#include <unistd.h>
#include <getopt.h>
#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/syslog.h>
#include <pwd.h>
+#include <grp.h>
#include <shadow.h>
#include <paths.h>
#include <time.h>
+#include <utmp.h>
+#include <signal.h>
+#include <err.h>
+#include <limits.h>
+
+#include <libsmartcols.h>
+#ifdef HAVE_LIBSELINUX
+#include <selinux/selinux.h>
+#endif
#include "c.h"
#include "nls.h"
#include "closestream.h"
#include "xalloc.h"
+#include "list.h"
#include "strutils.h"
#include "optutils.h"
+#include "pathnames.h"
+#include "logindefs.h"
+#include "readutmp.h"
/*
* column description
const char *name;
const char *help;
- unsigned int is_abbr:1; /* name is abbreviation */
+ double whint; /* width hint */
};
+static struct list_head userlist;
/* the most uber of flags */
static int uberflag;
+struct utmp *wtmp, *btmp;
+size_t wtmp_size, btmp_size;
+int want_wtmp, want_btmp;
+
+#define UL_UID_MIN "1000"
+#define UL_UID_MAX "60000"
+#define UL_SYS_UID_MIN "201"
+#define UL_SYS_UID_MAX "999"
+
+uid_t UID_MIN;
+uid_t UID_MAX;
+
+uid_t SYS_UID_MIN;
+uid_t SYS_UID_MAX;
/* we use the value of outmode to determine
* appropriate flags for the libsmartcols table
* (e.g., a value of out_newline would imply a raw
* output modes
*/
enum {
- out_colon = 0,
+ out_colon = 1,
out_export,
out_newline,
out_raw,
gid_t gid;
char *gecos;
- int nopasswd:1;
+ int nopasswd;
+ int nologin;
+ int locked;
char *sgroups;
- struct tm *pwd_ctime;
- struct tm *pwd_expir;
+ char *pwd_ctime;
+ char *pwd_expir;
+ char *pwd_ctime_min;
+ char *pwd_ctime_max;
- struct tm *last_login;
- char * last_tty;
- char * last_hostname;
+ char *last_login;
+ char *last_tty;
+ char *last_hostname;
- struct tm *failed_login;
- struct tm *failed_tty;
+ char *failed_login;
+ char *failed_tty;
+#ifdef HAVE_LIBSELINUX
+ security_context_t context;
+#endif
char *homedir;
char *shell;
char *pwd_status;
- char *hush_status;
+ int hushed;
+
+ struct list_head ulist;
};
/*
* flags
*/
enum {
F_EXPIR = (1 << 0),
- F_DUP = (1 << 1),
- F_EXPRT = (1 << 2),
- F_MORE = (1 << 3),
- F_NOPWD = (1 << 4),
- F_SYSAC = (1 << 5),
- F_USRAC = (1 << 6),
- F_SORT = (1 << 7),
- F_EXTRA = (1 << 8),
- F_FAIL = (1 << 9),
- F_LAST = (1 << 10),
+ F_MORE = (1 << 1),
+ F_NOPWD = (1 << 2),
+ F_SYSAC = (1 << 3),
+ F_USRAC = (1 << 4),
+ F_SORT = (1 << 5),
+ F_EXTRA = (1 << 6),
+ F_FAIL = (1 << 7),
+ F_LAST = (1 << 8),
+ F_SELINUX = (1 << 9),
};
/*
enum {
COL_LOGIN = 0,
COL_UID,
- COL_NOPASSWD,
COL_PGRP,
COL_PGID,
COL_SGRPS,
COL_FAILED_LOGIN,
COL_FAILED_TTY,
COL_HUSH_STATUS,
- COL_PWD_STATUS,
+ COL_NOLOGIN,
+ COL_LOCKED,
+ COL_NOPASSWD,
COL_PWD_EXPIR,
COL_PWD_CTIME,
- /*COL_PWD_CTIME_MAX,
- COL_PWD_CTIME_MIN,*/
+ COL_PWD_CTIME_MIN,
+ COL_PWD_CTIME_MAX,
+ COL_SELINUX,
};
+static const char *const status[] = { "0", "1", "-" };
static struct lslogins_coldesc coldescs[] =
{
- [COL_LOGIN] = { "LOGIN", N_("user/system login"), 1 },
- [COL_UID] = { "UID", N_("user UID") },
- [COL_NOPASSWD] = { "HAS PASSWORD", N_("account has a password?") },
- [COL_PGRP] = { "GRP", N_("primary group name") },
- [COL_PGID] = { "GRP_GID", N_("primary group GID") },
- [COL_SGRPS] = { "SEC_GRPS", N_("secondary group names and GIDs") },
- [COL_HOME] = { "HOMEDIR", N_("home directory") },
- [COL_SHELL] = { "SHELL", N_("login shell") },
- [COL_FULLNAME] = { "FULLNAME", N_("full user name") },
