1 @node Users and Groups, System Information, Job Control, Top
2 @chapter Users and Groups
4 Every user who can log in on the system is identified by a unique number
5 called the @dfn{user ID}. Each process has an effective user ID which
6 says which user's access permissions it has.
8 Users are classified into @dfn{groups} for access control purposes. Each
9 process has one or more @dfn{group ID values} which say which groups the
10 process can use for access to files.
12 The effective user and group IDs of a process collectively form its
13 @dfn{persona}. This determines which files the process can access.
14 Normally, a process inherits its persona from the parent process, but
15 under special circumstances a process can change its persona and thus
16 change its access permissions.
18 Each file in the system also has a user ID and a group ID. Access
19 control works by comparing the user and group IDs of the file with those
20 of the running process.
22 The system keeps a database of all the registered users, and another
23 database of all the defined groups. There are library functions you
24 can use to examine these databases.
27 * User and Group IDs:: Each user has a unique numeric ID;
29 * Process Persona:: The user IDs and group IDs of a process.
30 * Why Change Persona:: Why a program might need to change
31 its user and/or group IDs.
32 * How Change Persona:: Changing the user and group IDs.
33 * Reading Persona:: How to examine the user and group IDs.
35 * Setting User ID:: Functions for setting the user ID.
36 * Setting Groups:: Functions for setting the group IDs.
38 * Enable/Disable Setuid:: Turning setuid access on and off.
39 * Setuid Program Example:: The pertinent parts of one sample program.
40 * Tips for Setuid:: How to avoid granting unlimited access.
42 * Who Logged In:: Getting the name of the user who logged in,
43 or of the real user ID of the current process.
45 * User Database:: Functions and data structures for
46 accessing the user database.
47 * Group Database:: Functions and data structures for
48 accessing the group database.
49 * Database Example:: Example program showing use of database
53 @node User and Group IDs
54 @section User and Group IDs
59 Each user account on a computer system is identified by a @dfn{user
60 name} (or @dfn{login name}) and @dfn{user ID}. Normally, each user name
61 has a unique user ID, but it is possible for several login names to have
62 the same user ID. The user names and corresponding user IDs are stored
63 in a data base which you can access as described in @ref{User Database}.
67 Users are classified in @dfn{groups}. Each user name also belongs to
68 one or more groups, and has one @dfn{default group}. Users who are
69 members of the same group can share resources (such as files) that are
70 not accessible to users who are not a member of that group. Each group
71 has a @dfn{group name} and @dfn{group ID}. @xref{Group Database},
72 for how to find information about a group ID or group name.
75 @section The Persona of a Process
77 @cindex effective user ID
78 @cindex effective group ID
80 @c !!! bogus; not single ID. set of effective group IDs (and, in GNU,
81 @c set of effective UIDs) determines privilege. lying here and then
82 @c telling the truth below is confusing.
83 At any time, each process has a single user ID and a group ID which
84 determine the privileges of the process. These are collectively called
85 the @dfn{persona} of the process, because they determine ``who it is''
86 for purposes of access control. These IDs are also called the
87 @dfn{effective user ID} and @dfn{effective group ID} of the process.
89 Your login shell starts out with a persona which consists of your user
90 ID and your default group ID.
91 @c !!! also supplementary group IDs.
92 In normal circumstances, all your other processes inherit these values.
96 A process also has a @dfn{real user ID} which identifies the user who
97 created the process, and a @dfn{real group ID} which identifies that
98 user's default group. These values do not play a role in access
99 control, so we do not consider them part of the persona. But they are
102 Both the real and effective user ID can be changed during the lifetime
103 of a process. @xref{Why Change Persona}.
105 @cindex supplementary group IDs
106 In addition, a user can belong to multiple groups, so the persona
107 includes @dfn{supplementary group IDs} that also contribute to access
110 For details on how a process's effective user IDs and group IDs affect
111 its permission to access files, see @ref{Access Permission}.
113 The user ID of a process also controls permissions for sending signals
114 using the @code{kill} function. @xref{Signaling Another Process}.
