xref: /freebsd/usr.bin/finger/finger.c (revision 2008043f386721d58158e37e0d7e50df8095942d)
1 /*-
2  * SPDX-License-Identifier: BSD-3-Clause
3  *
4  * Copyright (c) 1989, 1993
5  *	The Regents of the University of California.  All rights reserved.
6  *
7  * This code is derived from software contributed to Berkeley by
8  * Tony Nardo of the Johns Hopkins University/Applied Physics Lab.
9  *
10  * Redistribution and use in source and binary forms, with or without
11  * modification, are permitted provided that the following conditions
12  * are met:
13  * 1. Redistributions of source code must retain the above copyright
14  *    notice, this list of conditions and the following disclaimer.
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in the
17  *    documentation and/or other materials provided with the distribution.
18  * 3. Neither the name of the University nor the names of its contributors
19  *    may be used to endorse or promote products derived from this software
20  *    without specific prior written permission.
21  *
22  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32  * SUCH DAMAGE.
33  */
34 
35 /*
36  * Luke Mewburn <lm@rmit.edu.au> added the following on 940622:
37  *    - mail status ("No Mail", "Mail read:...", or "New Mail ...,
38  *	Unread since ...".)
39  *    - 4 digit phone extensions (3210 is printed as x3210.)
40  *    - host/office toggling in short format with -h & -o.
41  *    - short day names (`Tue' printed instead of `Jun 21' if the
42  *	login time is < 6 days.
43  */
44 
45 #ifndef lint
46 static const char copyright[] =
47 "@(#) Copyright (c) 1989, 1993\n\
48 	The Regents of the University of California.  All rights reserved.\n";
49 #endif /* not lint */
50 
51 #if 0
52 #ifndef lint
53 static char sccsid[] = "@(#)finger.c	8.5 (Berkeley) 5/4/95";
54 #endif
55 #endif
56 
57 #include <sys/cdefs.h>
58 /*
59  * Finger prints out information about users.  It is not portable since
60  * certain fields (e.g. the full user name, office, and phone numbers) are
61  * extracted from the gecos field of the passwd file which other UNIXes
62  * may not have or may use for other things.
63  *
64  * There are currently two output formats; the short format is one line
65  * per user and displays login name, tty, login time, real name, idle time,
66  * and either remote host information (default) or office location/phone
67  * number, depending on if -h or -o is used respectively.
68  * The long format gives the same information (in a more legible format) as
69  * well as home directory, shell, mail info, and .plan/.project files.
70  */
71 
72 #include <sys/types.h>
73 #include <sys/socket.h>
74 #include <db.h>
75 #include <err.h>
76 #include <pwd.h>
77 #include <stdio.h>
78 #include <stdlib.h>
79 #include <string.h>
80 #include <time.h>
81 #include <unistd.h>
82 #include <utmpx.h>
83 #include <locale.h>
84 
85 #include "finger.h"
86 #include "pathnames.h"
87 
88 DB *db;
89 time_t now;
90 static int kflag, mflag, sflag;
91 int entries, gflag, lflag, pplan, oflag;
92 sa_family_t family = PF_UNSPEC;
93 int d_first = -1;
94 char tbuf[1024];
95 int invoker_root = 0;
96 
97 static void loginlist(void);
98 static int option(int, char **);
99 static void usage(void) __dead2;
100 static void userlist(int, char **);
101 
102 static int
103 option(int argc, char **argv)
104 {
105 	int ch;
106 
107 	optind = 1;		/* reset getopt */
108 
109 	while ((ch = getopt(argc, argv, "46gklmpsho")) != -1)
110 		switch(ch) {
111 		case '4':
112 			family = AF_INET;
113 			break;
114 		case '6':
115 			family = AF_INET6;
116 			break;
117 		case 'g':
118 			gflag = 1;
119 			break;
120 		case 'k':
121 			kflag = 1;		/* keep going without utmp */
122 			break;
123 		case 'l':
124 			lflag = 1;		/* long format */
125 			break;
126 		case 'm':
127 			mflag = 1;		/* force exact match of names */
128 			break;
129 		case 'p':
130 			pplan = 1;		/* don't show .plan/.project */
131 			break;
132 		case 's':
133 			sflag = 1;		/* short format */
134 			break;
135 		case 'h':
136 			oflag = 0;		/* remote host info */
137 			break;
138 		case 'o':
139 			oflag = 1;		/* office info */
140 			break;
141 		case '?':
142 		default:
143 			usage();
