Lines Matching refs:user
5 Every user who can log in on the system is identified by a unique number
6 called the @dfn{user ID}. Each process has an effective user ID which
7 says which user's access permissions it has.
13 The effective user and group IDs of a process collectively form its
19 Each file in the system also has a user ID and a group ID. Access
20 control works by comparing the user and group IDs of the file with those
28 * User and Group IDs:: Each user has a unique numeric ID;
30 * Process Persona:: The user IDs and group IDs of a process.
32 its user and/or group IDs.
33 * How Change Persona:: Changing the user and group IDs.
34 * Reading Persona:: How to examine the user and group IDs.
36 * Setting User ID:: Functions for setting the user ID.
43 * Who Logged In:: Getting the name of the user who logged in,
44 or of the real user ID of the current process.
50 accessing the user database.
62 @cindex user name
63 @cindex user ID
64 Each user account on a computer system is identified by a @dfn{user
65 name} (or @dfn{login name}) and @dfn{user ID}. Normally, each user name
66 has a unique user ID, but it is possible for several login names to have
67 the same user ID. The user names and corresponding user IDs are stored
72 Users are classified in @dfn{groups}. Each user name belongs to one
83 @cindex effective user ID
87 @c When Hurd is more widely used, explain multiple effective user IDs
89 At any time, each process has an @dfn{effective user ID}, a @dfn{effective
95 Your login shell starts out with a persona which consists of your user
100 @cindex real user ID
102 A process also has a @dfn{real user ID} which identifies the user who
104 user's default group. These values do not play a role in access
108 Both the real and effective user ID can be changed during the lifetime
111 For details on how a process's effective user ID and group IDs affect
114 The effective user ID of a process also controls permissions for sending
119 process whose effective user ID is zero. A process with this user ID is
120 a @dfn{privileged process}. Commonly the user name @code{root} is
121 associated with user ID 0, but there may be other user names with this
129 its user and/or group IDs is the @code{login} program. When
130 @code{login} starts running, its user ID is @code{root}. Its job is to
131 start a shell whose user and group IDs are those of the user who is
133 user and group IDs as well as its persona. But this is a special case.)
135 The more common case of changing persona is when an ordinary user
137 accessible to the user actually running it.
144 change its effective user or group ID to match that of the resource.
151 by creating a new user ID and login name (say, @code{games}) to own the
152 scores file, and make the file writable only by this user. Then, when
154 user ID to be that for @code{games}. In effect, the program must
160 @cindex saved set-user-ID
169 You can't arbitrarily set your user ID or group ID to anything you want;
172 change to a particular user or group. This is the function of the setuid
176 gives the process a third user ID: the @dfn{file user ID}. This ID is
178 user ID to the file user ID. The real user ID remains as it was.
183 If a process has a file ID (user or group), then it can at any time
200 Here are detailed descriptions of the functions for reading the user and
209 This is an integer data type used to represent user IDs. In
224 The @code{getuid} function returns the real user ID of the process.
236 The @code{geteuid} function returns the effective user ID of the process.
285 This section describes the functions for altering the user ID (real
321 This function sets the effective user ID of a process to @var{neweuid},
322 provided that the process is allowed to change its effective user ID. A
323 privileged process (effective user ID zero) can change its effective
324 user ID to any legal value. An unprivileged process with a file user ID
325 can change its effective user ID to its real user ID or to its file user
326 ID. Otherwise, a process may not change its effective user ID at all.
351 and effective user IDs of the process to @var{newuid}. It also deletes
352 the file user ID of the process, if any. @var{newuid} may be any
354 old effective user ID.)
368 This function sets the real user ID of the process to @var{ruid} and the
369 effective user ID to @var{euid}. If @var{ruid} is @code{-1}, it means
370 not to change the real user ID; likewise if @var{euid} is @code{-1}, it
371 means not to change the effective user ID.