116 @node Why Change Persona
117 @section Why Change the Persona of a Process?
119 The most obvious situation where it is necessary for a process to change
120 its user and/or group IDs is the @code{login} program. When
121 @code{login} starts running, its user ID is @code{root}. Its job is to
122 start a shell whose user and group IDs are those of the user who is
123 logging in. (To accomplish this fully, @code{login} must set the real
124 user and group IDs as well as its persona. But this is a special case.)
126 The more common case of changing persona is when an ordinary user
127 program needs access to a resource that wouldn't ordinarily be
128 accessible to the user actually running it.
130 For example, you may have a file that is controlled by your program but
131 that shouldn't be read or modified directly by other users, either
132 because it implements some kind of locking protocol, or because you want
133 to preserve the integrity or privacy of the information it contains.
134 This kind of restricted access can be implemented by having the program
135 change its effective user or group ID to match that of the resource.
137 Thus, imagine a game program that saves scores in a file. The game
138 program itself needs to be able to update this file no matter who is
139 running it, but if users can write the file without going through the
140 game, they can give themselves any scores they like. Some people
141 consider this undesirable, or even reprehensible. It can be prevented
142 by creating a new user ID and login name (say, @code{games}) to own the
143 scores file, and make the file writable only by this user. Then, when
144 the game program wants to update this file, it can change its effective
145 user ID to be that for @code{games}. In effect, the program must
146 adopt the persona of @code{games} so it can write the scores file.
148 @node How Change Persona
149 @section How an Application Can Change Persona
150 @cindex @code{setuid} programs
152 The ability to change the persona of a process can be a source of
153 unintentional privacy violations, or even intentional abuse. Because of
154 the potential for problems, changing persona is restricted to special
157 You can't arbitrarily set your user ID or group ID to anything you want;
158 only privileged processes can do that. Instead, the normal way for a
159 program to change its persona is that it has been set up in advance to
160 change to a particular user or group. This is the function of the setuid
161 and setgid bits of a file's access mode. @xref{Permission Bits}.
163 When the setuid bit of an executable file is set, executing that file
164 automatically changes the effective user ID to the user that owns the
165 file. Likewise, executing a file whose setgid bit is set changes the
166 effective group ID to the group of the file. @xref{Executing a File}.
167 Creating a file that changes to a particular user or group ID thus
168 requires full access to that user or group ID.
170 @xref{File Attributes}, for a more general discussion of file modes and
173 A process can always change its effective user (or group) ID back to its
174 real ID. Programs do this so as to turn off their special privileges
175 when they are not needed, which makes for more robustness.
177 @c !!! talk about _POSIX_SAVED_IDS
179 @node Reading Persona
180 @section Reading the Persona of a Process
182 Here are detailed descriptions of the functions for reading the user and
183 group IDs of a process, both real and effective. To use these
184 facilities, you must include the header files @file{sys/types.h} and
191 @deftp {Data Type} uid_t
192 This is an integer data type used to represent user IDs. In the GNU
193 library, this is an alias for @code{unsigned int}.
198 @deftp {Data Type} gid_t
199 This is an integer data type used to represent group IDs. In the GNU
200 library, this is an alias for @code{unsigned int}.
205 @deftypefun uid_t getuid (void)
206 The @code{getuid} function returns the real user ID of the process.
211 @deftypefun gid_t getgid (void)
212 The @code{getgid} function returns the real group ID of the process.
217 @deftypefun uid_t geteuid (void)
218 The @code{geteuid} function returns the effective user ID of the process.
223 @deftypefun gid_t getegid (void)
224 The @code{getegid} function returns the effective group ID of the process.
229 @deftypefun int getgroups (int @var{count}, gid_t *@var{groups})
230 The @code{getgroups} function is used to inquire about the supplementary
231 group IDs of the process. Up to @var{count} of these group IDs are
232 stored in the array @var{groups}; the return value from the function is
233 the number of group IDs actually stored. If @var{count} is smaller than
234 the total number of supplementary group IDs, then @code{getgroups}
235 returns a value of @code{-1} and @code{errno} is set to @code{EINVAL}.