- [COL_LAST_LOGIN] = { "LAST_LOGIN", N_("date of last login") },
- [COL_LAST_TTY] = { "LAST_TTY", N_("last tty used") },
- [COL_LAST_HOSTNAME] = { "LAST_HOSTNAME", N_("hostname during the last session") },
- [COL_FAILED_LOGIN] = { "FAILED_LOGIN", N_("date of last failed login") },
- [COL_FAILED_TTY] = { "FAILED_TTY", N_("where did the login fail?") },
- [COL_HUSH_STATUS] = { "HUSH_STATUS", N_("User's hush settings") },
- [COL_PWD_STATUS] = { "PWD_STATUS", N_("password status - see the -x option description") },
- [COL_PWD_EXPIR] = { "PWD_EXPIR", N_("password expiration date") },
- [COL_PWD_CTIME] = { "PWD_CHANGE", N_("date of last password change") },
- /*[COL_PWD_CTIME_MAX] = { "PWD UNTIL", N_("max number of days a password may remain unchanged") },
- [COL_PWD_CTIME_MIN] = { "PWD CAN CHANGE", N_("number of days required between changes") },*/
+ [COL_LOGIN] = { "LOGIN", N_("user/system login"), 0.2 },
+ [COL_UID] = { "UID", N_("user UID"), 0.05 },
+ [COL_NOPASSWD] = { "NOPASSWD", N_("account has a password?"), 1 },
+ [COL_NOLOGIN] = { "NOLOGIN", N_("account has a password?"), 1 },
+ [COL_LOCKED] = { "LOCKED", N_("account has a password?"), 1 },
+ [COL_PGRP] = { "GRP", N_("primary group name"), 0.2 },
+ [COL_PGID] = { "GID", N_("primary group GID"), 0.05 },
+ [COL_SGRPS] = { "SEC_GRPS", N_("secondary group names and GIDs"), 0.5 },
+ [COL_HOME] = { "HOMEDIR", N_("home directory"), 0.3 },
+ [COL_SHELL] = { "SHELL", N_("login shell"), 0.1 },
+ [COL_FULLNAME] = { "FULLNAME", N_("full user name"), 0.3 },
+ [COL_LAST_LOGIN] = { "LAST_LOGIN", N_("date of last login"), 24 },
+ [COL_LAST_TTY] = { "LAST_TTY", N_("last tty used"), 0.05 },
+ [COL_LAST_HOSTNAME] = { "LAST_HOSTNAME", N_("hostname during the last session"), 0.2},
+ [COL_FAILED_LOGIN] = { "FAILED_LOGIN", N_("date of last failed login"), 24 },
+ [COL_FAILED_TTY] = { "FAILED_TTY", N_("where did the login fail?"), 0.05 },
+ [COL_HUSH_STATUS] = { "HUSHED", N_("User's hush settings"), 1 },
+ [COL_PWD_EXPIR] = { "PWD_EXPIR", N_("password expiration date"), 24 },
+ [COL_PWD_CTIME] = { "PWD_CHANGE", N_("date of last password change"), 24 },
+ [COL_PWD_CTIME_MIN] = { "PWD_MIN", N_("number of days required between changes"), 24 },
+ [COL_PWD_CTIME_MAX] = { "PWD_MAX", N_("max number of days a password may remain unchanged"), 24 },
+ [COL_SELINUX] = { "CONTEXT", N_("the user's security context"), 0.4 },
};
static int
for (i = 0; i < ARRAY_SIZE(coldescs); i++) {
const char *cn = coldescs[i].name;
- if (!strncasecmp(name, cn, namesz) && !*(cn + namesz))
+ if (!strncasecmp(name, cn, namesz) && !*(cn + namesz)) {
+ if (i <= COL_LAST_HOSTNAME && i >= COL_LAST_LOGIN)
+ want_wtmp = 1;
+ if (i == COL_FAILED_TTY && i >= COL_FAILED_LOGIN)
+ want_btmp = 1;
return i;
+ }
}
warnx(_("unknown column: %s"), name);
return -1;
}
+static char *make_time(struct tm *tm)
+{
+ char *t, *s;
+
+ if (!tm)
+ return NULL;
+
+ s = asctime(tm);
+ if (!s)
+ return NULL;
+
+ if (*(t = s + strlen(s) - 1) == '\n')
+ *t = '\0';
+ return strdup(s);
+}
static void __attribute__((__noreturn__)) usage(FILE *out)
{
size_t i;
fputs(USAGE_OPTIONS, out);
fputs(_(" -a, --acc-expiration Display data\n"), out);
fputs(_(" -c, --colon-separate Display data in a format similar to /etc/passwd\n"), out);
- fputs(_(" -d, --duplicates Display users with duplicate UIDs\n"), out);
