The Linux Programming Interface 08 Users And Groups 用户和组
来源:互联网 发布:php curl 断点续传 编辑:程序博客网 时间:2024/05/29 03:02
The Linux Programming Interface
Users And Groups
(01)用户和组
Every user has a unique login name and an associated numeric user identifier (UID). Users can belong to one or more groups. Each group also has a unique name and a group identifier(GID).
(02) /etc/passwd文件
放有用户名,登录ID等信息。
(03) 密码文件 /etc/shadow
The shadow password file, /etc/shadow, was devised as a method of preventing such attacks.
(04) /etc/group
组函数文件夹
(05)获取用户和组信息
#include <pwd.h>
struct passwd *getpwnam(const char *name);
struct passwd *getpwuid(uid_t uid);
Given a login name in name, the getpwnam() function returns a pointer to a structure of the following type, containing the corresponding information from the password record:
struct passwd { char *pw_name;/* Login name (username) */ char *pw_passwd;/* Encrypted password */ uid_t pw_uid;/* User ID */ gid_t pw_gid;/* Group ID */ char *pw_gecos;/* Comment (user information) */ char *pw_dir;/* Initial working (home) directory */ char *pw_shell;/* Login shell */};
(06) getpwnam, getpwuid, getgrnam, getgrgid举例
通过uid 得到name, 通过name 得到uid,还有组。
#include <pwd.h>#include <grp.h>#include <ctype.h>#include "ugid_functions.h"/* Declares functions defined here *//* Return name corresponding to 'uid', or NULL on error */char * userNameFromId(uid_t uid) {struct passwd *pwd;pwd = getpwuid(uid);return (pwd == NULL) ? NULL : pwd->pw_name;}/* Return UID corresponding to 'name', or -1 on error */uid_t userIdFromName(const char *name) {struct passwd *pwd;uid_t u;char *endptr;if (name == NULL || *name == '\0')return -1;u = strtol(name, &endptr, 10)if (*endptr == '\0')return u;pwd = getpwnam(name);if (pwd == NULL)return -1;return pwd->pw_uid;}/* Return name corresponding to 'gid', or NULL on error */char *groupNameFromId(git_t gid) {struct group *grp;grp = getgrpid(gid);return (grp == NULL) ? NULL : grp->gr_name;}/* Return GID corresponding to 'name', or -1 on error */gid_t groupIdFromName(const char *name) {struct group *grp;gid_t g;char *endptr;if (name == NULL || *name == '\0')return -1;g = strtol(name, &endptr, 10)if (*endptr == '\0')return g;grp = getgrnam(name);if (grp == NULL)return -1; return grp->gr_gid;}
(07)得到所有的信息
#include <pwd.h>#include <stdio.h>int main() { struct passwd *pwd; while ((pwd = getpwent()) != NULL) printf("%-8s %5ld\n", pwd->pw_name, (long) pwd->pw_uid); return 0;}
输出:
wang@wang:~/Documents/tlpi-dist/users_groups$ ./getall
root 0
daemon 1
bin 2
sys 3
sync 4
games 5
man 6
lp 7
mail 8
news 9
uucp 10
proxy 13
www-data 33
backup 34
list 38
irc 39
gnats 41
nobody 65534
systemd-timesync 100
systemd-network 101
systemd-resolve 102
systemd-bus-proxy 103
syslog 104
_apt 105
messagebus 106
uuidd 107
lightdm 108
whoopsie 109
avahi-autoipd 110
avahi 111
dnsmasq 112
colord 113
speech-dispatcher 114
hplip 115
kernoops 116
pulse 117
rtkit 118
saned 119
usbmux 120
wang 1000
(08) 组
The getgrent(), setgrent(), and endgrent() functions perform analogous tasks fro the group file.