237 If @var{count} is zero, then @code{getgroups} just returns the total
238 number of supplementary group IDs. On systems that do not support
239 supplementary groups, this will always be zero.
241 Here's how to use @code{getgroups} to read all the supplementary group
247 read_all_groups (void)
249 int ngroups = getgroups (NULL, 0);
251 = (gid_t *) xmalloc (ngroups * sizeof (gid_t));
252 int val = getgroups (ngroups, groups);
264 @node Setting User ID
265 @section Setting the User ID
267 This section describes the functions for altering the user ID (real
268 and/or effective) of a process. To use these facilities, you must
269 include the header files @file{sys/types.h} and @file{unistd.h}.
275 @deftypefun int setuid (uid_t @var{newuid})
276 This function sets both the real and effective user ID of the process
277 to @var{newuid}, provided that the process has appropriate privileges.
278 @c !!! also sets saved-id
280 If the process is not privileged, then @var{newuid} must either be equal
281 to the real user ID or the saved user ID (if the system supports the
282 @code{_POSIX_SAVED_IDS} feature). In this case, @code{setuid} sets only
283 the effective user ID and not the real user ID.
284 @c !!! xref to discussion of _POSIX_SAVED_IDS
286 The @code{setuid} function returns a value of @code{0} to indicate
287 successful completion, and a value of @code{-1} to indicate an error.
288 The following @code{errno} error conditions are defined for this
293 The value of the @var{newuid} argument is invalid.
296 The process does not have the appropriate privileges; you do not
297 have permission to change to the specified ID.
303 @deftypefun int setreuid (uid_t @var{ruid}, uid_t @var{euid})
304 This function sets the real user ID of the process to @var{ruid} and the
305 effective user ID to @var{euid}. If @var{ruid} is @code{-1}, it means
306 not to change the real user ID; likewise if @var{euid} is @code{-1}, it
307 means not to change the effective user ID.
309 The @code{setreuid} function exists for compatibility with 4.3 BSD Unix,
310 which does not support saved IDs. You can use this function to swap the
311 effective and real user IDs of the process. (Privileged processes are
312 not limited to this particular usage.) If saved IDs are supported, you
313 should use that feature instead of this function. @xref{Enable/Disable
316 The return value is @code{0} on success and @code{-1} on failure.
317 The following @code{errno} error conditions are defined for this
322 The process does not have the appropriate privileges; you do not
323 have permission to change to the specified ID.
328 @section Setting the Group IDs
330 This section describes the functions for altering the group IDs (real
331 and effective) of a process. To use these facilities, you must include
332 the header files @file{sys/types.h} and @file{unistd.h}.
338 @deftypefun int setgid (gid_t @var{newgid})
339 This function sets both the real and effective group ID of the process
340 to @var{newgid}, provided that the process has appropriate privileges.
341 @c !!! also sets saved-id
343 If the process is not privileged, then @var{newgid} must either be equal
344 to the real group ID or the saved group ID. In this case, @code{setgid}
345 sets only the effective group ID and not the real group ID.
347 The return values and error conditions for @code{setgid} are the same
348 as those for @code{setuid}.
353 @deftypefun int setregid (gid_t @var{rgid}, fid_t @var{egid})
354 This function sets the real group ID of the process to @var{rgid} and
355 the effective group ID to @var{egid}. If @var{rgid} is @code{-1}, it
356 means not to change the real group ID; likewise if @var{egid} is
357 @code{-1}, it means not to change the effective group ID.
359 The @code{setregid} function is provided for compatibility with 4.3 BSD
360 Unix, which does not support saved IDs. You can use this function to
361 swap the effective and real group IDs of the process. (Privileged
362 processes are not limited to this usage.) If saved IDs are supported,
363 you should use that feature instead of using this function.
364 @xref{Enable/Disable Setuid}.
366 The return values and error conditions for @code{setregid} are the same
367 as those for @code{setreuid}.
370 The GNU system also lets privileged processes change their supplementary
371 group IDs. To use @code{setgroups} or @code{initgroups}, your programs
372 should include the header file @file{grp.h}.
