src/id.c

   1 /* id -- print real and effective UIDs and GIDs
   2    Copyright (C) 1989-2008 Free Software Foundation, Inc.
   3
   4    This program is free software: you can redistribute it and/or modify
   5    it under the terms of the GNU General Public License as published by
   6    the Free Software Foundation, either version 3 of the License, or
   7    (at your option) any later version.
   8
   9    This program is distributed in the hope that it will be useful,
  10    but WITHOUT ANY WARRANTY; without even the implied warranty of
  11    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12    GNU General Public License for more details.
  13
  14    You should have received a copy of the GNU General Public License
  15    along with this program.  If not, see <http://www.gnu.org/licenses/>.  */
  16
  17 /* Written by Arnold Robbins.
  18    Major rewrite by David MacKenzie, djm@gnu.ai.mit.edu. */
  19
  20 #include <config.h>
  21 #include <stdio.h>
  22 #include <sys/types.h>
  23 #include <pwd.h>
  24 #include <grp.h>
  25 #include <getopt.h>
  26 #include <selinux/selinux.h>
  27
  28 #include "system.h"
  29 #include "error.h"
  30 #include "mgetgroups.h"
  31 #include "quote.h"
  32 #include "group-list.h"
  33
  34 /* The official name of this program (e.g., no `g' prefix).  */
  35 #define PROGRAM_NAME "id"
  36
  37 #define AUTHORS \
  38   proper_name ("Arnold Robbins"), \
  39   proper_name ("David MacKenzie")
  40
  41 /* If nonzero, output only the SELinux context. -Z */
  42 static int just_context = 0;
  43
  44 static void print_user (uid_t uid);
  45 static void print_full_info (const char *username);
  46
  47 /* The name this program was run with. */
  48 char *program_name;
  49
  50 /* If true, output user/group name instead of ID number. -n */
  51 static bool use_name = false;
  52
  53 /* The real and effective IDs of the user to print. */
  54 static uid_t ruid, euid;
  55 static gid_t rgid, egid;
  56
  57 /* True unless errors have been encountered.  */
  58 static bool ok = true;
  59
  60 /* The SELinux context.  Start with a known invalid value so print_full_info
  61    knows when `context' has not been set to a meaningful value.  */
  62 static security_context_t context = NULL;
  63
  64 static struct option const longopts[] =
  65 {
  66   {"context", no_argument, NULL, 'Z'},
  67   {"group", no_argument, NULL, 'g'},
  68   {"groups", no_argument, NULL, 'G'},
  69   {"name", no_argument, NULL, 'n'},
  70   {"real", no_argument, NULL, 'r'},
  71   {"user", no_argument, NULL, 'u'},
  72   {GETOPT_HELP_OPTION_DECL},
  73   {GETOPT_VERSION_OPTION_DECL},
  74   {NULL, 0, NULL, 0}
  75 };
  76
  77 void
  78 usage (int status)
  79 {
  80   if (status != EXIT_SUCCESS)
  81     fprintf (stderr, _("Try `%s --help' for more information.\n"),
  82              program_name);
  83   else
  84     {
  85       printf (_("Usage: %s [OPTION]... [USERNAME]\n"), program_name);
  86       fputs (_("\
  87 Print information for USERNAME, or the current user.\n\
  88 \n\
  89   -a              ignore, for compatibility with other versions\n\
  90   -Z, --context   print only the security context of the current user\n\
  91   -g, --group     print only the effective group ID\n\
  92   -G, --groups    print all group IDs\n\
  93   -n, --name      print a name instead of a number, for -ugG\n\
  94   -r, --real      print the real ID instead of the effective ID, with -ugG\n\
  95   -u, --user      print only the effective user ID\n\
  96 "), stdout);
  97       fputs (HELP_OPTION_DESCRIPTION, stdout);
  98       fputs (VERSION_OPTION_DESCRIPTION, stdout);
  99       fputs (_("\
 100 \n\
 101 Without any OPTION, print some useful set of identified information.\n\
 102 "), stdout);
 103       emit_bug_reporting_address ();
 104     }
 105   exit (status);
 106 }
 107
 108 int
 109 main (int argc, char **argv)
 110 {
 111   int optc;
 112   int selinux_enabled = (is_selinux_enabled () > 0);
 113
 114   /* If true, output the list of all group IDs. -G */
 115   bool just_group_list = false;
 116   /* If true, output only the group ID(s). -g */
 117   bool just_group = false;
 118   /* If true, output real UID/GID instead of default effective UID/GID. -r */
 119   bool use_real = false;
 120   /* If true, output only the user ID(s). -u */
 121   bool just_user = false;
 122
 123   initialize_main (&argc, &argv);
 124   program_name = argv[0];
 125   setlocale (LC_ALL, "");
 126   bindtextdomain (PACKAGE, LOCALEDIR);
 127   textdomain (PACKAGE);
 128
 129   atexit (close_stdout);
 130
 131   while ((optc = getopt_long (argc, argv, "agnruGZ", longopts, NULL)) != -1)
 132     {
 133       switch (optc)
 134         {
 135         case 'a':
 136           /* Ignore -a, for compatibility with SVR4.  */
 137           break;
 138
 139         case 'Z':
 140           /* politely decline if we're not on a selinux-enabled kernel. */
 141           if (!selinux_enabled)
 142             error (EXIT_FAILURE, 0,
 143                    _("--context (-Z) works only on an SELinux-enabled kernel"));
 144           just_context = 1;
 145           break;
 146
 147         case 'g':
 148           just_group = true;
 149           break;
 150         case 'n':
 151           use_name = true;
 152           break;
 153         case 'r':
 154           use_real = true;
 155           break;
 156         case 'u':
 157           just_user = true;
 158           break;
 159         case 'G':
 160           just_group_list = true;
 161           break;
 162         case_GETOPT_HELP_CHAR;
 163         case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);
 164         default:
 165           usage (EXIT_FAILURE);
 166         }
 167     }
 168
 169   if (1 < argc - optind)
 170     {
 171       error (0, 0, _("extra operand %s"), quote (argv[optind + 1]));
 172       usage (EXIT_FAILURE);
 173     }
 174
 175   if (argc - optind == 1 && just_context)
 176     error (EXIT_FAILURE, 0,
 177            _("cannot print security context when user specified"));
 178
 179   if (just_context && !selinux_enabled)
 180     error (EXIT_FAILURE, 0, _("\
 181 cannot display context when selinux not enabled or when displaying the id\n\
 182 of a different user"));
 183
 184   /* If we are on a selinux-enabled kernel and no user is specified,
 185      get our context. Otherwise, leave the context variable alone -
 186      it has been initialized known invalid value and will be not
 187      displayed in print_full_info() */
 188   if (selinux_enabled && argc == optind)
 189     {
 190       if (getcon (&context) && just_context)
 191         error (EXIT_FAILURE, 0, _("can't get process context"));
 192     }
 193
 194   if (just_user + just_group + just_group_list + just_context > 1)
 195     error (EXIT_FAILURE, 0, _("cannot print \"only\" of more than one choice"));
 196
 197   if (just_user + just_group + just_group_list == 0 && (use_real | use_name))
 198     error (EXIT_FAILURE, 0,
 199            _("cannot print only names or real IDs in default format"));
 200
 201   if (argc - optind == 1)
 202     {
 203       struct passwd *pwd = getpwnam (argv[optind]);
 204       if (pwd == NULL)
 205         error (EXIT_FAILURE, 0, _("%s: No such user"), argv[optind]);
 206       ruid = euid = pwd->pw_uid;
 207       rgid = egid = pwd->pw_gid;
 208     }
 209   else
 210     {
 211       euid = geteuid ();
 212       ruid = getuid ();
 213       egid = getegid ();
 214       rgid = getgid ();
 215     }
 216
 217   if (just_user)
 218     {
 219       print_user (use_real ? ruid : euid);
 220     }
 221   else if (just_group)
 222     {
 223       if (!print_group (use_real ? rgid : egid, use_name))
 224         ok = false;
 225     }
 226   else if (just_group_list)
 227     {
 228       if (!print_group_list (argv[optind], ruid, rgid, egid, use_name))
 229         ok = false;
 230     }
 231   else if (just_context)
 232     {
 233       fputs (context, stdout);
 234     }
 235   else
 236     {
 237       print_full_info (argv[optind]);
 238     }
 239   putchar ('\n');
 240
 241   exit (ok ? EXIT_SUCCESS : EXIT_FAILURE);
 242 }
 243
 244 /* Print the name or value of user ID UID. */
 245
 246 static void
 247 print_user (uid_t uid)
 248 {
 249   struct passwd *pwd = NULL;
 250
 251   if (use_name)
 252     {
 253       pwd = getpwuid (uid);
 254       if (pwd == NULL)
 255         {
 256           error (0, 0, _("cannot find name for user ID %lu"),
 257                  (unsigned long int) uid);
 258           ok = false;
 259         }
 260     }
 261
 262   if (pwd == NULL)
 263     printf ("%lu", (unsigned long int) uid);
 264   else
 265     printf ("%s", pwd->pw_name);
 266 }
 267
 268 /* Print all of the info about the user's user and group IDs. */
 269
 270 static void
 271 print_full_info (const char *username)
 272 {
 273   struct passwd *pwd;
 274   struct group *grp;
 275
 276   printf ("uid=%lu", (unsigned long int) ruid);
 277   pwd = getpwuid (ruid);
 278   if (pwd)
 279     printf ("(%s)", pwd->pw_name);
 280
 281   printf (" gid=%lu", (unsigned long int) rgid);
 282   grp = getgrgid (rgid);
 283   if (grp)
 284     printf ("(%s)", grp->gr_name);
 285
 286   if (euid != ruid)
 287     {
 288       printf (" euid=%lu", (unsigned long int) euid);
 289       pwd = getpwuid (euid);
 290       if (pwd)
 291         printf ("(%s)", pwd->pw_name);
 292     }
 293
 294   if (egid != rgid)
 295     {
 296       printf (" egid=%lu", (unsigned long int) egid);
 297       grp = getgrgid (egid);
 298       if (grp)
 299         printf ("(%s)", grp->gr_name);
 300     }
 301
 302 #if HAVE_GETGROUPS
 303   {
 304     GETGROUPS_T *groups;
 305     size_t i;
 306
 307     int n_groups = mgetgroups (username, (pwd ? pwd->pw_gid : (gid_t) -1),
 308                                &groups);
 309     if (n_groups < 0)
 310       {
 311         if (username)
 312           {
 313             error (0, errno, _("failed to get groups for user %s"),
 314                    quote (username));
 315           }
 316         else
 317           {
 318             error (0, errno, _("failed to get groups for the current process"));
 319           }
 320         ok = false;
 321         return;
 322       }
 323
 324     if (n_groups > 0)
 325       fputs (_(" groups="), stdout);
 326     for (i = 0; i < n_groups; i++)
 327       {
 328         if (i > 0)
 329           putchar (',');
 330         printf ("%lu", (unsigned long int) groups[i]);
 331         grp = getgrgid (groups[i]);
 332         if (grp)
 333           printf ("(%s)", grp->gr_name);
 334       }
 335     free (groups);
 336   }
 337 #endif /* HAVE_GETGROUPS */
 338   if (context != NULL)
 339     printf (" context=%s", context);
 340 }