(09)验证登录,结果是没有权限。
#define _BSD_SOURCE/* Get getpass() declaration from <unisstd.h> */#include <limits.h>#include <pwd.h>#include <shadow.h>#include "tlpi_hdr.h"#define _XOPEN_SOURCE /* See feature_test_macros(7) */#include <unistd.h>int main(int argc, char *argv[]) {char *username, *password, *encrypted, *p;struct passwd *pwd;struct spwd *spwd;Boolean authOk;size_t len;long lnmax;lnmax = sysconf(_SC_LOGIN_NAME_MAX);if (lnmax == -1)lnmax = 256;username = malloc(lnmax);if (username == NULL)errExit("malloc");printf("Username: ");fflush(stdout);if (fgets(username, lnmax, stdin) == NULL)exit(EXIT_FAILURE);len = strlen(username);if (username[len - 1] == '\n')username[len - 1] = '\0';pwd = getpwnam(username);if (pwd == NULL)fatal("couldn't get password record");spwd = getspnam(username);if (pwd == NULL)fatal("couldn't get password record");spwd = getspnam(username);if (spwd == NULL && errno == EACCES)fatal("no permission to read shadow password file");/* If there is a shadow password record, use the shadow password */if (spwd != NULL)pwd->pw_passwd = spwd->sp_pwdp;password = getpass("Password: ");/* Encrypt password and erase cleartext version immediately */encrypted = crypt(password, pwd->pw_passwd);for (p = password; *p != '\0';)*p++ = '\0';if (encrypted == NULL)errExit("crypt");authOk = strcmp(encrypted, pwd->pw_passwd) == 0;if (!authOk) {printf("Incorrect password\n");exit(EXIT_FAILURE);}printf("Successfully authenticated: UID=%ld\n", (long) pwd->pw_uid);/* Now do authenticated work ... */exit(EXIT_SUCCESS);}有些悲催的输出:
wang@wang:~/Documents/tlpi-dist/lib$ ./check_password
Username: wang
ERROR: no permission to read shadow password file
(10)总结
Each user has a unique login name and an associated numeric user ID. Users can belong to one or more groups, each of which also has a unique name and an associated numeric numeric identifier. The primary purpose of these identifiers is to establish ownership of various system resources (e.g., files) and permissions for accessing them.
A user's name and ID are defined in the /etc/passwd file, which also contains others information about the user. A user's group membership are defined by fields in the /etc/passwd/ and /etc/group files. A furher file, /etc/shadow, which can be read only by privileged processes, is used to separate the sensitive password information from the publicly available user information in /etc/passwd. Various library functions are provided for retrieving information from each of these files.
The crypt() function encrypts a passwd in the same manner as the standard login program, which is useful for program that need to authenticate users.
(11)习题
- The Linux Programming Interface 08 Users And Groups 用户和组
- Users and Groups in Linux
- Users and Groups----note
- The Linux Programming Interface 01 History and Standards UNIX/Linux历史和标准
- The Linux Programming Interface 11 System Limits And Options 系统限制和选择
- The Linux Programming Interface 12 System And Process Information 系统和进程信息
- The Linux Programming Interface 16
- The Linux Programming Interface - A Linux and UNIX System Programming Handbook
- RH033 Unit5 Users, Groups and Permissions
- Creating Variant Groups and Assigning Users
- The Linux Programming Interface 00 preface 序言
- The Linux Programming Interface 06 Process 进程
- The Linux Programming Interface 10 Time 时间
- OpenDaylight: Programming Flows with the REST Interface and cURL
- (译文)The Linux Programming Interface:第1章(历史和标准)
- The Linux Programming Interface 笔记之malloc和free的实现
- The Linux Programming Interface(Linux编程接口)学习计划
- [linux and unix shell programming] and [the unix environment programming]
- 对于一个小白Android该怎么学?
- 手机长按触发事件(网页端)
- Spark学习笔记 --- Spark中宽依赖(Wide deps)与窄依赖(Narrow deps)
- 【乱码】总结
- 数据库优化面试题
- The Linux Programming Interface 08 Users And Groups 用户和组
- Spring源码分析--AbstractRefreshableApplicationContext(七)
- leetcode解题之21# Merge Two Sorted Lists Java版 递归和非递归实现
- 关于在打开游标之前修改传入游标where的参数问题
- CentOS--MySQL 使用教程
- 字符串
- mybatis与jdbc比较
- virtual reality(虚拟现实)
- 深度学习学习资料汇总