377 @deftypefun int setgroups (size_t @var{count}, gid_t *@var{groups})
378 This function sets the process's supplementary group IDs. It can only
379 be called from privileged processes. The @var{count} argument specifies
380 the number of group IDs in the array @var{groups}.
382 This function returns @code{0} if successful and @code{-1} on error.
383 The following @code{errno} error conditions are defined for this
388 The calling process is not privileged.
394 @deftypefun int initgroups (const char *@var{user}, gid_t @var{gid})
395 The @code{initgroups} function effectively calls @code{setgroups} to
396 set the process's supplementary group IDs to be the normal default for
397 the user name @var{user}. The group ID @var{gid} is also included.
398 @c !!! explain that this works by reading the group file looking for
399 @c groups USER is a member of.
402 @node Enable/Disable Setuid
403 @section Enabling and Disabling Setuid Access
405 A typical setuid program does not need its special access all of the
406 time. It's a good idea to turn off this access when it isn't needed,
407 so it can't possibly give unintended access.
409 If the system supports the saved user ID feature, you can accomplish
410 this with @code{setuid}. When the game program starts, its real user ID
411 is @code{jdoe}, its effective user ID is @code{games}, and its saved
412 user ID is also @code{games}. The program should record both user ID
413 values once at the beginning, like this:
416 user_user_id = getuid ();
417 game_user_id = geteuid ();
420 Then it can turn off game file access with
423 setuid (user_user_id);
430 setuid (game_user_id);
434 Throughout this process, the real user ID remains @code{jdoe} and the
435 saved user ID remains @code{games}, so the program can always set its
436 effective user ID to either one.
438 On other systems that don't support the saved user ID feature, you can
439 turn setuid access on and off by using @code{setreuid} to swap the real
440 and effective user IDs of the process, as follows:
443 setreuid (geteuid (), getuid ());
447 This special case is always allowed---it cannot fail.
449 Why does this have the effect of toggling the setuid access? Suppose a
450 game program has just started, and its real user ID is @code{jdoe} while
451 its effective user ID is @code{games}. In this state, the game can
452 write the scores file. If it swaps the two uids, the real becomes
453 @code{games} and the effective becomes @code{jdoe}; now the program has
454 only @code{jdoe} access. Another swap brings @code{games} back to
455 the effective user ID and restores access to the scores file.
457 In order to handle both kinds of systems, test for the saved user ID
458 feature with a preprocessor conditional, like this:
461 #ifdef _POSIX_SAVED_IDS
462 setuid (user_user_id);
464 setreuid (geteuid (), getuid ());
468 @node Setuid Program Example
469 @section Setuid Program Example
471 Here's an example showing how to set up a program that changes its
474 This is part of a game program called @code{caber-toss} that
475 manipulates a file @file{scores} that should be writable only by the game
476 program itself. The program assumes that its executable
477 file will be installed with the set-user-ID bit set and owned by the
478 same user as the @file{scores} file. Typically, a system
479 administrator will set up an account like @code{games} for this purpose.
481 The executable file is given mode @code{4755}, so that doing an
482 @samp{ls -l} on it produces output like:
485 -rwsr-xr-x 1 games 184422 Jul 30 15:17 caber-toss
489 The set-user-ID bit shows up in the file modes as the @samp{s}.
491 The scores file is given mode @code{644}, and doing an @samp{ls -l} on
495 -rw-r--r-- 1 games 0 Jul 31 15:33 scores
498 Here are the parts of the program that show how to set up the changed
499 user ID. This program is conditionalized so that it makes use of the
500 saved IDs feature if it is supported, and otherwise uses @code{setreuid}
501 to swap the effective and real user IDs.
