The Linux programming Interface and Groups users and Groups __linux

Source: Internet
Author: User
Tags crypt

The Linux programming Interface

Users and Groups

(01) Users and Groups

Every user has a unique login name and an associated numeric user identifier (UID). Users can belong to one or more groups. Each group also has a unique name and a group identifier (GID).

(/etc/passwd) Documents

With the user name, login ID, and other information.

(03) Password file/etc/shadow

The shadow password file,/etc/shadow, is devised as a method of preventing such.

(/etc/group)

Group functions Folder

(05) Obtaining user and group information

#include <pwd.h>

struct passwd *getpwnam (const char *name);

struct passwd *getpwuid (uid_t uid);

Given a login name in name, the Getpwnam () function returns a pointer to a structure of the following type, containing the Corresponding information from the password:

struct passwd {
    char *pw_name;	/* Login name (username) */
    char *pw_passwd;	/* Encrypted Password * *
    uid_t pw_uid;	/* User ID *
    /gid_t pw_gid;	/* Group ID *
    /char *pw_gecos;	/* Comment (User information) */
    char *pw_dir;	/* Initial Working (Home) directory */
    char *pw_shell;	/* Login Shell *
/};

(a) Getpwnam, Getpwuid, Getgrnam, getgrgid example

Get name through UID, UID by name, and group.

#include <pwd.h> #include <grp.h> #include <ctype.h> #include "ugid_functions.h"/* Declares functions Defined here/* return name corresponding to ' uid ', or NULL On Error */char * USERNAMEFROMID (uid_t uid) {struct PAS
	SWD *pwd;
	PWD = Getpwuid (UID); return (pwd = NULL)?
null:pwd->pw_name;
	}/* return UID corresponding to ' name ', or-1 On Error */uid_t useridfromname (const char *name) {struct passwd;
	uid_t u;
	Char *endptr;
	if (name = = NULL | | *name = = ' return-1 ');
	
	u = strtol (name, &endptr,) if (*endptr = = ' ") return u;
	PWD = Getpwnam (name);
	if (pwd = = NULL) return-1;
Return pwd->pw_uid;
	}/* return name corresponding to ' gid ', or NULL On Error */char *groupnamefromid (git_t gid) {struct Group *grp;
	GRP = Getgrpid (GID); return (grp = NULL)?
null:grp->gr_name;
	}/* return GID corresponding to ' name ', or-1 On Error */gid_t groupidfromname (const char *name) {struct Group *grp;
	gid_t G; Char *endptr;
	if (name = = NULL | | *name = = ' return-1 ');

	g = strtol (name, &endptr,) if (*endptr = = ' ") return g;
	GRP = Getgrnam (name);
    if (grp = NULL) return-1;
Return grp->gr_gid;
 }

(07) Get all the information

#include <pwd.h>
#include <stdio.h>

int main () {
    struct passwd *pwd;
    while ((pwd = Getpwent ())!= NULL)
        printf ("%-8s%5ld\n", Pwd->pw_name, (long) pwd->pw_uid);
    return 0;
}

Output:

wang@wang:~/documents/tlpi-dist/users_groups$./getall
Root 0
Daemon 1
Bin 2
SYS 3
Sync 4
Games 5
Mans 6
LP 7
Mail 8
News 9
UUCP 10
Proxy 13
Www-data 33
Backup 34
List 38
IRC 39
Gnats 41
Nobody 65534
Systemd-timesync 100
Systemd-network 101
Systemd-resolve 102
Systemd-bus-proxy 103
Syslog 104
_APT 105
Messagebus 106
Uuidd 107
LIGHTDM 108
Whoopsie 109
AVAHI-AUTOIPD 110
Avahi 111
DNSMASQ 112
Colord 113
Speech-dispatcher 114
Hplip 115
Kernoops 116
Pulse 117
Rtkit 118
Saned 119
Usbmux 120
Wang 1000

(08) Group

The Getgrent (), Setgrent (), and endgrent () functions perform tasks analogous the group file.

(09) Verify the login, the result is no permissions.

#define _BSD_SOURCE/* get Getpass () declaration from <unisstd.h> */#include <limits.h> #include &LT;PWD.H&G
T #include <shadow.h> #include "tlpi_hdr.h" #define _XOPEN_SOURCE/* Feature_test_macros (7) * * #include
	;unistd.h> int main (int argc, char *argv[]) {char *username, *password, *encrypted, *p;
	struct passwd *pwd;
	struct SPWD *spwd;
	Boolean Authok;
	size_t Len;
	Long Lnmax;
	Lnmax = sysconf (_sc_login_name_max);
	
	if (Lnmax = = 1) Lnmax = 256;
	Username = malloc (Lnmax);
	
	if (username = = NULL) errexit ("malloc");
	printf ("Username:");
	Fflush (stdout);
	
	if (fgets (username, Lnmax, stdin) = = NULL) exit (exit_failure);	
	Len = strlen (username);
	
	if (username[len-1] = = ' \ n ') username[len-1] = ';
	PWD = Getpwnam (username);
	
	if (pwd = = NULL) Fatal ("couldn ' t get password a record");
	Spwd = Getspnam (username);
	if (pwd = = NULL) Fatal ("couldn ' t get password a record");
	Spwd = Getspnam (username); if (spwd = = NULL && ERrno = = eacces) Fatal ("no permission to read shadow password file"); /* If there is a shadow password record, use the shadow Password/if (spwd!= NULL) pwd->pw_passwd = spwd->sp_p
	
	Wdp

	Password = getpass ("Password:");
	/* Encrypt Password and erase cleartext version immediately/encrypted = crypt (password, pwd->pw_passwd);
	
	for (p = password; *p!= ';) *p++ = ';

	if (encrypted = = NULL) errexit ("Crypt");
	Authok = strcmp (encrypted, pwd->pw_passwd) = = 0;
		if (!authok) {printf ("incorrect password\n");
	Exit (Exit_failure);

	printf ("Successfully authenticated:uid=%ld\n", (long) pwd->pw_uid);
/* Now do authenticated work ... */exit (exit_success);
 }
Some sad reminders of output:

wang@wang:~/documents/tlpi-dist/lib$./check_password
Username:wang
Error:no permission to read shadow password file

(10) Summary

Each user has a unique login name and a associated numeric user ID. Users can belong to one or over groups, each of which also has a unique name and a associated numeric. The primary purpose of these identifiers are to establish ownership of various system resources (e.g., files) and Permissi ONS for accessing them.

A user ' s name and ID are defined in THE/ETC/PASSWD file which also contains others about the user. A user ' s group membership are defined by fields in The/etc/passwd/and/etc/group files. A furher file,/etc/shadow, which can be read only by privileged processes, are used to separate the sensitive password inf Ormation from the publicly available user information in/etc/passwd. Various library functions are provided for retrieving information to all of these files.

The crypt () function encrypts a passwd in the same manner as the standard login program, which is useful Need to authenticate users.

(11) Exercise


Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.