1 /* id -- print real and effective UIDs and GIDs
2 Copyright (C) 1989-2008 Free Software Foundation, Inc.
4 This program is free software: you can redistribute it and/or modify
5 it under the terms of the GNU General Public License as published by
6 the Free Software Foundation, either version 3 of the License, or
7 (at your option) any later version.
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
14 You should have received a copy of the GNU General Public License
15 along with this program. If not, see <http://www.gnu.org/licenses/>. */
17 /* Written by Arnold Robbins.
18 Major rewrite by David MacKenzie, djm@gnu.ai.mit.edu. */
22 #include <sys/types.h>
26 #include <selinux/selinux.h>
30 #include "mgetgroups.h"
32 #include "group-list.h"
34 /* The official name of this program (e.g., no `g' prefix). */
35 #define PROGRAM_NAME "id"
38 proper_name ("Arnold Robbins"), \
39 proper_name ("David MacKenzie")
41 /* If nonzero, output only the SELinux context. -Z */
42 static int just_context = 0;
44 static void print_user (uid_t uid);
45 static void print_full_info (const char *username);
47 /* If true, output user/group name instead of ID number. -n */
48 static bool use_name = false;
50 /* The real and effective IDs of the user to print. */
51 static uid_t ruid, euid;
52 static gid_t rgid, egid;
54 /* True unless errors have been encountered. */
55 static bool ok = true;
57 /* The SELinux context. Start with a known invalid value so print_full_info
58 knows when `context' has not been set to a meaningful value. */
59 static security_context_t context = NULL;
61 static struct option const longopts[] =
63 {"context", no_argument, NULL, 'Z'},
64 {"group", no_argument, NULL, 'g'},
65 {"groups", no_argument, NULL, 'G'},
66 {"name", no_argument, NULL, 'n'},
67 {"real", no_argument, NULL, 'r'},
68 {"user", no_argument, NULL, 'u'},
69 {GETOPT_HELP_OPTION_DECL},
70 {GETOPT_VERSION_OPTION_DECL},
77 if (status != EXIT_SUCCESS)
78 fprintf (stderr, _("Try `%s --help' for more information.\n"),
82 printf (_("Usage: %s [OPTION]... [USERNAME]\n"), program_name);
84 Print information for USERNAME, or the current user.\n\
86 -a ignore, for compatibility with other versions\n\
87 -Z, --context print only the security context of the current user\n\
88 -g, --group print only the effective group ID\n\
89 -G, --groups print all group IDs\n\
90 -n, --name print a name instead of a number, for -ugG\n\
91 -r, --real print the real ID instead of the effective ID, with -ugG\n\
92 -u, --user print only the effective user ID\n\
94 fputs (HELP_OPTION_DESCRIPTION, stdout);
95 fputs (VERSION_OPTION_DESCRIPTION, stdout);
98 Without any OPTION, print some useful set of identified information.\n\
100 emit_bug_reporting_address ();
106 main (int argc, char **argv)
109 int selinux_enabled = (is_selinux_enabled () > 0);
111 /* If true, output the list of all group IDs. -G */
112 bool just_group_list = false;
113 /* If true, output only the group ID(s). -g */
114 bool just_group = false;
115 /* If true, output real UID/GID instead of default effective UID/GID. -r */
116 bool use_real = false;
117 /* If true, output only the user ID(s). -u */
118 bool just_user = false;
120 initialize_main (&argc, &argv);
121 set_program_name (argv[0]);
122 setlocale (LC_ALL, "");
123 bindtextdomain (PACKAGE, LOCALEDIR);
124 textdomain (PACKAGE);
126 atexit (close_stdout);
128 while ((optc = getopt_long (argc, argv, "agnruGZ", longopts, NULL)) != -1)
133 /* Ignore -a, for compatibility with SVR4. */
137 /* politely decline if we're not on a selinux-enabled kernel. */
138 if (!selinux_enabled)
139 error (EXIT_FAILURE, 0,
140 _("--context (-Z) works only on an SELinux-enabled kernel"));
157 just_group_list = true;
159 case_GETOPT_HELP_CHAR;
160 case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);
162 usage (EXIT_FAILURE);
166 if (1 < argc - optind)
168 error (0, 0, _("extra operand %s"), quote (argv[optind + 1]));
169 usage (EXIT_FAILURE);
172 if (argc - optind == 1 && just_context)
173 error (EXIT_FAILURE, 0,
174 _("cannot print security context when user specified"));
176 /* If we are on a selinux-enabled kernel and no user is specified,
177 get our context. Otherwise, leave the context variable alone -
178 it has been initialized known invalid value and will be not
179 displayed in print_full_info() */
180 if (selinux_enabled && argc == optind)
182 if (getcon (&context) && just_context)
183 error (EXIT_FAILURE, 0, _("can't get process context"));
186 if (just_user + just_group + just_group_list + just_context > 1)
187 error (EXIT_FAILURE, 0, _("cannot print \"only\" of more than one choice"));
189 if (just_user + just_group + just_group_list == 0 && (use_real | use_name))
190 error (EXIT_FAILURE, 0,
191 _("cannot print only names or real IDs in default format"));
193 if (argc - optind == 1)
195 struct passwd *pwd = getpwnam (argv[optind]);
197 error (EXIT_FAILURE, 0, _("%s: No such user"), argv[optind]);
198 ruid = euid = pwd->pw_uid;
199 rgid = egid = pwd->pw_gid;
211 print_user (use_real ? ruid : euid);
215 if (!print_group (use_real ? rgid : egid, use_name))
218 else if (just_group_list)
220 if (!print_group_list (argv[optind], ruid, rgid, egid, use_name))
223 else if (just_context)
225 fputs (context, stdout);
229 print_full_info (argv[optind]);
233 exit (ok ? EXIT_SUCCESS : EXIT_FAILURE);
236 /* Print the name or value of user ID UID. */
239 print_user (uid_t uid)
241 struct passwd *pwd = NULL;
245 pwd = getpwuid (uid);
248 error (0, 0, _("cannot find name for user ID %lu"),
249 (unsigned long int) uid);
255 printf ("%lu", (unsigned long int) uid);
257 printf ("%s", pwd->pw_name);
260 /* Print all of the info about the user's user and group IDs. */
263 print_full_info (const char *username)
268 printf (_("uid=%lu"), (unsigned long int) ruid);
269 pwd = getpwuid (ruid);
271 printf ("(%s)", pwd->pw_name);
273 printf (_(" gid=%lu"), (unsigned long int) rgid);
274 grp = getgrgid (rgid);
276 printf ("(%s)", grp->gr_name);
280 printf (_(" euid=%lu"), (unsigned long int) euid);
281 pwd = getpwuid (euid);
283 printf ("(%s)", pwd->pw_name);
288 printf (_(" egid=%lu"), (unsigned long int) egid);
289 grp = getgrgid (egid);
291 printf ("(%s)", grp->gr_name);
299 int n_groups = mgetgroups (username, (pwd ? pwd->pw_gid : (gid_t) -1),
305 error (0, errno, _("failed to get groups for user %s"),
310 error (0, errno, _("failed to get groups for the current process"));
317 fputs (_(" groups="), stdout);
318 for (i = 0; i < n_groups; i++)
322 printf ("%lu", (unsigned long int) groups[i]);
323 grp = getgrgid (groups[i]);
325 printf ("(%s)", grp->gr_name);
329 #endif /* HAVE_GETGROUPS */
331 printf (_(" context=%s"), context);