kyua/utils/passwd.cpp

*b0d29bc4SBrooks Davis// Copyright 2010 The Kyua Authors.
*b0d29bc4SBrooks Davis// All rights reserved.
*b0d29bc4SBrooks Davis//
*b0d29bc4SBrooks Davis// Redistribution and use in source and binary forms, with or without
*b0d29bc4SBrooks Davis// modification, are permitted provided that the following conditions are
*b0d29bc4SBrooks Davis// met:
*b0d29bc4SBrooks Davis//
*b0d29bc4SBrooks Davis// * Redistributions of source code must retain the above copyright
*b0d29bc4SBrooks Davis//   notice, this list of conditions and the following disclaimer.
*b0d29bc4SBrooks Davis// * Redistributions in binary form must reproduce the above copyright
*b0d29bc4SBrooks Davis//   notice, this list of conditions and the following disclaimer in the
*b0d29bc4SBrooks Davis//   documentation and/or other materials provided with the distribution.
*b0d29bc4SBrooks Davis// * Neither the name of Google Inc. nor the names of its contributors
*b0d29bc4SBrooks Davis//   may be used to endorse or promote products derived from this software
*b0d29bc4SBrooks Davis//   without specific prior written permission.
*b0d29bc4SBrooks Davis//
*b0d29bc4SBrooks Davis// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
*b0d29bc4SBrooks Davis// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
*b0d29bc4SBrooks Davis// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
*b0d29bc4SBrooks Davis// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
*b0d29bc4SBrooks Davis// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
*b0d29bc4SBrooks Davis// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
*b0d29bc4SBrooks Davis// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
*b0d29bc4SBrooks Davis// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
*b0d29bc4SBrooks Davis// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
*b0d29bc4SBrooks Davis// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
*b0d29bc4SBrooks Davis// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*b0d29bc4SBrooks Davis
*b0d29bc4SBrooks Davis#include "utils/passwd.hpp"
*b0d29bc4SBrooks Davis
*b0d29bc4SBrooks Davisextern "C" {
*b0d29bc4SBrooks Davis#include <sys/types.h>
*b0d29bc4SBrooks Davis
*b0d29bc4SBrooks Davis#include <pwd.h>
*b0d29bc4SBrooks Davis#include <unistd.h>
*b0d29bc4SBrooks Davis}
*b0d29bc4SBrooks Davis
*b0d29bc4SBrooks Davis#include <stdexcept>
*b0d29bc4SBrooks Davis
*b0d29bc4SBrooks Davis#include "utils/format/macros.hpp"
*b0d29bc4SBrooks Davis#include "utils/logging/macros.hpp"
*b0d29bc4SBrooks Davis#include "utils/optional.ipp"
*b0d29bc4SBrooks Davis#include "utils/sanity.hpp"
*b0d29bc4SBrooks Davis
*b0d29bc4SBrooks Davisnamespace passwd_ns = utils::passwd;
*b0d29bc4SBrooks Davis
*b0d29bc4SBrooks Davis
*b0d29bc4SBrooks Davisnamespace {
*b0d29bc4SBrooks Davis
*b0d29bc4SBrooks Davis
*b0d29bc4SBrooks Davis/// If defined, replaces the value returned by current_user().
*b0d29bc4SBrooks Davisstatic utils::optional< passwd_ns::user > fake_current_user;
*b0d29bc4SBrooks Davis
*b0d29bc4SBrooks Davis
*b0d29bc4SBrooks Davis/// If not empty, defines the current set of mock users.
*b0d29bc4SBrooks Davisstatic std::vector< passwd_ns::user > mock_users;
*b0d29bc4SBrooks Davis
*b0d29bc4SBrooks Davis
*b0d29bc4SBrooks Davis/// Formats a user for logging purposes.
*b0d29bc4SBrooks Davis///
*b0d29bc4SBrooks Davis/// \param user The user to format.
*b0d29bc4SBrooks Davis///
*b0d29bc4SBrooks Davis/// \return The user as a string.