505 #include <sys/types.h>
510 /* @r{Save the effective and real UIDs.} */
512 static uid_t euid, ruid;
515 /* @r{Restore the effective UID to its original value.} */
522 #ifdef _POSIX_SAVED_IDS
523 status = setuid (euid);
525 status = setreuid (ruid, euid);
528 fprintf (stderr, "Couldn't set uid.\n");
535 /* @r{Set the effective UID to the real UID.} */
542 #ifdef _POSIX_SAVED_IDS
543 status = setuid (ruid);
545 status = setreuid (euid, ruid);
548 fprintf (stderr, "Couldn't set uid.\n");
554 /* @r{Main program.} */
559 /* @r{Save the real and effective user IDs.} */
564 /* @r{Do the game and record the score.} */
569 Notice how the first thing the @code{main} function does is to set the
570 effective user ID back to the real user ID. This is so that any other
571 file accesses that are performed while the user is playing the game use
572 the real user ID for determining permissions. Only when the program
573 needs to open the scores file does it switch back to the original
574 effective user ID, like this:
577 /* @r{Record the score.} */
580 record_score (int score)
585 /* @r{Open the scores file.} */
587 stream = fopen (SCORES_FILE, "a");
591 /* @r{Write the score to the file.} */
594 myname = cuserid (NULL);
596 fprintf (stream, "%10s: Couldn't lift the caber.\n", myname);
598 fprintf (stream, "%10s: %d feet.\n", myname, score);
608 @node Tips for Setuid
609 @section Tips for Writing Setuid Programs
611 It is easy for setuid programs to give the user access that isn't
612 intended---in fact, if you want to avoid this, you need to be careful.
613 Here are some guidelines for preventing unintended access and
614 minimizing its consequences when it does occur:
618 Don't have @code{setuid} programs with privileged user IDs such as
619 @code{root} unless it is absolutely necessary. If the resource is
620 specific to your particular program, it's better to define a new,
621 nonprivileged user ID or group ID just to manage that resource.
624 Be cautious about using the @code{system} and @code{exec} functions in
625 combination with changing the effective user ID. Don't let users of
626 your program execute arbitrary programs under a changed user ID.
627 Executing a shell is especially bad news. Less obviously, the
628 @code{execlp} and @code{execvp} functions are a potential risk (since
629 the program they execute depends on the user's @code{PATH} environment
632 If you must @code{exec} another program under a changed ID, specify an
633 absolute file name (@pxref{File Name Resolution}) for the executable,
634 and make sure that the protections on that executable and @emph{all}
635 containing directories are such that ordinary users cannot replace it
636 with some other program.
639 Only use the user ID controlling the resource in the part of the program
640 that actually uses that resource. When you're finished with it, restore
641 the effective user ID back to the actual user's user ID.
642 @xref{Enable/Disable Setuid}.
645 If the @code{setuid} part of your program needs to access other files
646 besides the controlled resource, it should verify that the real user
647 would ordinarily have permission to access those files. You can use the
648 @code{access} function (@pxref{Access Permission}) to check this; it
649 uses the real user and group IDs, rather than the effective IDs.
653 @section Identifying Who Logged In
654 @cindex login name, determining
655 @cindex user ID, determining
657 You can use the functions listed in this section to determine the login
658 name of the user who is running a process, and the name of the user who
659 logged in the current session. See also the function @code{getuid} and
660 friends (@pxref{Reading Persona}).
662 The @code{getlogin} function is declared in @file{unistd.h}, while
663 @code{cuserid} and @code{L_cuserid} are declared in @file{stdio.h}.
669 @deftypefun {char *} getlogin (void)
670 The @code{getlogin} function returns a pointer to a string containing the
671 name of the user logged in on the controlling terminal of the process,
672 or a null pointer if this information cannot be determined. The string
673 is statically allocated and might be overwritten on subsequent calls to
674 this function or to @code{cuserid}.
679 @deftypefun {char *} cuserid (char *@var{string})
680 The @code{cuserid} function returns a pointer to a string containing a
681 user name associated with the effective ID of the process. If
682 @var{string} is not a null pointer, it should be an array that can hold
683 at least @code{L_cuserid} characters; the string is returned in this
684 array. Otherwise, a pointer to a string in a static area is returned.
685 This string is statically allocated and might be overwritten on
686 subsequent calls to this function or to @code{getlogin}.