fputs(_(" -e, --export Display in an export-able output format\n"), out);
fputs(_(" -f, --failed Display data about the last users' failed logins\n"), out);
fputs(_(" -g, --groups=<GROUPS> Display users belonging to a group in GROUPS\n"), out);
fputs(_(" -l, --logins=<LOGINS> Display only users from LOGINS\n"), out);
- fputs(_(" --last Show info about the last login sessions\n"), out);
+ fputs(_(" --last Show info about the users' last login sessions\n"), out);
fputs(_(" -m, --more Display secondary groups as well\n"), out);
fputs(_(" -n, --newline Display each piece of information on a new line\n"), out);
fputs(_(" -o, --output[=<LIST>] Define the columns to output\n"), out);
- fputs(_(" -p, --no-password Display users without a password\n"), out);
fputs(_(" -r, --raw Display the raw table\n"), out);
- fputs(_(" -s, --sys-accs[=<UID>] Display system accounts\n"), out);
+ fputs(_(" -s, --sys-accs Display system accounts\n"), out);
fputs(_(" -t, --sort Sort output by login instead of UID\n"), out);
- fputs(_(" -u, --user-accs[=<UID>] Display user accounts\n"), out);
+ fputs(_(" -u, --user-accs Display user accounts\n"), out);
fputs(_(" -x, --extra Display extra information\n"), out);
- fputs(_(" -z, --print0 Delimit user entries with a nul character"), out);
+ fputs(_(" -z, --print0 Delimit user entries with a nul character\n"), out);
+ fputs(_(" -Z, --context Display the users' security context\n"), out);
fputs(USAGE_SEPARATOR, out);
fputs(USAGE_HELP, out);
fputs(USAGE_VERSION, out);
exit(out == stderr ? EXIT_FAILURE : EXIT_SUCCESS);
}
+struct lslogins_sgroups {
+ char *gid;
+ char *uname;
+ struct lslogins_sgroups *next;
+};
+
+static char *uidtostr(uid_t uid)
+{
+ char *str_uid = NULL;
+ return (0 > xasprintf(&str_uid, "%u", uid)) ? NULL : str_uid;
+}
+
+static char *gidtostr(gid_t gid)
+{
+ char *str_gid = NULL;
+ return (0 > xasprintf(&str_gid, "%u", gid)) ? NULL : str_gid;
+}
+
+static struct lslogins_sgroups *build_sgroups_list(int len, gid_t *list, int *slen)
+{
+ int n = 0;
+ struct lslogins_sgroups *sgrps, *retgrps;
+
+ *slen = 0;
+
+ if (!len || !list)
+ return NULL;
+
+ retgrps = sgrps = calloc(1, sizeof(struct lslogins_sgroups));
+ while (n < len) {
+ if (sgrps->next)
+ sgrps = sgrps->next;
+
+ sgrps->gid = gidtostr(list[n]);
+ sgrps->uname = strdup(getgrgid(list[n])->gr_name);
+
+ *slen += strlen(sgrps->gid) + strlen(sgrps->uname);
+
+ sgrps->next = calloc(1, sizeof(struct lslogins_sgroups));
+
+ ++n;
+
+ }
+ /* a pair of parentheses for each group + (n - 1) commas in between */
+ slen += 3 * n - 1;
+
+ free (sgrps->next);
+ sgrps->next = NULL;
+
+ return retgrps;
+}
+static void free_sgroups_list(struct lslogins_sgroups *sgrps)
+{
+ struct lslogins_sgroups *tmp;
+
+ if (!sgrps)
+ return;
+
+ tmp = sgrps->next;
+ while (tmp) {
+ free(sgrps->gid);
+ free(sgrps->uname);
+ free(sgrps);
+ sgrps = tmp;
+ tmp = tmp->next;
+ }
+}
+static char *build_sgroups_string(int len, gid_t *list)
+{
+ char *ret = NULL, *slist;
+ int slen, prlen;
+ struct lslogins_sgroups *sgrps;
+
+ sgrps = build_sgroups_list(len, list, &slen);
+
+ if (!sgrps)
+ return NULL;
+
+ ret = slist = calloc (1, sizeof(char) * (slen + 1));
+
+ while (sgrps->next) {
+ prlen = sprintf(slist, "%s(%s),", sgrps->gid, sgrps->uname);
+ if (prlen < 0) {
+ free_sgroups_list(sgrps);
+ return NULL;
+ }
+ slist += prlen;
