src/id.c

   1 /* id -- print real and effective UIDs and GIDs
   2    Copyright (C) 1989-2010 Free Software Foundation, Inc.
   3
   4    This program is free software: you can redistribute it and/or modify
   5    it under the terms of the GNU General Public License as published by
   6    the Free Software Foundation, either version 3 of the License, or
   7    (at your option) any later version.
   8
   9    This program is distributed in the hope that it will be useful,
  10    but WITHOUT ANY WARRANTY; without even the implied warranty of
  11    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12    GNU General Public License for more details.
  13
  14    You should have received a copy of the GNU General Public License
  15    along with this program.  If not, see <http://www.gnu.org/licenses/>.  */
  16
  17 /* Written by Arnold Robbins.
  18    Major rewrite by David MacKenzie, djm@gnu.ai.mit.edu. */
  19
  20 #include <config.h>
  21 #include <stdio.h>
  22 #include <sys/types.h>
  23 #include <pwd.h>
  24 #include <grp.h>
  25 #include <getopt.h>
  26 #include <selinux/selinux.h>
  27
  28 #include "system.h"
  29 #include "error.h"
  30 #include "mgetgroups.h"
  31 #include "quote.h"
  32 #include "group-list.h"
  33
  34 /* The official name of this program (e.g., no `g' prefix).  */
  35 #define PROGRAM_NAME "id"
  36
  37 #define AUTHORS \
  38   proper_name ("Arnold Robbins"), \
  39   proper_name ("David MacKenzie")
  40
  41 /* If nonzero, output only the SELinux context. -Z */
  42 static int just_context = 0;
  43
  44 static void print_user (uid_t uid);
  45 static void print_full_info (const char *username);
  46
  47 /* If true, output user/group name instead of ID number. -n */
  48 static bool use_name = false;
  49
  50 /* The real and effective IDs of the user to print. */
  51 static uid_t ruid, euid;
  52 static gid_t rgid, egid;
  53
  54 /* True unless errors have been encountered.  */
  55 static bool ok = true;
  56
  57 /* The SELinux context.  Start with a known invalid value so print_full_info
  58    knows when `context' has not been set to a meaningful value.  */
  59 static security_context_t context = NULL;
  60
  61 static struct option const longopts[] =
  62 {
  63   {"context", no_argument, NULL, 'Z'},
  64   {"group", no_argument, NULL, 'g'},
  65   {"groups", no_argument, NULL, 'G'},
  66   {"name", no_argument, NULL, 'n'},
  67   {"real", no_argument, NULL, 'r'},
  68   {"user", no_argument, NULL, 'u'},
  69   {GETOPT_HELP_OPTION_DECL},
  70   {GETOPT_VERSION_OPTION_DECL},
  71   {NULL, 0, NULL, 0}
  72 };
  73
  74 void
  75 usage (int status)
  76 {
  77   if (status != EXIT_SUCCESS)
  78     fprintf (stderr, _("Try `%s --help' for more information.\n"),
  79              program_name);
  80   else
  81     {
  82       printf (_("Usage: %s [OPTION]... [USERNAME]\n"), program_name);
  83       fputs (_("\
  84 Print user and group information for the specified USERNAME,\n\
  85 or (when USERNAME omitted) for the current user.\n\
  86 \n\
  87   -a              ignore, for compatibility with other versions\n\
  88   -Z, --context   print only the security context of the current user\n\
  89   -g, --group     print only the effective group ID\n\
  90   -G, --groups    print all group IDs\n\
  91   -n, --name      print a name instead of a number, for -ugG\n\
  92   -r, --real      print the real ID instead of the effective ID, with -ugG\n\
  93   -u, --user      print only the effective user ID\n\
  94 "), stdout);
  95       fputs (HELP_OPTION_DESCRIPTION, stdout);
  96       fputs (VERSION_OPTION_DESCRIPTION, stdout);
  97       fputs (_("\
  98 \n\
  99 Without any OPTION, print some useful set of identified information.\n\
 100 "), stdout);
 101       emit_ancillary_info ();
 102     }
 103   exit (status);
 104 }
 105
 106 int
 107 main (int argc, char **argv)
 108 {
 109   int optc;
 110   int selinux_enabled = (is_selinux_enabled () > 0);
 111
 112   /* If true, output the list of all group IDs. -G */
 113   bool just_group_list = false;
 114   /* If true, output only the group ID(s). -g */
 115   bool just_group = false;
 116   /* If true, output real UID/GID instead of default effective UID/GID. -r */
 117   bool use_real = false;
 118   /* If true, output only the user ID(s). -u */
 119   bool just_user = false;
 120
 121   initialize_main (&argc, &argv);
 122   set_program_name (argv[0]);
 123   setlocale (LC_ALL, "");
 124   bindtextdomain (PACKAGE, LOCALEDIR);
 125   textdomain (PACKAGE);
 126
 127   atexit (close_stdout);
 128
 129   while ((optc = getopt_long (argc, argv, "agnruGZ", longopts, NULL)) != -1)
 130     {
 131       switch (optc)
 132         {
 133         case 'a':
 134           /* Ignore -a, for compatibility with SVR4.  */
 135           break;
 136
 137         case 'Z':
 138           /* politely decline if we're not on a selinux-enabled kernel. */
 139           if (!selinux_enabled)
 140             error (EXIT_FAILURE, 0,
 141                    _("--context (-Z) works only on an SELinux-enabled kernel"));
 142           just_context = 1;
 143           break;
 144
 145         case 'g':
 146           just_group = true;
 147           break;
 148         case 'n':
 149           use_name = true;
 150           break;
 151         case 'r':
 152           use_real = true;