*b0d29bc4SBrooks Davisstatic std::string
*b0d29bc4SBrooks Davisformat_user(const passwd_ns::user& user)
*b0d29bc4SBrooks Davis{
*b0d29bc4SBrooks Davis    return F("name=%s, uid=%s, gid=%s") % user.name % user.uid % user.gid;
*b0d29bc4SBrooks Davis}
*b0d29bc4SBrooks Davis
*b0d29bc4SBrooks Davis
*b0d29bc4SBrooks Davis}  // anonymous namespace
*b0d29bc4SBrooks Davis
*b0d29bc4SBrooks Davis
*b0d29bc4SBrooks Davis/// Constructs a new user.
*b0d29bc4SBrooks Davis///
*b0d29bc4SBrooks Davis/// \param name_ The name of the user.
*b0d29bc4SBrooks Davis/// \param uid_ The user identifier.
*b0d29bc4SBrooks Davis/// \param gid_ The login group identifier.
*b0d29bc4SBrooks Davispasswd_ns::user::user(const std::string& name_, const unsigned int uid_,
*b0d29bc4SBrooks Davis                      const unsigned int gid_) :
*b0d29bc4SBrooks Davis    name(name_),
*b0d29bc4SBrooks Davis    uid(uid_),
*b0d29bc4SBrooks Davis    gid(gid_)
*b0d29bc4SBrooks Davis{
*b0d29bc4SBrooks Davis}
*b0d29bc4SBrooks Davis
*b0d29bc4SBrooks Davis
*b0d29bc4SBrooks Davis/// Checks if the user has superpowers or not.
*b0d29bc4SBrooks Davis///
*b0d29bc4SBrooks Davis/// \return True if the user is root, false otherwise.
*b0d29bc4SBrooks Davisbool
*b0d29bc4SBrooks Davispasswd_ns::user::is_root(void) const
*b0d29bc4SBrooks Davis{
*b0d29bc4SBrooks Davis    return uid == 0;
*b0d29bc4SBrooks Davis}
*b0d29bc4SBrooks Davis
*b0d29bc4SBrooks Davis
*b0d29bc4SBrooks Davis/// Gets the current user.
*b0d29bc4SBrooks Davis///
*b0d29bc4SBrooks Davis/// \return The current user.
*b0d29bc4SBrooks Davispasswd_ns::user
*b0d29bc4SBrooks Davispasswd_ns::current_user(void)
*b0d29bc4SBrooks Davis{
*b0d29bc4SBrooks Davis    if (fake_current_user) {
*b0d29bc4SBrooks Davis        const user u = fake_current_user.get();
*b0d29bc4SBrooks Davis        LD(F("Current user is fake: %s") % format_user(u));
*b0d29bc4SBrooks Davis        return u;
*b0d29bc4SBrooks Davis    } else {
*b0d29bc4SBrooks Davis        const user u = find_user_by_uid(::getuid());
*b0d29bc4SBrooks Davis        LD(F("Current user is: %s") % format_user(u));
*b0d29bc4SBrooks Davis        return u;
*b0d29bc4SBrooks Davis    }
*b0d29bc4SBrooks Davis}
*b0d29bc4SBrooks Davis
*b0d29bc4SBrooks Davis
*b0d29bc4SBrooks Davis/// Gets information about a user by its name.
*b0d29bc4SBrooks Davis///
*b0d29bc4SBrooks Davis/// \param name The name of the user to query.
*b0d29bc4SBrooks Davis///
*b0d29bc4SBrooks Davis/// \return The information about the user.
*b0d29bc4SBrooks Davis///
*b0d29bc4SBrooks Davis/// \throw std::runtime_error If the user does not exist.