691 @deftypevr Macro int L_cuserid
692 An integer constant that indicates how long an array you might need to
696 These functions let your program identify positively the user who is
697 running or the user who logged in this session. (These can differ when
698 setuid programs are involved; @xref{Process Persona}.) The user cannot
699 do anything to fool these functions.
701 For most purposes, it is more useful to use the environment variable
702 @code{LOGNAME} to find out who the user is. This is more flexible
703 precisely because the user can set @code{LOGNAME} arbitrarily.
704 @xref{Standard Environment}.
707 @section User Database
708 @cindex user database
709 @cindex password database
712 This section describes all about how to search and scan the database of
713 registered users. The database itself is kept in the file
714 @file{/etc/passwd} on most systems, but on some systems a special
715 network server gives access to it.
718 * User Data Structure:: What each user record contains.
719 * Lookup User:: How to look for a particular user.
720 * Scanning All Users:: Scanning the list of all users, one by one.
721 * Writing a User Entry:: How a program can rewrite a user's record.
724 @node User Data Structure
725 @subsection The Data Structure that Describes a User
727 The functions and data structures for accessing the system user database
728 are declared in the header file @file{pwd.h}.
733 @deftp {Data Type} {struct passwd}
734 The @code{passwd} data structure is used to hold information about
735 entries in the system user data base. It has at least the following members:
739 The user's login name.
741 @item char *pw_passwd.
742 The encrypted password string.
748 The user's default group ID number.
751 A string typically containing the user's real name, and possibly other
752 information such as a phone number.
755 The user's home directory, or initial working directory. This might be
756 a null pointer, in which case the interpretation is system-dependent.
759 The user's default shell, or the initial program run when the user logs in.
760 This might be a null pointer, indicating that the system default should
766 @subsection Looking Up One User
767 @cindex converting user ID to user name
768 @cindex converting user name to user ID
770 You can search the system user database for information about a
771 specific user using @code{getpwuid} or @code{getpwnam}. These
772 functions are declared in @file{pwd.h}.
776 @deftypefun {struct passwd *} getpwuid (uid_t @var{uid})
777 This function returns a pointer to a statically-allocated structure
778 containing information about the user whose user ID is @var{uid}. This
779 structure may be overwritten on subsequent calls to @code{getpwuid}.
781 A null pointer value indicates there is no user in the data base with
787 @deftypefun {struct passwd *} getpwnam (const char *@var{name})
788 This function returns a pointer to a statically-allocated structure
789 containing information about the user whose user name is @var{name}.
790 This structure may be overwritten on subsequent calls to
793 A null pointer value indicates there is no user named @var{name}.
796 @node Scanning All Users
797 @subsection Scanning the List of All Users
798 @cindex scanning the user list
800 This section explains how a program can read the list of all users in
801 the system, one user at a time. The functions described here are
802 declared in @file{pwd.h}.
804 You can use the @code{fgetpwent} function to read user entries from a
809 @deftypefun {struct passwd *} fgetpwent (FILE *@var{stream})
810 This function reads the next user entry from @var{stream} and returns a
811 pointer to the entry. The structure is statically allocated and is
812 rewritten on subsequent calls to @code{fgetpwent}. You must copy the
813 contents of the structure if you wish to save the information.
815 This stream must correspond to a file in the same format as the standard
816 password database file. This function comes from System V.
819 The way to scan all the entries in the user database is with
820 @code{setpwent}, @code{getpwent}, and @code{endpwent}.
824 @deftypefun void setpwent (void)
825 This function initializes a stream which @code{getpwent} uses to read
831 @deftypefun {struct passwd *} getpwent (void)
832 The @code{getpwent} function reads the next entry from the stream
833 initialized by @code{setpwent}. It returns a pointer to the entry. The
834 structure is statically allocated and is rewritten on subsequent calls
835 to @code{getpwent}. You must copy the contents of the structure if you
836 wish to save the information.
841 @deftypefun void endpwent (void)
842 This function closes the internal stream used by @code{getpwent}.
845 @node Writing a User Entry
846 @subsection Writing a User Entry
850 @deftypefun int putpwent (const struct passwd *@var{p}, FILE *@var{stream})
851 This function writes the user entry @code{*@var{p}} to the stream
852 @var{stream}, in the format used for the standard user database
853 file. The return value is zero on success and nonzero on failure.
