2017-09-14 19:11:35 +02:00
|
|
|
// Copyright 2016 The Go Authors. All rights reserved.
|
2011-05-20 02:18:15 +02:00
|
|
|
// Use of this source code is governed by a BSD-style
|
|
|
|
// license that can be found in the LICENSE file.
|
|
|
|
|
2019-02-01 22:57:36 +01:00
|
|
|
// +build aix darwin dragonfly freebsd hurd js,wasm !android,linux nacl netbsd openbsd solaris
|
2018-09-24 23:46:21 +02:00
|
|
|
// +build !cgo osusergo
|
2011-10-27 01:57:58 +02:00
|
|
|
|
2011-05-20 02:18:15 +02:00
|
|
|
package user
|
|
|
|
|
|
|
|
import (
|
2017-09-14 19:11:35 +02:00
|
|
|
"bufio"
|
|
|
|
"bytes"
|
|
|
|
"errors"
|
|
|
|
"io"
|
|
|
|
"os"
|
2012-02-09 09:19:58 +01:00
|
|
|
"strconv"
|
2011-05-20 02:18:15 +02:00
|
|
|
"strings"
|
|
|
|
)
|
|
|
|
|
2017-09-14 19:11:35 +02:00
|
|
|
const groupFile = "/etc/group"
|
|
|
|
const userFile = "/etc/passwd"
|
2011-10-23 21:04:37 +02:00
|
|
|
|
2017-09-14 19:11:35 +02:00
|
|
|
var colon = []byte{':'}
|
2011-09-16 17:47:21 +02:00
|
|
|
|
2017-09-14 19:11:35 +02:00
|
|
|
func init() {
|
|
|
|
groupImplemented = false
|
|
|
|
}
|
2016-07-22 20:15:38 +02:00
|
|
|
|
2017-09-14 19:11:35 +02:00
|
|
|
// lineFunc returns a value, an error, or (nil, nil) to skip the row.
|
|
|
|
type lineFunc func(line []byte) (v interface{}, err error)
|
2016-07-22 20:15:38 +02:00
|
|
|
|
2017-09-14 19:11:35 +02:00
|
|
|
// readColonFile parses r as an /etc/group or /etc/passwd style file, running
|
|
|
|
// fn for each row. readColonFile returns a value, an error, or (nil, nil) if
|
|
|
|
// the end of the file is reached without a match.
|
|
|
|
func readColonFile(r io.Reader, fn lineFunc) (v interface{}, err error) {
|
|
|
|
bs := bufio.NewScanner(r)
|
|
|
|
for bs.Scan() {
|
|
|
|
line := bs.Bytes()
|
|
|
|
// There's no spec for /etc/passwd or /etc/group, but we try to follow
|
|
|
|
// the same rules as the glibc parser, which allows comments and blank
|
|
|
|
// space at the beginning of a line.
|
|
|
|
line = bytes.TrimSpace(line)
|
|
|
|
if len(line) == 0 || line[0] == '#' {
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
v, err = fn(line)
|
|
|
|
if v != nil || err != nil {
|
|
|
|
return
|
2016-07-22 20:15:38 +02:00
|
|
|
}
|
|
|
|
}
|
2017-09-14 19:11:35 +02:00
|
|
|
return nil, bs.Err()
|
2011-05-20 02:18:15 +02:00
|
|
|
}
|
|
|
|
|
2017-09-14 19:11:35 +02:00
|
|
|
func matchGroupIndexValue(value string, idx int) lineFunc {
|
|
|
|
var leadColon string
|
|
|
|
if idx > 0 {
|
|
|
|
leadColon = ":"
|
2012-02-09 09:19:58 +01:00
|
|
|
}
|
2017-09-14 19:11:35 +02:00
|
|
|
substr := []byte(leadColon + value + ":")
|
|
|
|
return func(line []byte) (v interface{}, err error) {
|
|
|
|
if !bytes.Contains(line, substr) || bytes.Count(line, colon) < 3 {
|
|
|
|
return
|
2011-05-20 02:18:15 +02:00
|
|
|
}
|
2017-09-14 19:11:35 +02:00
|
|
|
// wheel:*:0:root
|
|
|
|
parts := strings.SplitN(string(line), ":", 4)
|
|
|
|
if len(parts) < 4 || parts[0] == "" || parts[idx] != value ||
|
|
|
|
// If the file contains +foo and you search for "foo", glibc
|
|
|
|
// returns an "invalid argument" error. Similarly, if you search
|
|
|
|
// for a gid for a row where the group name starts with "+" or "-",
|
|
|
|
// glibc fails to find the record.
