Book notes 6 in Linux/Unix programming manual

Linux/Unix System Programming Manual Reading Notes

Chapter 2

This chapter focuses on a bunch of IDs. Actual user (Group) ID, valid user (Group) ID, save set user (Group) ID, file system user (Group) ID. And the secondary group ID.

The actual user ID is determined.

The valid user ID is determined when the process is executed. PS: Processes with valid user ID 0 have all superuser permissions.

When you know how to save the set user ID (saved set-user-ID), Let's first look at the set-user-ID (for files ).

If a user ID is set for the executable file, the user ID of the process is set as the user ID of the execution file when the file is executed.

For example, if the user ID of an execution file is root and the user ID is set, when a user (non-root) runs the file, the valid user ID of the process becomes root, that is, 0 to obtain the superprocess user permissions. For example, passwd and ping. Both files belong to root, but these two files cannot be executed as root. Through ls-l, we can see that they have set the set-user-ID bit.

Lancelot @ debian :~ $-L/bin/-rwsr-xr-x root April/bin /~ $-L/usr/bin/-rwsr-xr-x root May/usr/bin/

Let's take a detailed example:

For an executable file check_password, check whether the password is correct based on/etc/shadow, but the permission is required to access/etc/shadow.

Lancelot @ debian :~ /Code/tlpi $ -- rwxr-xr-x lancelot April :~ /Code/tlpi $ ./

Then we first modify its user ID, and then set the user ID permission bit. Then let's take a look at the running results.

Lancelot @ debian :~ /Code/tlpi $ ~ /Code/tlpi $ u + ~ /Code/tlpi $ -- rwsr-xr-x root lancelot April :~ /Code/tlpi $./=

Now let's take a look at how to save the Set User ID, which is actually a copy of the valid user ID of the process.

The file system user ID determines the permission for file system operations. The value is usually the same as the valid user ID. PS: When the valid user ID changes, the user ID of the file system changes immediately (to the same value ).

Obtain the actual user and valid user ID

 #include <unistd.h>  uid_t getuid();        uid_t geteuid();      gid_t getgid();        gid_t getegid();   

Modify valid ID:

 #include <unistd.h>     setgid(gid_t gid);

0 is returned for successful modification, and-1 is returned for failure.

PS: When a non-authorized process (valid ID is 0) calls to modify a valid ID, only the valid user ID of the process can be modified (set its value to the actual user ID and save the Set User ID ). When a privileged process calls to modify a valid ID, the actual user ID, valid user ID, and saved user ID are set to uid values.

 #include <unistd.h>     setegid(gid_t egid);

0 is returned for successful modification, and-1 is returned for failure.

PS: a non-authorized process can only set a valid user ID to the actual user ID or save the Set User ID. A privileged process can set a valid user ID to any value.

Modify the actual ID and valid ID

#include <unistd.h> seregid(gid_t rgid, gid_t egid);

0 is returned for successful modification, and-1 is returned for failure.

The first parameter is the new actual ID, and the second parameter is the new valid ID. If you only modify one of them, you can set the value of the other to-1.

Get the actual, valid, and save settings ID:

  _GNU_SOURCE #include <unistd.h>   getresuid(uid_t *ruid, uid_t *euid, uid_t *   getresgid(gid_t *rgid, gid_t *egid, gid_t *sgid);

0 is returned for successful retrieval, and-1 is returned for failed retrieval.

Modify the actual, valid, and save settings ID:

  _GNU_SOURCE #include <unistd.h>     getresgid(gid_t rgid, gid_t egid, gid_t sgid);

0 is returned for successful modification, and-1 is returned for failure.

If you do not want to modify the ID, you can set it to-1.

Get and modify the File System ID:

 #inlcude <sys/fsuid.h>     setfsgid(gid_t fsgid);

---------------------------------------------------------- Omitting the secondary group ID ----------------------------------------------

 

Chapter 2

This chapter focuses on the concept of time. There are two types of time: 1. Real time; 2. process time.

Real Time:

1. Calendar time, used to stamp records or files.

2. The program that requires periodic operations or regular measurement from external input devices.

Calendar time:

In a UNIX system, the time is expressed in seconds since, January 1, January 1, 1970.

 #include <time.h>  time_t time(time_t *timep);

Returns the number of seconds since, January 1, January 1, 1970. If an error occurs,-1 is returned.

If timep is NULL, the number of seconds since on January 1, January 1, 1970 is directly returned. If it is not NULL, the number of seconds is placed at the position pointed to by timep.

After obtaining the number of seconds, you need to use some functions to convert the number of seconds to the human-readable format.

Ctime:

 #include <time.h>   *ctime( time_t *timep);

Returns the pointer to the statically allocated string. If an error occurs, NULL is returned.

 #include <stdio.h> #include <time.h>   main( argc,  *     time_t t =     printf(, ctime(&       }

Result:

 lancelot@debian:~/Code/tlpi$ ./ Sat Apr  :: 

Sometimes we not only need to convert the time into printable format, but also need to split the time into many independent fields. Gmtime () or localtime () is used in this case ().

 #include <time.h>   tm *gmtime( time_t *   tm* localtime( time_t *timep);

Returns the pointer to the statically allocated string. If an error occurs, NULL is returned. Gmtime returns the time of decomposition of UTC, and localtime returns the time of decomposition of the system's local time.

If there is a decomposition time, you can use mktime to output the corresponding number of seconds.

 #include <time.h>  time_t mktime( tm *timeptr);

Returns the number of seconds from on the morning of January 1, January 1, 1970 to the decomposition time. If an error occurs,-1 is returned.

We can also convert the Decomposition Time To the printable time.

 #include <time.h>   *asctime(  tm *timeptr);

Returns the pointer to the statically allocated string. if the error is returned, NULL is returned.

 

------ It was written before going to bed last night .... It seems that I understand the process ID ..... Very happy.

------ When you see others' gains, you also need to see the blood and sweat of others. You are behind others because you are not diligent enough.

------ Make great efforts to recruit new students in March !!!!!!!! There is still time !!!!!!!