();
256 if (ruid == NO_UID && errno)
257 error (EXIT_FAILURE, errno, _("cannot get real UID"));
258 }
259
260 if (!just_user && (just_group || just_group_list || !just_context))
261 {
262 errno = 0;
263 egid = getegid ();
264 if (egid == NO_GID && errno)
265 error (EXIT_FAILURE, errno, _("cannot get effective GID"));
266
267 errno = 0;
268 rgid = getgid ();
269 if (rgid == NO_GID && errno)
270 error (EXIT_FAILURE, errno, _("cannot get real GID"));
271 }
272 }
273
274 if (just_user)
275 {
276 print_user (use_real ? ruid : euid);
277 }
278 else if (just_group)
279 {
280 if (!print_group (use_real ? rgid : egid, use_name))
281 ok = false;
282 }
283 else if (just_group_list)
284 {
285 if (!print_group_list (argv[optind], ruid, rgid, egid, use_name,
286 opt_zero ? '\0' : ' '))
287 ok = false;
288 }
289 else if (just_context)
290 {
291 fputs (context, stdout);
292 }
293 else
294 {
295 print_full_info (argv[optind]);
296 }
297 putchar (opt_zero ? '\0' : '\n');
298
299 exit (ok ? EXIT_SUCCESS : EXIT_FAILURE);
300 }
301
302 /* Convert a gid_t to string. Do not use this function directly.
303 Instead, use it via the gidtostr macro.
304 Beware that it returns a pointer to static storage. */
305 static char *
306 gidtostr_ptr (gid_t const *gid)
307 {
308 static char buf[INT_BUFSIZE_BOUND (uintmax_t)];
309 return umaxtostr (*gid, buf);
310 }
311 #define gidtostr(g) gidtostr_ptr (&(g))
312
313 /* Convert a uid_t to string. Do not use this function directly.
314 Instead, use it via the uidtostr macro.
315 Beware that it returns a pointer to static storage. */
316 static char *
317 uidtostr_ptr (uid_t const *uid)
318 {
319 static char buf[INT_BUFSIZE_BOUND (uintmax_t)];
320 return umaxtostr (*uid, buf);
321 }
322 #define uidtostr(u) uidtostr_ptr (&(u))
323
324 /* Print the name or value of user ID UID. */
325
326 static void
327 print_user (uid_t uid)
328 {
329 struct passwd *pwd = NULL;
330
331 if (use_name)
332 {
333 pwd = getpwuid (uid);
334 if (pwd == NULL)
335 {
336 error (0, 0, _("cannot find name for user ID %s"),
337 uidtostr (uid));
338 ok = false;
339 }
340 }
341
342 char *s = pwd ? pwd->pw_name : uidtostr (uid);
343 fputs (s, stdout);
344 }
345
346 /* Print all of the info about the user's user and group IDs. */
347
348 static void
349 print_full_info (const char *username)
350 {
351 struct passwd *pwd;
352 struct group *grp;
353
354 printf (_("uid=%s"), uidtostr (ruid));
355 pwd = getpwuid (ruid);
356 if (pwd)
357 printf ("(%s)", pwd->pw_name);
358
359 printf (_(" gid=%s"), gidtostr (rgid));
360 grp = getgrgid (rgid);
361 if (grp)
362 printf ("(%s)", grp->gr_name);
363
364 if (euid != ruid)
365 {
366 printf (_(" euid=%s"), uidtostr (euid));
367 pwd = getpwuid (euid);
368 if (pwd)
369 printf ("(%s)", pwd->pw_name);
370 }
371
372 if (egid != rgid)
373 {
374 printf (_(" egid=%s"), gidtostr (egid));
375 grp = getgrgid (egid);
376 if (grp)
377 printf ("(%s)", grp->gr_name);
378 }
379
380 {
381 gid_t *groups;
382 int i;
383
384 int n_groups = xgetgroups (username, (pwd ? pwd->pw_gid : -1),
385 &groups);
386 if (n_groups < 0)
387 {
388 if (username)
389 {
390 error (0, errno, _("failed to get groups for user %s"),
391 quote (username));
392 }
393 else
394 {
395 error (0, errno, _("failed to get groups for the current process"));
396 }
397 ok = false;
398 return;
399 }
400
401 if (n_groups > 0)
402 fputs (_(" groups="), stdout);
403 for (i = 0; i < n_groups; i++)
404 {
405 if (i > 0)
406 putchar (',');
407 fputs (gidtostr (groups[i]), stdout);
408 grp = getgrgid (groups[i]);
409 if (grp)
410 printf ("(%s)", grp->gr_name);
411 }
412 free (groups);
413 }
414
415 /* POSIX mandates the precise output format, and that it not include
416 any context=... part, so skip that if POSIXLY_CORRECT is set. */
417 if (context)
418 printf (_(" context=%s"), context);
419 }
GNU core utilities