 153           break;
 154         case 'u':
 155           just_user = true;
 156           break;
 157         case 'G':
 158           just_group_list = true;
 159           break;
 160         case_GETOPT_HELP_CHAR;
 161         case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);
 162         default:
 163           usage (EXIT_FAILURE);
 164         }
 165     }
 166
 167   if (1 < argc - optind)
 168     {
 169       error (0, 0, _("extra operand %s"), quote (argv[optind + 1]));
 170       usage (EXIT_FAILURE);
 171     }
 172
 173   if (argc - optind == 1 && just_context)
 174     error (EXIT_FAILURE, 0,
 175            _("cannot print security context when user specified"));
 176
 177   /* If we are on a selinux-enabled kernel and no user is specified,
 178      get our context. Otherwise, leave the context variable alone -
 179      it has been initialized known invalid value and will be not
 180      displayed in print_full_info() */
 181   if (selinux_enabled && argc == optind)
 182     {
 183       if (getcon (&context) && just_context)
 184         error (EXIT_FAILURE, 0, _("can't get process context"));
 185     }
 186
 187   if (just_user + just_group + just_group_list + just_context > 1)
 188     error (EXIT_FAILURE, 0, _("cannot print \"only\" of more than one choice"));
 189
 190   if (just_user + just_group + just_group_list == 0 && (use_real || use_name))
 191     error (EXIT_FAILURE, 0,
 192            _("cannot print only names or real IDs in default format"));
 193
 194   if (argc - optind == 1)
 195     {
 196       struct passwd *pwd = getpwnam (argv[optind]);
 197       if (pwd == NULL)
 198         error (EXIT_FAILURE, 0, _("%s: No such user"), argv[optind]);
 199       ruid = euid = pwd->pw_uid;
 200       rgid = egid = pwd->pw_gid;
 201     }
 202   else
 203     {
 204       euid = geteuid ();
 205       ruid = getuid ();
 206       egid = getegid ();
 207       rgid = getgid ();
 208     }
 209
 210   if (just_user)
 211     {
 212       print_user (use_real ? ruid : euid);
 213     }
 214   else if (just_group)
 215     {
 216       if (!print_group (use_real ? rgid : egid, use_name))
 217         ok = false;
 218     }
 219   else if (just_group_list)
 220     {
 221       if (!print_group_list (argv[optind], ruid, rgid, egid, use_name))
 222         ok = false;
 223     }
 224   else if (just_context)
 225     {
 226       fputs (context, stdout);
 227     }
 228   else
 229     {
 230       print_full_info (argv[optind]);
 231     }
 232   putchar ('\n');
 233
 234   exit (ok ? EXIT_SUCCESS : EXIT_FAILURE);
 235 }
 236
 237 /* Print the name or value of user ID UID. */
 238
 239 static void
 240 print_user (uid_t uid)
 241 {
 242   struct passwd *pwd = NULL;
 243
 244   if (use_name)
 245     {
 246       pwd = getpwuid (uid);
 247       if (pwd == NULL)
 248         {
 249           error (0, 0, _("cannot find name for user ID %lu"),
 250                  (unsigned long int) uid);
 251           ok = false;
 252         }
 253     }
 254
 255   if (pwd == NULL)
 256     printf ("%lu", (unsigned long int) uid);
 257   else
 258     printf ("%s", pwd->pw_name);
 259 }
 260
 261 /* Print all of the info about the user's user and group IDs. */
 262
 263 static void
 264 print_full_info (const char *username)
 265 {
 266   struct passwd *pwd;
 267   struct group *grp;
 268
 269   printf (_("uid=%lu"), (unsigned long int) ruid);
 270   pwd = getpwuid (ruid);
 271   if (pwd)
 272     printf ("(%s)", pwd->pw_name);
 273
 274   printf (_(" gid=%lu"), (unsigned long int) rgid);
 275   grp = getgrgid (rgid);
 276   if (grp)
 277     printf ("(%s)", grp->gr_name);
 278
 279   if (euid != ruid)
 280     {
 281       printf (_(" euid=%lu"), (unsigned long int) euid);
 282       pwd = getpwuid (euid);
 283       if (pwd)
 284         printf ("(%s)", pwd->pw_name);
 285     }
 286
 287   if (egid != rgid)
 288     {
 289       printf (_(" egid=%lu"), (unsigned long int) egid);
 290       grp = getgrgid (egid);
 291       if (grp)
 292         printf ("(%s)", grp->gr_name);
 293     }
 294
 295   {
 296     gid_t *groups;
 297     int i;
 298
 299     int n_groups = xgetgroups (username, (pwd ? pwd->pw_gid : (gid_t) -1),
 300                                &groups);
 301     if (n_groups < 0)
 302       {
 303         if (username)
 304           {
 305             error (0, errno, _("failed to get groups for user %s"),
 306                    quote (username));
 307           }
 308         else
 309           {
 310             error (0, errno, _("failed to get groups for the current process"));
 311           }
 312         ok = false;
 313         return;
 314       }
 315
 316     if (n_groups > 0)
 317       fputs (_(" groups="), stdout);
 318     for (i = 0; i < n_groups; i++)
 319       {
 320         if (i > 0)
 321           putchar (',');
 322         printf ("%lu", (unsigned long int) groups[i]);
 323         grp = getgrgid (groups[i]);
 324         if (grp)
 325           printf ("(%s)", grp->gr_name);
 326       }
 327     free (groups);
 328   }
 329
 330   /* POSIX mandates the precise output format, and that it not include
 331      any context=... part, so skip that if POSIXLY_CORRECT is set.  */
 332   if (context != NULL && ! getenv ("POSIXLY_CORRECT"))
 333     printf (_(" context=%s"), context);
 334 }