375 effective and real user IDs of the process. (Privileged processes are
412 Note that a process is only privileged if its effective @emph{user} ID
459 the effective user ID at the time is zero. If it is not zero, they
463 when you know the effective user ID is zero and your intent is to change
467 Note that if your program is setuid to some user other than @code{root},
494 @deftypefun int initgroups (const char *@var{user}, gid_t @var{group})
527 IDs to be the normal default for the user name @var{user}. The group
531 @var{user} belongs to. It then calls @code{setgroups} with the list it
538 If you are interested in the groups a particular user belongs to, but do
544 @deftypefun int getgrouplist (const char *@var{user}, gid_t @var{group}, gid_t *@var{groups}, int *…
554 groups @var{user} belongs to. Up to *@var{ngroups} group IDs
564 for @var{user}:
569 supplementary_groups (char *user)
574 struct passwd *pw = getpwnam (user);
599 real user ID is @code{jdoe}, its effective user ID is @code{games}, and
600 its saved user ID is also @code{games}. The program should record both
601 user ID values once at the beginning, like this:
622 Throughout this process, the real user ID remains @code{jdoe} and the
623 file user ID remains @code{games}, so the program can always set its
624 effective user ID to either one.
626 On other systems that don't support file user IDs, you can
628 and effective user IDs of the process, as follows:
638 game program has just started, and its real user ID is @code{jdoe} while
639 its effective user ID is @code{games}. In this state, the game can
643 the effective user ID and restores access to the scores file.
645 In order to handle both kinds of systems, test for the saved user ID
660 effective user ID.
665 with the setuid bit set and owned by the same user as the @file{scores}
687 user ID. This program is conditionalized so that it makes use of the
689 to swap the effective and real user IDs.
747 /* @r{Remember the real and effective user IDs.} */
758 effective user ID back to the real user ID. This is so that any other
759 file accesses that are performed while the user is playing the game use
760 the real user ID for determining permissions. Only when the program
761 needs to open the scores file does it switch back to the file user ID,
799 It is easy for setuid programs to give the user access that isn't
806 Don't have @code{setuid} programs with privileged user IDs such as
809 nonprivileged user ID or group ID just to manage that resource.
811 special user.
815 changing the effective user ID. Don't let users of your program execute
816 arbitrary programs under a changed user ID. Executing a shell is
819 on the user's @code{PATH} environment variable).
836 Only use the user ID controlling the resource in the part of the program
838 the effective user ID back to the actual user's user ID.
843 besides the controlled resource, it should verify that the real user
846 uses the real user and group IDs, rather than the effective IDs.
852 @cindex user ID, determining
855 name of the user who is running a process, and the name of the user who
904 name of the user logged in on the controlling terminal of the process,
919 user name associated with the effective ID of the process. If
934 store a user name.
937 These functions let your program identify positively the user who is
938 running or the user who logged in this session. (These can differ when
939 setuid programs are involved; see @ref{Process Persona}.) The user cannot
943 @code{LOGNAME} to find out who the user is. This is more flexible
944 precisely because the user can set @code{LOGNAME} arbitrarily.
950 @cindex user accounting database
953 maintaining a user accounting database. This user accounting database
955 ID of the user's login shell, etc., etc., but also stores information
959 The user accounting database typically lives in @file{/etc/utmp},
962 from and writing information to the user accounting database, the
967 * Manipulating the Database:: Scanning and modifying the user
970 * Logging In and Out:: Functions from BSD that modify the user
984 the exit status of processes marked as @code{DEAD_PROCESS} in the user
998 in the user accounting database. On @gnusystems{} it has the following
1018 The user's login name.
1021 The name of the host from which the user logged in.
1055 This macro is used to indicate that the entry contains no valid user
1080 This macro is used to identify the session leader of a logged in user.
1084 This macro is used to identify a user process.
1122 This function opens the user accounting database to begin scanning it.
1140 The @code{getutent} function reads the next entry from the user
1145 function which stores the data in a user-provided buffer.