|
|
|
|
parts[0][0] == '+' || parts[0][0] == '-' {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
if _, err := strconv.Atoi(parts[2]); err != nil {
|
|
|
|
return nil, nil
|
|
|
|
}
|
|
|
|
return &Group{Name: parts[0], Gid: parts[2]}, nil
|
2011-05-20 02:18:15 +02:00
|
|
|
}
|
2016-07-22 20:15:38 +02:00
|
|
|
}
|
|
|
|
|
2017-09-14 19:11:35 +02:00
|
|
|
func findGroupId(id string, r io.Reader) (*Group, error) {
|
|
|
|
if v, err := readColonFile(r, matchGroupIndexValue(id, 2)); err != nil {
|
|
|
|
return nil, err
|
|
|
|
} else if v != nil {
|
|
|
|
return v.(*Group), nil
|
2011-05-20 02:18:15 +02:00
|
|
|
}
|
2017-09-14 19:11:35 +02:00
|
|
|
return nil, UnknownGroupIdError(id)
|
2016-07-22 20:15:38 +02:00
|
|
|
}
|
|
|
|
|
2017-09-14 19:11:35 +02:00
|
|
|
func findGroupName(name string, r io.Reader) (*Group, error) {
|
|
|
|
if v, err := readColonFile(r, matchGroupIndexValue(name, 0)); err != nil {
|
|
|
|
return nil, err
|
|
|
|
} else if v != nil {
|
|
|
|
return v.(*Group), nil
|
|
|
|
}
|
|
|
|
return nil, UnknownGroupError(name)
|
2016-07-22 20:15:38 +02:00
|
|
|
}
|
|
|
|
|
2017-09-14 19:11:35 +02:00
|
|
|
// returns a *User for a row if that row's has the given value at the
|
|
|
|
// given index.
|
|
|
|
func matchUserIndexValue(value string, idx int) lineFunc {
|
|
|
|
var leadColon string
|
|
|
|
if idx > 0 {
|
|
|
|
leadColon = ":"
|
2016-07-22 20:15:38 +02:00
|
|
|
}
|
2017-09-14 19:11:35 +02:00
|
|
|
substr := []byte(leadColon + value + ":")
|
|
|
|
return func(line []byte) (v interface{}, err error) {
|
|
|
|
if !bytes.Contains(line, substr) || bytes.Count(line, colon) < 6 {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
// kevin:x:1005:1006::/home/kevin:/usr/bin/zsh
|
|
|
|
parts := strings.SplitN(string(line), ":", 7)
|
|
|
|
if len(parts) < 6 || parts[idx] != value || parts[0] == "" ||
|
|
|
|
parts[0][0] == '+' || parts[0][0] == '-' {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
if _, err := strconv.Atoi(parts[2]); err != nil {
|
|
|
|
return nil, nil
|
|
|
|
}
|
|
|
|
if _, err := strconv.Atoi(parts[3]); err != nil {
|
|
|
|
return nil, nil
|
|
|
|
}
|
|
|
|
u := &User{
|
|
|
|
Username: parts[0],
|
|
|
|
Uid: parts[2],
|
|
|
|
Gid: parts[3],
|
|
|
|
Name: parts[4],
|
|
|
|
HomeDir: parts[5],
|
|
|
|
}
|
|
|
|
// The pw_gecos field isn't quite standardized. Some docs
|
|
|
|
// say: "It is expected to be a comma separated list of
|
|
|
|
// personal data where the first item is the full name of the
|
|
|
|
// user."