+ sgrps = sgrps->next;
+ }
+ prlen = sprintf(slist, "%s(%s)", sgrps->gid, sgrps->uname);
+
+ return ret;
+}
+
+static struct utmp *get_recent_wtmp(const char *username)
+{
+ size_t n = 0;
+ size_t len;
+
+ if (!username)
+ return NULL;
+
+ len = strlen(username);
+ n = wtmp_size - 1;
+ while (n) {
+ if (!strncmp(username, wtmp[n].ut_user, len < UT_NAMESIZE ? len : UT_NAMESIZE))
+ return wtmp + n;
+ --n;
+ }
+ return NULL;
+
+}
+static struct utmp *get_recent_btmp(const char *username)
+{
+ size_t n = 0;
+ size_t len;
+
+ if (!username)
+ return NULL;
+
+ len = strlen(username);
+ n = btmp_size - 1;
+ while (n) {
+ if (!strncmp(username, btmp[n].ut_user, len < UT_NAMESIZE ? len : UT_NAMESIZE))
+ return btmp + n;
+ --n;
+ }
+ return NULL;
+
+}
+
+static int parse_wtmp(void)
+{
+ int rc = 0;
+
+ rc = read_utmp(_PATH_WTMP, &wtmp_size, &wtmp);
+ if (rc < 0 && errno != EACCES)
+ err(EXIT_FAILURE, "%s: %s", _PATH_WTMP, strerror(errno));
+ return rc;
+
+ return rc;
+}
+static int parse_btmp(void)
+{
+ int rc = 0;
+
+ rc = read_utmp(_PATH_BTMP, &btmp_size, &btmp);
+ if (rc < 0 && errno != EACCES)
+ err(EXIT_FAILURE, "%s: %s", _PATH_BTMP, strerror(errno));
+ return rc;
+
+ return rc;
+}
+
+static int get_sgroups(int *len, gid_t **list, struct passwd *pwd)
+{
+ int n = 0;
+ gid_t *safelist;
+
+ getgrouplist(pwd->pw_name, pwd->pw_gid, *list, len);
+ if (!*len)
+ return -1;
+
+ *list = malloc(*len * sizeof(gid_t));
+
+ if (-1 == getgrouplist(pwd->pw_name, pwd->pw_gid, *list, len))
+ return -1;
+
+ while (n < *len) {
+ if ((*list)[n] == pwd->pw_gid)
+ break;
+ ++n;
+ }
+ (*list)[n] = (*list)[--(*len)];
+
+ safelist = xrealloc (*list, *len * sizeof(gid_t));
+ if (!safelist && *len) {
+ free (*list);
+ return -1;
+ }
+ *list = safelist;
+
+ return 0;
+
+}
+
+static struct lslogins_user *get_user_info(const char *username, const int *columns, const int ncolumns)
+{
+ struct lslogins_user *user;
+ struct passwd *pwd;
+ struct group *grp;
+ struct spwd *shadow;
+ struct utmp *user_wtmp = NULL, *user_btmp = NULL;
+ int n = 0;
+ time_t time;
+ struct tm tm;
+ uid_t uid;
+
+ user = xcalloc(1, sizeof(struct lslogins_user));
+ if (!user) {
+ errno = ENOMEM;
+ return NULL;
+ }
+ INIT_LIST_HEAD(&user->ulist);
+
+ errno = 0;
+ pwd = username ? getpwnam(username) : getpwent();
+ if (!pwd)
+ return NULL;
+
+ uid = pwd->pw_uid;
+ if ((uberflag & F_USRAC) &&
+ strcmp("nfsnobody", pwd->pw_name)) {
+ if (uid < UID_MIN || uid > UID_MAX) {
+ errno = EAGAIN;
+ return NULL;
+ }
+ }
+ else if (uberflag & F_SYSAC) {
+ if (uid < SYS_UID_MIN || uid > SYS_UID_MAX) {
+ errno = EAGAIN;
+ return NULL;
+ }
+ }
+
+ grp = getgrgid(pwd->pw_gid);
+ if (!grp)
+ return NULL;
+
+ if (wtmp)
+ user_wtmp = get_recent_wtmp(pwd->pw_name);
+ if (btmp)
+ user_btmp = get_recent_btmp(pwd->pw_name);
+
+ /* sufficient permissions to get a shadow entry? */
+ errno = 0;
+ lckpwdf();
+ shadow = getspnam(pwd->pw_name);
+ ulckpwdf();
+ if (!shadow && errno != EACCES)
+ err(EXIT_FAILURE, "%s", strerror(errno));
+
+ if (shadow) {
+ /* we want these dates in seconds */
+ shadow->sp_min *= 86400;
+ shadow->sp_max*= 86400;
+ shadow->sp_lstchg *= 86400;
+ }
+ /* we store the uid unconditionally, for sorting */
+ /* TODO: only if not -t --> faster?? */
+ user->uid = pwd->pw_uid;
+
+ while (n < ncolumns) {
+ switch (columns[n++]) {
+ case COL_LOGIN:
+ user->login = strdup(pwd->pw_name);
+ break;
+ case COL_UID:
+ /* just a placeholder, see above*/
+ break;
+ case COL_PGRP:
+ user->group = strdup(grp->gr_name);
+ break;
+ case COL_PGID:
+ user->gid = (pwd->pw_gid);
+ break;
+ case COL_SGRPS:
+ {
+ int n = 0;
+ gid_t *list = NULL;
+
+ if (get_sgroups(&n, &list, pwd))
+ err(EXIT_FAILURE, "Unable to get secondary groups(%s)", strerror(errno));
+ user->sgroups = build_sgroups_string(n, list);
+ if (!user->sgroups)
+ user->sgroups = "";
+ break;
+ }
+ case COL_HOME:
+ user->homedir = strdup(pwd->pw_dir);
+ break;
+ case COL_SHELL:
+ user->shell = strdup(pwd->pw_shell);
+ break;
+ case COL_FULLNAME:
+ user->gecos = strdup(pwd->pw_gecos);
+ break;
+ /* strdup us? ? */
+ case COL_LAST_LOGIN:
+ if (user_wtmp) {
+ time = user_wtmp->ut_tv.tv_sec;
+ localtime_r(&time, &tm);
+ user->last_login = make_time(&tm);
+ }
+ else
+ user->last_login = "-";
+ break;
+ case COL_LAST_TTY:
+ if (user_wtmp)
+ user->last_tty = user_wtmp->ut_line;
+ else
+ user->last_tty = "-";
+ break;
+ case COL_LAST_HOSTNAME:
+ if (user_wtmp)
+ user->last_hostname = user_wtmp->ut_host;
+ else
+ user->last_hostname = "-";
+ break;
+ case COL_FAILED_LOGIN:
+ if (user_btmp) {
+ time = user_btmp->ut_tv.tv_sec;
+ localtime_r(&time, &tm);
+ user->failed_login = make_time(&tm);
+ }
+ else
+ user->failed_login = "-";
+ break;
+ case COL_FAILED_TTY:
+ if (user_btmp)
+ user->failed_tty = user_btmp->ut_line;
+ else
+ user->failed_tty = "-";
+ break;
+ case COL_HUSH_STATUS:
+ user->hushed = get_hushlogin_status(pwd, 0);
+ if (user->hushed == -1)
+ user->hushed = 2;
+ break;
+ case COL_NOPASSWD:
+ if (shadow) {
+ if (!*shadow->sp_pwdp) /* '\0' */
+ user->nopasswd = 1;
+ else
+ user->nopasswd = 0;
+ }
+ else
+ user->nopasswd = 2;
+ break;
+ case COL_NOLOGIN:
+ if ((pwd->pw_uid && !(close(open("/etc/nologin", O_RDONLY)))) ||
+ strstr(pwd->pw_shell, "nologin")) {
+ user->nologin = 1;
+ }
+ else
+ user->nologin = 0;
+ break;
+ case COL_LOCKED:
+ if (shadow) {
+ if (*shadow->sp_pwdp == '!')
+ user->locked = 1;
+ else
+ user->locked = 0;
+ break;
+ }
+ else
+ user->locked = 2;
+ break;
+ case COL_PWD_EXPIR:
+ if (shadow && shadow->sp_expire != -1) {
+ localtime_r(&shadow->sp_expire, &tm);
+ user->pwd_expir = make_time(&tm);
+ }
+ else
+ user->pwd_expir = "-";
+ break;
+ case COL_PWD_CTIME:
+ if (shadow) {
+ localtime_r(&shadow->sp_lstchg, &tm);
+ user->pwd_ctime = make_time(&tm);
+ }
+ else
+ user->pwd_ctime = "-";
+ break;
+ case COL_PWD_CTIME_MIN:
+
+ if (shadow) {
+ if (shadow->sp_min <= 0) {
+ user->pwd_ctime_min = "unlimited";
+ }
+ else {
+ localtime_r(&shadow->sp_min, &tm);
+ user->pwd_ctime_min = make_time(&tm);
+ }
+ }
+ else
+ user->pwd_ctime_min = "-";
+ break;
+ case COL_PWD_CTIME_MAX:
+ if (shadow) {
+ if (shadow->sp_max <= 0)
+ user->pwd_ctime_max = "unlimited";
+ else {
+ localtime_r(&shadow->sp_max, &tm);
+ user->pwd_ctime_max = make_time(&tm);
+ }
+ }
+ else
+ user->pwd_ctime_max = "-";
+ break;
+ case COL_SELINUX:
+ {
+#ifdef HAVE_LIBSELINUX
+ /* typedefs and pointers are pure evil */
+ security_context_t con = NULL;
+ if (getcon(&con))
+ return NULL;
+ user->context = con;
+#endif
+ }
+ break;
+ default:
+ /* something went very wrong here */
+ err(EXIT_FAILURE, "fatal: unknown error");
+ }
+ }
+
+ return user;
+}
+/* some UNIX implementations set errno iff a passwd/grp/...