1160 This function closes the user accounting database.
1254 the appropriate place in the user accounting database. If it finds that
1262 inserted in the user accounting database, or a null pointer if the entry
1269 the user accounting database.
1278 user-provided buffer.
1384 In addition to the user accounting database, most systems keep a number
1404 @code{pututline} read from and write to the user accounting database.
1409 This macro is used to specify the user accounting database.
1413 This macro is used to specify the user accounting log file.
1482 The user's login name.
1502 This macro is used to indicate that the entry contains no valid user
1527 This macro is used to identify the session leader of a logged in user.
1531 This macro is used to identify a user process.
1670 The @code{login} functions inserts an entry into the user accounting
1679 A copy of the entry is written to the user accounting log file.
1695 This function modifies the user accounting database to indicate that the
1696 user on @var{ut_line} has logged out.
1712 The @code{logwtmp} function appends an entry to the user accounting log
1724 @cindex user database
1733 Historically, this database included one-way hashes of user
1735 about each user (such as their user ID and full name). Many of the
1744 * User Data Structure:: What each user record contains.
1745 * Lookup User:: How to look for a particular user.
1747 * Writing a User Entry:: How a program can rewrite a user's record.
1753 The functions and data structures for accessing the system user database
1760 entries in the system user data base. It has at least the following members:
1764 The user's login name.
1767 Historically, this field would hold the one-way hash of the user's
1772 The user ID number.
1775 The user's default group ID number.
1778 A string typically containing the user's real name, and possibly other
1782 The user's home directory, or initial working directory. This might be
1786 The user's default shell, or the initial program run when the user logs in.
1794 @cindex converting user ID to user name
1795 @cindex converting user name to user ID
1797 You can search the system user database for information about a
1798 specific user using @code{getpwuid} or @code{getpwnam}. These
1812 containing information about the user whose user ID is @var{uid}. This
1815 A null pointer value indicates there is no user in the data base with
1816 user ID @var{uid}.
2024 information about the user whose user ID is @var{uid}. However, it
2025 fills the user supplied structure pointed to by @var{result_buf} with
2031 If a user with ID @var{uid} is found, the pointer returned in
2033 @var{result} contains the value @var{result_buf}). If no user is found
2053 containing information about the user whose user name is @var{name}.
2057 A null pointer return indicates there is no user named @var{name}.
2082 information about the user whose user name is @var{name}. However, like
2083 @code{getpwuid_r}, it fills the user supplied buffers in
2093 @cindex scanning the user list
2096 the system, one user at a time. The functions described here are
2099 You can use the @code{fgetpwent} function to read user entries from a
2114 This function reads the next user entry from @var{stream} and returns a
2120 user database file.
2134 user entry from @var{stream}. But the result is returned in the
2141 user database file.
2149 The way to scan all the entries in the user database is with
2167 @code{getpwent_r} use to read the user database.
2208 @code{fgetpwent_r}, it uses the user-supplied buffers in
2239 This function writes the user entry @code{*@var{p}} to the stream
2240 @var{stream}, in the format used for the standard user database
2250 The group and user ID fields are left empty if the group or user name
2292 A vector of pointers to the names of users in the group. Each user name
2344 fills the user supplied structure pointed to by @var{result_buf} with
2386 @code{getgrgid_r}, it uses the user supplied buffers in
2436 user entry from @var{stream}. But the result is returned in the
2483 @code{fgetgrent_r}, it places the result in user-supplied buffers
2504 functions. The program prints some information about the user running
2547 consisting of a host name, a user name, and a domain name where any of
2706 @deftypefun int innetgr (const char *@var{netgroup}, const char *@var{host}, const char *@var{user}…
2740 @var{host}, @var{user}, and @var{domain} is part of the netgroup
2752 Any of the pointers @var{host}, @var{user}, or @var{domain} can be