*b0d29bc4SBrooks Davispasswd_ns::user
*b0d29bc4SBrooks Davispasswd_ns::find_user_by_name(const std::string& name)
*b0d29bc4SBrooks Davis{
*b0d29bc4SBrooks Davis    if (mock_users.empty()) {
*b0d29bc4SBrooks Davis        const struct ::passwd* pw = ::getpwnam(name.c_str());
*b0d29bc4SBrooks Davis        if (pw == NULL)
*b0d29bc4SBrooks Davis            throw std::runtime_error(F("Failed to get information about the "
*b0d29bc4SBrooks Davis                                       "user '%s'") % name);
*b0d29bc4SBrooks Davis        INV(pw->pw_name == name);
*b0d29bc4SBrooks Davis        return user(pw->pw_name, pw->pw_uid, pw->pw_gid);
*b0d29bc4SBrooks Davis    } else {
*b0d29bc4SBrooks Davis        for (std::vector< user >::const_iterator iter = mock_users.begin();
*b0d29bc4SBrooks Davis             iter != mock_users.end(); iter++) {
*b0d29bc4SBrooks Davis            if ((*iter).name == name)
*b0d29bc4SBrooks Davis                return *iter;
*b0d29bc4SBrooks Davis        }
*b0d29bc4SBrooks Davis        throw std::runtime_error(F("Failed to get information about the "
*b0d29bc4SBrooks Davis                                   "user '%s'") % name);
*b0d29bc4SBrooks Davis    }
*b0d29bc4SBrooks Davis}
*b0d29bc4SBrooks Davis
*b0d29bc4SBrooks Davis
*b0d29bc4SBrooks Davis/// Gets information about a user by its identifier.
*b0d29bc4SBrooks Davis///
*b0d29bc4SBrooks Davis/// \param uid The identifier of the user to query.
*b0d29bc4SBrooks Davis///
*b0d29bc4SBrooks Davis/// \return The information about the user.
*b0d29bc4SBrooks Davis///
*b0d29bc4SBrooks Davis/// \throw std::runtime_error If the user does not exist.
*b0d29bc4SBrooks Davispasswd_ns::user
*b0d29bc4SBrooks Davispasswd_ns::find_user_by_uid(const unsigned int uid)
*b0d29bc4SBrooks Davis{
*b0d29bc4SBrooks Davis    if (mock_users.empty()) {
*b0d29bc4SBrooks Davis        const struct ::passwd* pw = ::getpwuid(uid);
*b0d29bc4SBrooks Davis        if (pw == NULL)
*b0d29bc4SBrooks Davis            throw std::runtime_error(F("Failed to get information about the "
*b0d29bc4SBrooks Davis                                       "user with UID %s") % uid);
*b0d29bc4SBrooks Davis        INV(pw->pw_uid == uid);
*b0d29bc4SBrooks Davis        return user(pw->pw_name, pw->pw_uid, pw->pw_gid);
*b0d29bc4SBrooks Davis    } else {
*b0d29bc4SBrooks Davis        for (std::vector< user >::const_iterator iter = mock_users.begin();
*b0d29bc4SBrooks Davis             iter != mock_users.end(); iter++) {
*b0d29bc4SBrooks Davis            if ((*iter).uid == uid)
*b0d29bc4SBrooks Davis                return *iter;
*b0d29bc4SBrooks Davis        }
*b0d29bc4SBrooks Davis        throw std::runtime_error(F("Failed to get information about the "
*b0d29bc4SBrooks Davis                                   "user with UID %s") % uid);
*b0d29bc4SBrooks Davis    }
*b0d29bc4SBrooks Davis}
*b0d29bc4SBrooks Davis
*b0d29bc4SBrooks Davis
*b0d29bc4SBrooks Davis/// Overrides the current user for testing purposes.
*b0d29bc4SBrooks Davis///
*b0d29bc4SBrooks Davis/// This DOES NOT change the current privileges!
*b0d29bc4SBrooks Davis///
*b0d29bc4SBrooks Davis/// \param new_current_user The new current user.
*b0d29bc4SBrooks Davisvoid
*b0d29bc4SBrooks Davispasswd_ns::set_current_user_for_testing(const user& new_current_user)
*b0d29bc4SBrooks Davis{
*b0d29bc4SBrooks Davis    fake_current_user = new_current_user;
*b0d29bc4SBrooks Davis}
*b0d29bc4SBrooks Davis
*b0d29bc4SBrooks Davis
*b0d29bc4SBrooks Davis/// Overrides the current set of users for testing purposes.
*b0d29bc4SBrooks Davis///
*b0d29bc4SBrooks Davis/// \param users The new users set.  Cannot be empty.
*b0d29bc4SBrooks Davisvoid
*b0d29bc4SBrooks Davispasswd_ns::set_mock_users_for_testing(const std::vector< user >& users)
*b0d29bc4SBrooks Davis{
*b0d29bc4SBrooks Davis    PRE(!users.empty());
*b0d29bc4SBrooks Davis    mock_users = users;
*b0d29bc4SBrooks Davis}