+ * entry was not found. The original UNIX logins utility always
+ * ignores invalid login/group names, so we're going to as well.*/
+#define IS_REAL_ERRNO(e) !((e) == ENOENT || (e) == ESRCH || (e) == EBADF || (e) == EPERM || (e) == EAGAIN)
+#define HANDLE_ERROR(e) do { if ((e) && IS_REAL_ERRNO(e)) { err(1,"%s",strerror(errno)); return -1;} } while (0)
+
+static struct lslogins_user *get_next_user(const int *columns, const int ncolumns)
+{
+ struct lslogins_user *u;
+ errno = 0;
+ while (!(u = get_user_info(NULL, columns, ncolumns))) {
+ /* no "false" errno-s here, if we're unable to
+ * get a valid user entry for any reason, quit */
+ if (errno == EAGAIN)
+ continue;
+ return NULL;
+ }
+ return u;
+}
+
+static int get_user(struct lslogins_user **user,
+ const char *username, const int *columns, const int ncolumns)
+{
+ *user = get_user_info(username, columns, ncolumns);
+ if (!*user && errno)
+ HANDLE_ERROR(errno);
+ return 0;
+}
+
+static int user_in_list(struct list_head *head, char *uname)
+{
+ struct list_head *p;
+ list_for_each(p, head) {
+ if (!strcmp(uname, list_entry(p, struct lslogins_user, ulist)->login))
+ return 1;
+ }
+ return 0;
+}
+
+static int create_userlist(char *logins, char *groups, const int *const columns, const int ncolumns)
+{
+ char *username, *gname;
+ struct lslogins_user *user = NULL;
+ struct group *grp;
+ int n = 0;
+
+ if (!logins && !groups) {
+ while ((user = get_next_user(columns, ncolumns)))
+ list_add(&user->ulist, &userlist);
+
+ HANDLE_ERROR(errno);
+ }
+ if (logins) {
+ while ((username = strtok(logins, ",")) != NULL) {
+ logins = NULL;
+ if (get_user(&user, username, columns, ncolumns))
+ return -1;
+ if (user) /* otherwise an invalid user name has probably been given */
+ list_add(&user->ulist, &userlist);
+ }
+ }
+ if (groups) {
+ while ((gname = strtok(groups, ",")) != NULL) {
+ groups = NULL;
+ errno = 0;
+ grp = getgrnam(gname);
+ if (!grp) {
+ HANDLE_ERROR(errno);
+ continue; /* not a "real" errno */
+ }
+
+ while ((username = grp->gr_mem[n++])) {
+
+ if (!user_in_list(&userlist, username)) {
+ if (get_user(&user, username, columns, ncolumns))
+ return -1;
+ if (user) /* otherwise an invalid user name has probably been given */
+ list_add(&user->ulist, &userlist);
+ }
+ }
+ }
+ }
+ return 0;
+}
+static int cmp_uname(struct list_head *a, struct list_head *b, void *data __attribute__((unused)))
+{
+ return strcmp(list_entry(a,struct lslogins_user,ulist)->login,
+ list_entry(b,struct lslogins_user,ulist)->login);
+}
+static int cmp_uid(struct list_head *a, struct list_head *b, void *data __attribute__((unused)))
+{
+ return bcmp(&list_entry(a,struct lslogins_user,ulist)->uid,
+ &list_entry(b,struct lslogins_user,ulist)->uid,
+ sizeof(uid_t));
+}
+static void sort_userlist(void)
+{
+ if (uberflag & F_SORT)
+ list_sort(&userlist,cmp_uname, NULL);
+ else
+ list_sort(&userlist,cmp_uid, NULL);
+}
+static struct libscols_table *setup_table(const int *const columns, const int ncolumns)
+{
+ struct libscols_table *tb = scols_new_table();
+ int n = 0;
+ if (!tb)
+ return NULL;
+
+ switch(outmode) {
+ case out_colon:
+ scols_table_enable_raw(tb, 1);
+ scols_table_set_column_separator(tb, ":");
+ break;
+ case out_newline:
+ scols_table_set_column_separator(tb, "\n");
+ /* fallthrough */
+ case out_export:
+ scols_table_enable_export(tb, 1);
+ break;
+ case out_nul:
+ scols_table_set_line_separator(tb, "\0");
+ /* fallthrough */
+ case out_raw:
+ scols_table_enable_raw(tb, 1);
+ break;
+ default:
+ break;
+ }
+
+ while (n < ncolumns) {
+ if (!scols_table_new_column(tb, coldescs[columns[n]].name,
+ coldescs[columns[n]].whint, 0))
+ goto fail;
+ ++n;
+ }
+
+ return tb;
+fail:
+ scols_unref_table(tb);
+ return NULL;
+}
+
+static int print_user_table(const int *const columns, const int ncolumns)
+{
+ int n;
+ struct list_head *p;
+ struct libscols_table *tb;
+ struct libscols_line *ln;
+ struct lslogins_user *user;
+
+ tb = setup_table(columns, ncolumns);
+ if (!tb)
+ return -1;
+
+ sort_userlist();
+
+ list_for_each(p, &userlist) {
+ user = list_entry(p, struct lslogins_user, ulist);
+ n = 0;
+ ln = scols_table_new_line(tb, NULL);
+ while (n < ncolumns) {
+ switch (columns[n]) {
+ case COL_LOGIN:
+ if (scols_line_set_data(ln, n, user->login))
+ goto fail;
+ break;
+ case COL_UID:
+ {
+ char *str_uid = uidtostr(user->uid);
+ if (!str_uid || scols_line_set_data(ln, n, str_uid))
+ goto fail;
+ break;
+ }
+ case COL_NOPASSWD:
+ if (scols_line_set_data(ln, n, status[user->nopasswd]))
+ goto fail;
+ break;
+ case COL_NOLOGIN:
+ if (scols_line_set_data(ln, n, status[user->nologin]))
+ goto fail;
+ break;
+ case COL_LOCKED:
+ if (scols_line_set_data(ln, n, status[user->locked]))
+ goto fail;
+ break;
+ case COL_PGRP:
+ if (scols_line_set_data(ln, n, user->group))
+ goto fail;
+ break;
+ case COL_PGID:
+ {
+ char *str_gid = gidtostr(user->gid);
+ if (!str_gid || scols_line_set_data(ln, n, str_gid))
+ goto fail;
+ break;
+ }
+ case COL_SGRPS:
+ if (scols_line_set_data(ln, n, user->sgroups))
+ goto fail;
+ break;
+ case COL_HOME:
+ if (scols_line_set_data(ln, n, user->homedir))
+ goto fail;
+ break;
+ case COL_SHELL:
+ if (scols_line_set_data(ln, n, user->shell))
+ goto fail;
+ break;
+ case COL_FULLNAME:
+ if (scols_line_set_data(ln, n, user->gecos))
+ goto fail;
+ break;
+ case COL_LAST_LOGIN:
+ if (scols_line_set_data(ln, n, user->last_login))
+ goto fail;
+ break;
+ case COL_LAST_TTY:
+ if (scols_line_set_data(ln, n, user->last_tty))
+ goto fail;
+ break;
+ case COL_LAST_HOSTNAME:
+ if (scols_line_set_data(ln, n, user->last_hostname))
+ goto fail;
+ break;
+ case COL_FAILED_LOGIN:
+ if (scols_line_set_data(ln, n, user->failed_login))
+ goto fail;
+ break;
+ case COL_FAILED_TTY:
+ if (scols_line_set_data(ln, n, user->failed_tty))
+ goto fail;
+ break;
+ case COL_HUSH_STATUS:
+ if (scols_line_set_data(ln, n, status[user->hushed]))
+ goto fail;
+ break;
+#define PWD_TIME(S,L,T) strftime((S),(L), "%a %b %d %Y", (T))
+ case COL_PWD_EXPIR:
+ if (scols_line_set_data(ln, n, user->pwd_expir))
+ goto fail;
+ break;
+ case COL_PWD_CTIME:
+ if (scols_line_set_data(ln, n, user->pwd_ctime))
+ goto fail;
+ break;
+ case COL_PWD_CTIME_MIN:
+ if (scols_line_set_data(ln, n, user->pwd_ctime_min))
+ goto fail;
+ break;
+ case COL_PWD_CTIME_MAX:
+ if (scols_line_set_data(ln, n, user->pwd_ctime_max))
+ goto fail;
+ break;
+#ifdef HAVE_LIBSELINUX
+ case COL_SELINUX:
+ if (scols_line_set_data(ln, n, user->context))
+ goto fail;
+ break;
+#endif
+ default:
+ /* something went very wrong here */
+ err(EXIT_FAILURE, "fatal: unknown error");
+ }
+ ++n;
+ }
+ }
+ scols_print_table(tb);
+ scols_unref_table(tb);
+ return 0;
+fail:
+ return -1;
+}
+
int main(int argc, char *argv[])
{
static const struct option longopts[] = {
{ "acc-expiration", no_argument, 0, 'a' },
{ "colon", no_argument, 0, 'c' },
- { "duplicates", no_argument, 0, 'd' },
{ "export", no_argument, 0, 'e' },
{ "failed", no_argument, 0, 'f' },
{ "groups", required_argument, 0, 'g' },