|
|
|
|
if i := strings.Index(u.Name, ","); i >= 0 {
|
|
|
|
u.Name = u.Name[:i]
|
|
|
|
}
|
|
|
|
return u, nil
|
2016-07-22 20:15:38 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-09-14 19:11:35 +02:00
|
|
|
func findUserId(uid string, r io.Reader) (*User, error) {
|
|
|
|
i, e := strconv.Atoi(uid)
|
2016-07-22 20:15:38 +02:00
|
|
|
if e != nil {
|
2017-09-14 19:11:35 +02:00
|
|
|
return nil, errors.New("user: invalid userid " + uid)
|
2016-07-22 20:15:38 +02:00
|
|
|
}
|
2017-09-14 19:11:35 +02:00
|
|
|
if v, err := readColonFile(r, matchUserIndexValue(uid, 2)); err != nil {
|
|
|
|
return nil, err
|
|
|
|
} else if v != nil {
|
|
|
|
return v.(*User), nil
|
2016-07-22 20:15:38 +02:00
|
|
|
}
|
2017-09-14 19:11:35 +02:00
|
|
|
return nil, UnknownUserIdError(i)
|
2016-07-22 20:15:38 +02:00
|
|
|
}
|
|
|
|
|
2017-09-14 19:11:35 +02:00
|
|
|
func findUsername(name string, r io.Reader) (*User, error) {
|
|
|
|
if v, err := readColonFile(r, matchUserIndexValue(name, 0)); err != nil {
|
|
|
|
return nil, err
|
|
|
|
} else if v != nil {
|
|
|
|
return v.(*User), nil
|
2016-07-22 20:15:38 +02:00
|
|
|
}
|
2017-09-14 19:11:35 +02:00
|
|
|
return nil, UnknownUserError(name)
|
2016-07-22 20:15:38 +02:00
|
|
|
}
|
|
|
|
|
2017-09-14 19:11:35 +02:00
|
|
|
func lookupGroup(groupname string) (*Group, error) {
|
|
|
|
f, err := os.Open(groupFile)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
2016-07-22 20:15:38 +02:00
|
|
|
}
|
2017-09-14 19:11:35 +02:00
|
|
|
defer f.Close()
|
|
|
|
return findGroupName(groupname, f)
|
2016-07-22 20:15:38 +02:00
|
|
|
}
|
|
|
|
|
2017-09-14 19:11:35 +02:00
|
|
|
func lookupGroupId(id string) (*Group, error) {
|
|
|
|
f, err := os.Open(groupFile)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
2016-07-22 20:15:38 +02:00
|
|
|
}
|
2017-09-14 19:11:35 +02:00
|
|
|
defer f.Close()
|
|
|
|
return findGroupId(id, f)
|
2016-07-22 20:15:38 +02:00
|
|
|
}
|
|
|
|
|
2017-09-14 19:11:35 +02:00
|
|
|
func lookupUser(username string) (*User, error) {
|
|
|
|
f, err := os.Open(userFile)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
2016-07-22 20:15:38 +02:00
|
|
|
}
|
2017-09-14 19:11:35 +02:00
|
|
|
defer f.Close()
|
|
|
|
return findUsername(username, f)
|
2016-07-22 20:15:38 +02:00
|
|
|
}
|
|
|
|
|
2017-09-14 19:11:35 +02:00
|
|
|
func lookupUserId(uid string) (*User, error) {
|
|
|
|
f, err := os.Open(userFile)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
defer f.Close()
|
|
|
|
return findUserId(uid, f)
|
2011-05-20 02:18:15 +02:00
|
|
|
}
|