1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
|
package User::pwent;
use 5.006;
use strict;
use warnings;
use Config;
use Carp;
our(@EXPORT, @EXPORT_OK, %EXPORT_TAGS);
BEGIN {
use Exporter ();
@EXPORT = qw(getpwent getpwuid getpwnam getpw);
@EXPORT_OK = qw(
pw_has
$pw_name $pw_passwd $pw_uid $pw_gid
$pw_gecos $pw_dir $pw_shell
$pw_expire $pw_change $pw_class
$pw_age
$pw_quota $pw_comment
$pw_expire
);
%EXPORT_TAGS = (
FIELDS => [ grep(/^\$pw_/, @EXPORT_OK), @EXPORT ],
ALL => [ @EXPORT, @EXPORT_OK ],
);
}
use vars grep /^\$pw_/, @EXPORT_OK;
#
# XXX: these mean somebody hacked this module's source
# without understanding the underlying assumptions.
#
my $IE = "[INTERNAL ERROR]";
# Class::Struct forbids use of @ISA
sub import { goto &Exporter::import }
use Class::Struct qw(struct);
struct 'User::pwent' => [
name => '$', # pwent[0]
passwd => '$', # pwent[1]
uid => '$', # pwent[2]
gid => '$', # pwent[3]
# you'll only have one/none of these three
change => '$', # pwent[4]
age => '$', # pwent[4]
quota => '$', # pwent[4]
# you'll only have one/none of these two
comment => '$', # pwent[5]
class => '$', # pwent[5]
# you might not have this one
gecos => '$', # pwent[6]
dir => '$', # pwent[7]
shell => '$', # pwent[8]
# you might not have this one
expire => '$', # pwent[9]
];
# init our groks hash to be true if the built platform knew how
# to do each struct pwd field that perl can ever under any circumstances
# know about. we do not use /^pw_?/, but just the tails.
sub _feature_init {
our %Groks; # whether build system knew how to do this feature
for my $feep ( qw{
pwage pwchange pwclass pwcomment
pwexpire pwgecos pwpasswd pwquota
}
)
{
my $short = $feep =~ /^pw(.*)/
? $1
: do {
# not cluck, as we know we called ourselves,
# and a confession is probably imminent anyway
warn("$IE $feep is a funny struct pwd field");
$feep;
};
exists $Config{ "d_" . $feep }
|| confess("$IE Configure doesn't d_$feep");
$Groks{$short} = defined $Config{ "d_" . $feep };
}
# assume that any that are left are always there
for my $feep (grep /^\$pw_/s, @EXPORT_OK) {
$feep =~ /^\$pw_(.*)/;
$Groks{$1} = 1 unless defined $Groks{$1};
}
}
# With arguments, reports whether one or more fields are all implemented
# in the build machine's struct pwd pw_*. May be whitespace separated.
# We do not use /^pw_?/, just the tails.
#
# Without arguments, returns the list of fields implemented on build
# machine, space separated in scalar context.
#
# Takes exception to being asked whether this machine's struct pwd has
# a field that Perl never knows how to provide under any circumstances.
# If the module does this idiocy to itself, the explosion is noisier.
#
sub pw_has {
our %Groks; # whether build system knew how to do this feature
my $cando = 1;
my $sploder = caller() ne __PACKAGE__
? \&croak
: sub { confess("$IE @_") };
if (@_ == 0) {
my @valid = sort grep { $Groks{$_} } keys %Groks;
return wantarray ? @valid : "@valid";
}
for my $feep (map { split } @_) {
defined $Groks{$feep}
|| $sploder->("$feep is never a valid struct pwd field");
$cando &&= $Groks{$feep};
}
return $cando;
}
sub _populate (@) {
return unless @_;
my $pwob = new();
# Any that haven't been pw_had are assumed on "all" platforms of
# course, this may not be so, but you can't get here otherwise,
# since the underlying core call already took exception to your
# impudence.
$pw_name = $pwob->name ( $_[0] );
$pw_passwd = $pwob->passwd ( $_[1] ) if pw_has("passwd");
$pw_uid = $pwob->uid ( $_[2] );
$pw_gid = $pwob->gid ( $_[3] );
if (pw_has("change")) {
$pw_change = $pwob->change ( $_[4] );
}
elsif (pw_has("age")) {
$pw_age = $pwob->age ( $_[4] );
}
elsif (pw_has("quota")) {
$pw_quota = $pwob->quota ( $_[4] );
}
if (pw_has("class")) {
$pw_class = $pwob->class ( $_[5] );
}
elsif (pw_has("comment")) {
$pw_comment = $pwob->comment( $_[5] );
}
$pw_gecos = $pwob->gecos ( $_[6] ) if pw_has("gecos");
$pw_dir = $pwob->dir ( $_[7] );
$pw_shell = $pwob->shell ( $_[8] );
$pw_expire = $pwob->expire ( $_[9] ) if pw_has("expire");
return $pwob;
}
sub getpwent ( ) { _populate(CORE::getpwent()) }
sub getpwnam ($) { _populate(CORE::getpwnam(shift)) }
sub getpwuid ($) { _populate(CORE::getpwuid(shift)) }
sub getpw ($) { ($_[0] =~ /^\d+\z/s) ? &getpwuid : &getpwnam }
_feature_init();
1;
__END__
=head1 NAME
User::pwent - by-name interface to Perl's built-in getpw*() functions
=head1 SYNOPSIS
use User::pwent;
$pw = getpwnam('daemon') || die "No daemon user";
if ( $pw->uid == 1 && $pw->dir =~ m#^/(bin|tmp)?\z#s ) {
print "gid 1 on root dir";
}
$real_shell = $pw->shell || '/bin/sh';
for (($fullname, $office, $workphone, $homephone) =
split /\s*,\s*/, $pw->gecos)
{
s/&/ucfirst(lc($pw->name))/ge;
}
use User::pwent qw(:FIELDS);
getpwnam('daemon') || die "No daemon user";
if ( $pw_uid == 1 && $pw_dir =~ m#^/(bin|tmp)?\z#s ) {
print "gid 1 on root dir";
}
$pw = getpw($whoever);
use User::pwent qw/:DEFAULT pw_has/;
if (pw_has(qw[gecos expire quota])) { .... }
if (pw_has("name uid gid passwd")) { .... }
print "Your struct pwd has: ", scalar pw_has(), "\n";
=head1 DESCRIPTION
This module's default exports override the core getpwent(), getpwuid(),
and getpwnam() functions, replacing them with versions that return
C<User::pwent> objects. This object has methods that return the
similarly named structure field name from the C's passwd structure
from F<pwd.h>, stripped of their leading "pw_" parts, namely C<name>,
C<passwd>, C<uid>, C<gid>, C<change>, C<age>, C<quota>, C<comment>,
C<class>, C<gecos>, C<dir>, C<shell>, and C<expire>. The C<passwd>,
C<gecos>, and C<shell> fields are tainted when running in taint mode.
You may also import all the structure fields directly into your
namespace as regular variables using the :FIELDS import tag. (Note
that this still overrides your core functions.) Access these fields
as variables named with a preceding C<pw_> in front their method
names. Thus, C<< $passwd_obj->shell >> corresponds to $pw_shell
if you import the fields.
The getpw() function is a simple front-end that forwards
a numeric argument to getpwuid() and the rest to getpwnam().
To access this functionality without the core overrides, pass the
C<use> an empty import list, and then access function functions
with their full qualified names. The built-ins are always still
available via the C<CORE::> pseudo-package.
=head2 System Specifics
Perl believes that no machine ever has more than one of C<change>,
C<age>, or C<quota> implemented, nor more than one of either
C<comment> or C<class>. Some machines do not support C<expire>,
C<gecos>, or allegedly, C<passwd>. You may call these methods
no matter what machine you're on, but they return C<undef> if
unimplemented.
You may ask whether one of these was implemented on the system Perl
was built on by asking the importable C<pw_has> function about them.
This function returns true if all parameters are supported fields
on the build platform, false if one or more were not, and raises
and exception if you asked about a field that Perl never knows how
to provide. Parameters may be in a space-separated string, or as
separate arguments. If you pass no parameters, the function returns
the list of C<struct pwd> fields supported by your build platform's
C library, as a list in list context, or a space-separated string
in scalar context. Note that just because your C library had
a field doesn't necessarily mean that it's fully implemented on
that system.
Interpretation of the C<gecos> field varies between systems, but
traditionally holds 4 comma-separated fields containing the user's
full name, office location, work phone number, and home phone number.
An C<&> in the gecos field should be replaced by the user's properly
capitalized login C<name>. The C<shell> field, if blank, must be
assumed to be F</bin/sh>. Perl does not do this for you. The
C<passwd> is one-way hashed garble, not clear text, and may not be
unhashed save by brute-force guessing. Secure systems use more a
more secure hashing than DES. On systems supporting shadow password
systems, Perl automatically returns the shadow password entry when
called by a suitably empowered user, even if your underlying
vendor-provided C library was too short-sighted to realize it should
do this.
See passwd(5) and getpwent(3) for details.
=head1 NOTE
While this class is currently implemented using the Class::Struct
module to build a struct-like class, you shouldn't rely upon this.
=head1 AUTHOR
Tom Christiansen
=head1 HISTORY
=over
=item March 18th, 2000
Reworked internals to support better interface to dodgey fields
than normal Perl function provides. Added pw_has() field. Improved
documentation.
=back
|