144 		}
145 
146 	return optind;
147 }
148 
149 static void
150 usage(void)
151 {
152 	(void)fprintf(stderr,
153 	    "usage: finger [-46gklmpsho] [user ...] [user@host ...]\n");
154 	exit(1);
155 }
156 
157 int
158 main(int argc, char **argv)
159 {
160 	int envargc, argcnt;
161 	char *envargv[3];
162 	struct passwd *pw;
163 	static char myname[] = "finger";
164 
165 	if (getuid() == 0 || geteuid() == 0) {
166 		invoker_root = 1;
167 		if ((pw = getpwnam(UNPRIV_NAME)) && pw->pw_uid > 0) {
168 			if (setgid(pw->pw_gid) != 0)
169 				err(1, "setgid()");
170 			if (setuid(pw->pw_uid) != 0)
171 				err(1, "setuid()");
172 		} else {
173 			if (setgid(UNPRIV_UGID) != 0)
174 				err(1, "setgid()");
175 			if (setuid(UNPRIV_UGID) != 0)
176 				err(1, "setuid()");
177 		}
178 	}
179 
180 	(void) setlocale(LC_ALL, "");
181 
182 				/* remove this line to get remote host */
183 	oflag = 1;		/* default to old "office" behavior */
184 
185 	/*
186 	 * Process environment variables followed by command line arguments.
187 	 */
188 	if ((envargv[1] = getenv("FINGER"))) {
189 		envargc = 2;
190 		envargv[0] = myname;
191 		envargv[2] = NULL;
192 		(void) option(envargc, envargv);
193 	}
194 
195 	argcnt = option(argc, argv);
196 	argc -= argcnt;
197 	argv += argcnt;
198 
199 	(void)time(&now);
200 	setpassent(1);
201 	if (!*argv) {
202 		/*
203 		 * Assign explicit "small" format if no names given and -l
204 		 * not selected.  Force the -s BEFORE we get names so proper
205 		 * screening will be done.
206 		 */
207 		if (!lflag)
208 			sflag = 1;	/* if -l not explicit, force -s */
209 		loginlist();
210 		if (entries == 0)
211 			(void)printf("No one logged on.\n");
212 	} else {
213 		userlist(argc, argv);
214 		/*
215 		 * Assign explicit "large" format if names given and -s not
216 		 * explicitly stated.  Force the -l AFTER we get names so any
217 		 * remote finger attempts specified won't be mishandled.
218 		 */
219 		if (!sflag)
220 			lflag = 1;	/* if -s not explicit, force -l */
221 	}
222 	if (entries) {
223 		if (lflag)
224 			lflag_print();
225 		else
226 			sflag_print();
227 	}
228 	return (0);
229 }
230 
231 static void
232 loginlist(void)
233 {
234 	PERSON *pn;
235 	DBT data, key;
236 	struct passwd *pw;
237 	struct utmpx *user;
238 	int r, sflag1;
239 
240 	if (kflag)
241 		errx(1, "can't list logins without reading utmp");
242 
243 	setutxent();
244 	while ((user = getutxent()) != NULL) {
245 		if (user->ut_type != USER_PROCESS)
246 			continue;
247 		if ((pn = find_person(user->ut_user)) == NULL) {
248 			if ((pw = getpwnam(user->ut_user)) == NULL)
249 				continue;
250 			if (hide(pw))
251 				continue;
252 			pn = enter_person(pw);
253 		}
254 		enter_where(user, pn);
255 	}
256 	endutxent();
257 	if (db && lflag)
258 		for (sflag1 = R_FIRST;; sflag1 = R_NEXT) {
259 			PERSON *tmp;
260 
261 			r = (*db->seq)(db, &key, &data, sflag1);
262 			if (r == -1)
263 				err(1, "db seq");
264 			if (r == 1)
265 				break;
266 			memmove(&tmp, data.data, sizeof tmp);
267 			enter_lastlog(tmp);
268 		}
269 }
270 
271 static void
272 userlist(int argc, char **argv)
273 {
274 	PERSON *pn;
275 	DBT data, key;
276 	struct utmpx *user;
277 	struct passwd *pw;
278 	int r, sflag1, *used, *ip;
279 	char **ap, **nargv, **np, **p;
280 	FILE *conf_fp;
281 	char conf_alias[LINE_MAX];
282 	char *conf_realname;
283 	int conf_length;
284 
285 	if ((nargv = malloc((argc+1) * sizeof(char *))) == NULL ||
286 	    (used = calloc(argc, sizeof(int))) == NULL)
287 		err(1, NULL);
288 
289 	/* Pull out all network requests. */
290 	for (ap = p = argv, np = nargv; *p; ++p)
291 		if (strchr(*p, '@'))
292 			*np++ = *p;
293 		else
294 			*ap++ = *p;
295 
296 	*np++ = NULL;
297 	*ap++ = NULL;
298 
299 	if (!*argv)
300 		goto net;
301 
302 	/*
303 	 * Mark any arguments beginning with '/' as invalid so that we
304 	 * don't accidentally confuse them with expansions from finger.conf
305 	 */
306 	for (p = argv, ip = used; *p; ++p, ++ip)
307 	    if (**p == '/') {
308 		*ip = 1;
309 		warnx("%s: no such user", *p);
310 	    }
311 
312 	/*
313 	 * Traverse the finger alias configuration file of the form
314 	 * alias:(user|alias), ignoring comment lines beginning '#'.
315 	 */
316 	if ((conf_fp = fopen(_PATH_FINGERCONF, "r")) != NULL) {
317 	    while(fgets(conf_alias, sizeof(conf_alias), conf_fp) != NULL) {
318 		conf_length = strlen(conf_alias);
319 		if (*conf_alias == '#' || conf_alias[--conf_length] != '\n')
320 		    continue;
321 		conf_alias[conf_length] = '\0';      /* Remove trailing LF */
322 		if ((conf_realname = strchr(conf_alias, ':')) == NULL)
323 		    continue;
324 		*conf_realname = '\0';               /* Replace : with NUL */
325 		for (p = argv; *p; ++p) {
326 		    if (strcmp(*p, conf_alias) == 0) {
327 			if ((*p = strdup(conf_realname+1)) == NULL) {
328 			    err(1, NULL);
329 			}
330 		    }
331 		}
332 	    }
333 	    (void)fclose(conf_fp);
334 	}
335 
336 	/*
337 	 * Traverse the list of possible login names and check the login name
338 	 * and real name against the name specified by the user. If the name
339 	 * begins with a '/', try to read the file of that name instead of
340 	 * gathering the traditional finger information.
341 	 */
342 	if (mflag)
343 		for (p = argv, ip = used; *p; ++p, ++ip) {
344 			if (**p != '/' || *ip == 1 || !show_text("", *p, "")) {
345 				if (((pw = getpwnam(*p)) != NULL) && !hide(pw))
346 					enter_person(pw);
347 				else if (!*ip)
348 					warnx("%s: no such user", *p);
349 			}
350 		}
351 	else {
352 		while ((pw = getpwent()) != NULL) {
353 			for (p = argv, ip = used; *p; ++p, ++ip)
354 				if (**p == '/' && *ip != 1
355 				    && show_text("", *p, ""))
356 					*ip = 1;
357 				else if (match(pw, *p) && !hide(pw)) {
358 					enter_person(pw);
359 					*ip = 1;
360 				}
361 		}
362 		for (p = argv, ip = used; *p; ++p, ++ip)
363 			if (!*ip)
364 				warnx("%s: no such user", *p);
365 	}
366 
367 	/* Handle network requests. */
368 net:	for (p = nargv; *p;) {
369 		netfinger(*p++);
370 		if (*p || entries)
371 		    printf("\n");
372 	}
373 
374 	free(nargv);
375 	free(used);
376 	if (entries == 0)
377 		return;
378 
379 	if (kflag)
380 		return;
381 
382 	/*
383 	 * Scan thru the list of users currently logged in, saving
384 	 * appropriate data whenever a match occurs.
385 	 */
386 	setutxent();
387 	while ((user = getutxent()) != NULL) {
388 		if (user->ut_type != USER_PROCESS)
389 			continue;
390 		if ((pn = find_person(user->ut_user)) == NULL)
391 			continue;
392 		enter_where(user, pn);
393 	}
394 	endutxent();
395 	if (db)
396 		for (sflag1 = R_FIRST;; sflag1 = R_NEXT) {
397 			PERSON *tmp;
398 
399 			r = (*db->seq)(db, &key, &data, sflag1);
400 			if (r == -1)
401 				err(1, "db seq");
402 			if (r == 1)
403 				break;
404 			memmove(&tmp, data.data, sizeof tmp);
405 			enter_lastlog(tmp);
406 		}
407 }
408