855 This function exists for compatibility with SVID. We recommend that you
856 avoid using it, because it makes sense only on the assumption that the
857 @code{struct passwd} structure has no members except the standard ones;
858 on a system which merges the traditional Unix data base with other
859 extended information about users, adding an entry using this function
860 would inevitably leave out much of the important information.
862 The function @code{putpwent} is declared in @file{pwd.h}.
866 @section Group Database
867 @cindex group database
870 This section describes all about how to search and scan the database of
871 registered groups. The database itself is kept in the file
872 @file{/etc/group} on most systems, but on some systems a special network
873 service provides access to it.
876 * Group Data Structure:: What each group record contains.
877 * Lookup Group:: How to look for a particular group.
878 * Scanning All Groups:: Scanning the list of all groups.
881 @node Group Data Structure
882 @subsection The Data Structure for a Group
884 The functions and data structures for accessing the system group
885 database are declared in the header file @file{grp.h}.
890 @deftp {Data Type} {struct group}
891 The @code{group} structure is used to hold information about an entry in
892 the system group database. It has at least the following members:
896 The name of the group.
899 The group ID of the group.
902 A vector of pointers to the names of users in the group. Each user name
903 is a null-terminated string, and the vector itself is terminated by a
909 @subsection Looking Up One Group
910 @cindex converting group name to group ID
911 @cindex converting group ID to group name
913 You can search the group database for information about a specific
914 group using @code{getgrgid} or @code{getgrnam}. These functions are
915 declared in @file{grp.h}.
919 @deftypefun {struct group *} getgrgid (gid_t @var{gid})
920 This function returns a pointer to a statically-allocated structure
921 containing information about the group whose group ID is @var{gid}.
922 This structure may be overwritten by subsequent calls to
925 A null pointer indicates there is no group with ID @var{gid}.
930 @deftypefun {struct group *} getgrnam (const char *@var{name})
931 This function returns a pointer to a statically-allocated structure
932 containing information about the group whose group name is @var{name}.
933 This structure may be overwritten by subsequent calls to
936 A null pointer indicates there is no group named @var{name}.
939 @node Scanning All Groups
940 @subsection Scanning the List of All Groups
941 @cindex scanning the group list
943 This section explains how a program can read the list of all groups in
944 the system, one group at a time. The functions described here are
945 declared in @file{grp.h}.
947 You can use the @code{fgetgrent} function to read group entries from a
952 @deftypefun {struct group *} fgetgrent (FILE *@var{stream})
953 The @code{fgetgrent} function reads the next entry from @var{stream}.
954 It returns a pointer to the entry. The structure is statically
955 allocated and is rewritten on subsequent calls to @code{fgetgrent}. You
956 must copy the contents of the structure if you wish to save the
959 The stream must correspond to a file in the same format as the standard
963 The way to scan all the entries in the group database is with
964 @code{setgrent}, @code{getgrent}, and @code{endgrent}.
968 @deftypefun void setgrent (void)
969 This function initializes a stream for reading from the group data base.
970 You use this stream by calling @code{getgrent}.
975 @deftypefun {struct group *} getgrent (void)
976 The @code{getgrent} function reads the next entry from the stream
977 initialized by @code{setgrent}. It returns a pointer to the entry. The
978 structure is statically allocated and is rewritten on subsequent calls
979 to @code{getgrent}. You must copy the contents of the structure if you
980 wish to save the information.
985 @deftypefun void endgrent (void)
986 This function closes the internal stream used by @code{getgrent}.
989 @node Database Example
990 @section User and Group Database Example
992 Here is an example program showing the use of the system database inquiry
993 functions. The program prints some information about the user running
1000 Here is some output from this program:
1003 I am Throckmorton Snurd.
1004 My login name is snurd.
1006 My home directory is /home/fsg/snurd.
1007 My default shell is /bin/sh.
1008 My default group is guest (12).
1009 The members of this group are: