1 /* id -- print real and effective UIDs and GIDs
2 Copyright (C) 1989-2008 Free Software Foundation, Inc.
4 This program is free software: you can redistribute it and/or modify
5 it under the terms of the GNU General Public License as published by
6 the Free Software Foundation, either version 3 of the License, or
7 (at your option) any later version.
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
14 You should have received a copy of the GNU General Public License
15 along with this program. If not, see <http://www.gnu.org/licenses/>. */
17 /* Written by Arnold Robbins.
18 Major rewrite by David MacKenzie, djm@gnu.ai.mit.edu. */
22 #include <sys/types.h>
26 #include <selinux/selinux.h>
30 #include "mgetgroups.h"
32 #include "group-list.h"
34 /* The official name of this program (e.g., no `g' prefix). */
35 #define PROGRAM_NAME "id"
38 proper_name ("Arnold Robbins"), \
39 proper_name ("David MacKenzie")
41 /* If nonzero, output only the SELinux context. -Z */
42 static int just_context = 0;
44 static void print_user (uid_t uid);
45 static void print_full_info (const char *username);
47 /* If true, output user/group name instead of ID number. -n */
48 static bool use_name = false;
50 /* The real and effective IDs of the user to print. */
51 static uid_t ruid, euid;
52 static gid_t rgid, egid;
54 /* True unless errors have been encountered. */
55 static bool ok = true;
57 /* The SELinux context. Start with a known invalid value so print_full_info
58 knows when `context' has not been set to a meaningful value. */
59 static security_context_t context = NULL;
61 static struct option const longopts[] =
63 {"context", no_argument, NULL, 'Z'},
64 {"group", no_argument, NULL, 'g'},
65 {"groups", no_argument, NULL, 'G'},
66 {"name", no_argument, NULL, 'n'},
67 {"real", no_argument, NULL, 'r'},
68 {"user", no_argument, NULL, 'u'},
69 {GETOPT_HELP_OPTION_DECL},
70 {GETOPT_VERSION_OPTION_DECL},
77 if (status != EXIT_SUCCESS)
78 fprintf (stderr, _("Try `%s --help' for more information.\n"),
82 printf (_("Usage: %s [OPTION]... [USERNAME]\n"), program_name);
84 Print information for USERNAME, or the current user.\n\
86 -a ignore, for compatibility with other versions\n\
87 -Z, --context print only the security context of the current user\n\
88 -g, --group print only the effective group ID\n\
89 -G, --groups print all group IDs\n\
90 -n, --name print a name instead of a number, for -ugG\n\
91 -r, --real print the real ID instead of the effective ID, with -ugG\n\
92 -u, --user print only the effective user ID\n\
94 fputs (HELP_OPTION_DESCRIPTION, stdout);
95 fputs (VERSION_OPTION_DESCRIPTION, stdout);
98 Without any OPTION, print some useful set of identified information.\n\
100 emit_bug_reporting_address ();
106 main (int argc, char **argv)
109 int selinux_enabled = (is_selinux_enabled () > 0);
111 /* If true, output the list of all group IDs. -G */
112 bool just_group_list = false;
113 /* If true, output only the group ID(s). -g */
114 bool just_group = false;
115 /* If true, output real UID/GID instead of default effective UID/GID. -r */
116 bool use_real = false;
117 /* If true, output only the user ID(s). -u */
118 bool just_user = false;
120 initialize_main (&argc, &argv);
121 set_program_name (argv[0]);
122 setlocale (LC_ALL, "");
123 bindtextdomain (PACKAGE, LOCALEDIR);
124 textdomain (PACKAGE);
126 atexit (close_stdout);
128 while ((optc = getopt_long (argc, argv, "agnruGZ", longopts, NULL)) != -1)
133 /* Ignore -a, for compatibility with SVR4. */
137 /* politely decline if we're not on a selinux-enabled kernel. */
138 if (!selinux_enabled)
139 error (EXIT_FAILURE, 0,
140 _("--context (-Z) works only on an SELinux-enabled kernel"));
157 just_group_list = true;
159 case_GETOPT_HELP_CHAR;
160 case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);
162 usage (EXIT_FAILURE);
166 if (1 < argc - optind)
168 error (0, 0, _("extra operand %s"), quote (argv[optind + 1]));
169 usage (EXIT_FAILURE);
172 if (argc - optind == 1 && just_context)
173 error (EXIT_FAILURE, 0,
174 _("cannot print security context when user specified"));
176 if (just_context && !selinux_enabled)
177 error (EXIT_FAILURE, 0, _("\
178 cannot display context when selinux not enabled or when displaying the id\n\
179 of a different user"));
181 /* If we are on a selinux-enabled kernel and no user is specified,
182 get our context. Otherwise, leave the context variable alone -
183 it has been initialized known invalid value and will be not
184 displayed in print_full_info() */
185 if (selinux_enabled && argc == optind)
187 if (getcon (&context) && just_context)
188 error (EXIT_FAILURE, 0, _("can't get process context"));
191 if (just_user + just_group + just_group_list + just_context > 1)
192 error (EXIT_FAILURE, 0, _("cannot print \"only\" of more than one choice"));
194 if (just_user + just_group + just_group_list == 0 && (use_real | use_name))
195 error (EXIT_FAILURE, 0,
196 _("cannot print only names or real IDs in default format"));
198 if (argc - optind == 1)
200 struct passwd *pwd = getpwnam (argv[optind]);
202 error (EXIT_FAILURE, 0, _("%s: No such user"), argv[optind]);
203 ruid = euid = pwd->pw_uid;
204 rgid = egid = pwd->pw_gid;
216 print_user (use_real ? ruid : euid);
220 if (!print_group (use_real ? rgid : egid, use_name))
223 else if (just_group_list)
225 if (!print_group_list (argv[optind], ruid, rgid, egid, use_name))
228 else if (just_context)
230 fputs (context, stdout);
234 print_full_info (argv[optind]);
238 exit (ok ? EXIT_SUCCESS : EXIT_FAILURE);
241 /* Print the name or value of user ID UID. */
244 print_user (uid_t uid)
246 struct passwd *pwd = NULL;
250 pwd = getpwuid (uid);
253 error (0, 0, _("cannot find name for user ID %lu"),
254 (unsigned long int) uid);
260 printf ("%lu", (unsigned long int) uid);
262 printf ("%s", pwd->pw_name);
265 /* Print all of the info about the user's user and group IDs. */
268 print_full_info (const char *username)
273 printf ("uid=%lu", (unsigned long int) ruid);
274 pwd = getpwuid (ruid);
276 printf ("(%s)", pwd->pw_name);
278 printf (" gid=%lu", (unsigned long int) rgid);
279 grp = getgrgid (rgid);
281 printf ("(%s)", grp->gr_name);
285 printf (" euid=%lu", (unsigned long int) euid);
286 pwd = getpwuid (euid);
288 printf ("(%s)", pwd->pw_name);
293 printf (" egid=%lu", (unsigned long int) egid);
294 grp = getgrgid (egid);
296 printf ("(%s)", grp->gr_name);
304 int n_groups = mgetgroups (username, (pwd ? pwd->pw_gid : (gid_t) -1),
310 error (0, errno, _("failed to get groups for user %s"),
315 error (0, errno, _("failed to get groups for the current process"));
322 fputs (_(" groups="), stdout);
323 for (i = 0; i < n_groups; i++)
327 printf ("%lu", (unsigned long int) groups[i]);
328 grp = getgrgid (groups[i]);
330 printf ("(%s)", grp->gr_name);
334 #endif /* HAVE_GETGROUPS */
336 printf (" context=%s", context);