{ "logins", required_argument, 0, 'l' },
{ "more", no_argument, 0, 'm' },
{ "newline", no_argument, 0, 'n' },
- { "output", optional_argument, 0, 'o' },
- { "no-password", no_argument, 0, 'p' },
+ { "output", required_argument, 0, 'o' },
{ "last", no_argument, 0, OPT_LAST },
{ "raw", no_argument, 0, 'r' },
- { "sys-accs", optional_argument, 0, 's' },
+ { "sys-accs", no_argument, 0, 's' },
{ "sort", no_argument, 0, 't' },
- { "user-accs", optional_argument, 0, 'u' },
+ { "user-accs", no_argument, 0, 'u' },
{ "version", no_argument, 0, OPT_VER },
{ "extra", no_argument, 0, 'x' },
{ "print0", no_argument, 0, 'z' },
+#ifdef HAVE_LIBSELINUX
+ { "context", no_argument, 0, 'Z' },
+#endif
{ NULL, 0, 0, 0 }
};
textdomain(PACKAGE);
atexit(close_stdout);
- while ((c = getopt_long(argc, argv, "acdefg:hl:mno::prs::tu::xz",
+ while ((c = getopt_long(argc, argv, "acefg:hl:mno:rstuxzZ",
longopts, NULL)) != -1) {
err_exclusive_options(c, longopts, excl, excl_st);
case 'c':
outmode = out_colon;
break;
- case 'd':
- uberflag |= F_DUP;
- break;
+ /* a slow option; however the only reason to use it
+ * is after hand-editing the /etc/passwd file */
case 'e':
outmode = out_export;
break;
return EXIT_FAILURE;
}
break;
- case 'p':
- uberflag |= F_NOPWD;
- break;
case 'r':
outmode = out_raw;
break;
uberflag |= F_LAST;
break;
case 's':
+ SYS_UID_MIN = strtoul(getlogindefs_str("SYS_UID_MIN", UL_SYS_UID_MIN), NULL, 0);
+ SYS_UID_MAX = strtoul(getlogindefs_str("SYS_UID_MAX", UL_SYS_UID_MAX), NULL, 0);
uberflag |= F_SYSAC;
break;
case 't':
uberflag |= F_SORT;
break;
case 'u':
+ UID_MIN = strtoul(getlogindefs_str("UID_MIN", UL_UID_MIN), NULL, 0);
+ UID_MAX = strtoul(getlogindefs_str("UID_MAX", UL_UID_MAX), NULL, 0);
uberflag |= F_USRAC;
break;
case OPT_VER:
case 'z':
outmode = out_nul;
break;
+ case 'Z':
+#ifdef HAVE_LIBSELINUX
+ if (0 < is_selinux_enabled())
+ uberflag |= F_SELINUX;
+ else
+#endif
+ err(0, "warning: --context only works on a system with SELinux enabled");
+ break;
default:
usage(stderr);
}
if (argc != optind)
usage(stderr);
+ /* lslogins -u -s == lslogins */
+ if (uberflag & F_USRAC && uberflag & F_SYSAC)
+ uberflag &= ~(F_USRAC & F_SYSAC);
+
if (!ncolumns) {
columns[ncolumns++] = COL_LOGIN;
- columns[ncolumns++] = COL_UID;
+ columns[ncolumns++] = COL_UID; /* TODO: always get this info, for sorting */
columns[ncolumns++] = COL_PGRP;
columns[ncolumns++] = COL_PGID;
columns[ncolumns++] = COL_FULLNAME;
columns[ncolumns++] = COL_LAST_LOGIN;
columns[ncolumns++] = COL_LAST_TTY;
columns[ncolumns++] = COL_LAST_HOSTNAME;
+ want_wtmp = 1;
}
if (uberflag & F_FAIL) {
columns[ncolumns++] = COL_FAILED_LOGIN;
columns[ncolumns++] = COL_FAILED_TTY;
+ want_btmp = 1;
}
if (uberflag & F_EXTRA) {
columns[ncolumns++] = COL_HOME;
columns[ncolumns++] = COL_SHELL;
- columns[ncolumns++] = COL_PWD_STATUS;
+ columns[ncolumns++] = COL_NOPASSWD;
+ columns[ncolumns++] = COL_NOLOGIN;
+ columns[ncolumns++] = COL_LOCKED;
columns[ncolumns++] = COL_HUSH_STATUS;
- /* columns[ncolumns++] = COL_PWD_CTIME_MAX;
- columns[ncolumns++] = COL_PWD_CTIME_MIN; */
+ columns[ncolumns++] = COL_PWD_CTIME_MIN;
+ columns[ncolumns++] = COL_PWD_CTIME_MAX;
}
+ if (uberflag & F_SELINUX)
+ columns[ncolumns++] = COL_SELINUX;
}
+
+ if (want_wtmp)
+ parse_wtmp();
+ if (want_btmp)
+ parse_btmp();
+
+ INIT_LIST_HEAD(&userlist);
+ if (create_userlist(logins, groups, columns, ncolumns))
+ return EXIT_FAILURE;
+
+ print_user_table(columns, ncolumns);
+
return EXIT_SUCCESS;
}
projects / thirdparty / util-linux.git / commitdiff
