1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 1989, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * This code is derived from software contributed to Berkeley by 8 * Tony Nardo of the Johns Hopkins University/Applied Physics Lab. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. Neither the name of the University nor the names of its contributors 19 * may be used to endorse or promote products derived from this software 20 * without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 * SUCH DAMAGE. 33 */ 34 35 /* 36 * Luke Mewburn <lm@rmit.edu.au> added the following on 940622: 37 * - mail status ("No Mail", "Mail read:...", or "New Mail ..., 38 * Unread since ...".) 39 * - 4 digit phone extensions (3210 is printed as x3210.) 40 * - host/office toggling in short format with -h & -o. 41 * - short day names (`Tue' printed instead of `Jun 21' if the 42 * login time is < 6 days. 43 */ 44 45 #ifndef lint 46 static const char copyright[] = 47 "@(#) Copyright (c) 1989, 1993\n\ 48 The Regents of the University of California. All rights reserved.\n"; 49 #endif /* not lint */ 50 51 #if 0 52 #ifndef lint 53 static char sccsid[] = "@(#)finger.c 8.5 (Berkeley) 5/4/95"; 54 #endif 55 #endif 56 57 #include <sys/cdefs.h> 58 __FBSDID("$FreeBSD$"); 59 60 /* 61 * Finger prints out information about users. It is not portable since 62 * certain fields (e.g. the full user name, office, and phone numbers) are 63 * extracted from the gecos field of the passwd file which other UNIXes 64 * may not have or may use for other things. 65 * 66 * There are currently two output formats; the short format is one line 67 * per user and displays login name, tty, login time, real name, idle time, 68 * and either remote host information (default) or office location/phone 69 * number, depending on if -h or -o is used respectively. 70 * The long format gives the same information (in a more legible format) as 71 * well as home directory, shell, mail info, and .plan/.project files. 72 */ 73 74 #include <sys/types.h> 75 #include <sys/socket.h> 76 #include <db.h> 77 #include <err.h> 78 #include <pwd.h> 79 #include <stdio.h> 80 #include <stdlib.h> 81 #include <string.h> 82 #include <time.h> 83 #include <unistd.h> 84 #include <utmpx.h> 85 #include <locale.h> 86 87 #include "finger.h" 88 #include "pathnames.h" 89 90 DB *db; 91 time_t now; 92 static int kflag, mflag, sflag; 93 int entries, gflag, lflag, pplan, oflag; 94 sa_family_t family = PF_UNSPEC; 95 int d_first = -1; 96 char tbuf[1024]; 97 int invoker_root = 0; 98 99 static void loginlist(void); 100 static int option(int, char **); 101 static void usage(void) __dead2; 102 static void userlist(int, char **); 103 104 static int 105 option(int argc, char **argv) 106 { 107 int ch; 108 109 optind = 1; /* reset getopt */ 110 111 while ((ch = getopt(argc, argv, "46gklmpsho")) != -1) 112 switch(ch) { 113 case '4': 114 family = AF_INET; 115 break; 116 case '6': 117 family = AF_INET6; 118 break; 119 case 'g': 120 gflag = 1; 121 break; 122 case 'k': 123 kflag = 1; /* keep going without utmp */ 124 break; 125 case 'l': 126 lflag = 1; /* long format */ 127 break; 128 case 'm': 129 mflag = 1; /* force exact match of names */ 130 break; 131 case 'p': 132 pplan = 1; /* don't show .plan/.project */ 133 break; 134 case 's': 135 sflag = 1; /* short format */ 136 break; 137 case 'h': 138 oflag = 0; /* remote host info */ 139 break; 140 case 'o': 141 oflag = 1; /* office info */ 142 break; 143 case '?': 144 default: 145 usage(); 146 } 147 148 return optind; 149 } 150 151 static void 152 usage(void) 153 { 154 (void)fprintf(stderr, 155 "usage: finger [-46gklmpsho] [user ...] [user@host ...]\n"); 156 exit(1); 157 } 158 159 int 160 main(int argc, char **argv) 161 { 162 int envargc, argcnt; 163 char *envargv[3]; 164 struct passwd *pw; 165 static char myname[] = "finger"; 166 167 if (getuid() == 0 || geteuid() == 0) { 168 invoker_root = 1; 169 if ((pw = getpwnam(UNPRIV_NAME)) && pw->pw_uid > 0) { 170 if (setgid(pw->pw_gid) != 0) 171 err(1, "setgid()"); 172 if (setuid(pw->pw_uid) != 0) 173 err(1, "setuid()"); 174 } else { 175 if (setgid(UNPRIV_UGID) != 0) 176 err(1, "setgid()"); 177 if (setuid(UNPRIV_UGID) != 0) 178 err(1, "setuid()"); 179 } 180 } 181 182 (void) setlocale(LC_ALL, ""); 183 184 /* remove this line to get remote host */ 185 oflag = 1; /* default to old "office" behavior */ 186 187 /* 188 * Process environment variables followed by command line arguments. 189 */ 190 if ((envargv[1] = getenv("FINGER"))) { 191 envargc = 2; 192 envargv[0] = myname; 193 envargv[2] = NULL; 194 (void) option(envargc, envargv); 195 } 196 197 argcnt = option(argc, argv); 198 argc -= argcnt; 199 argv += argcnt; 200 201 (void)time(&now); 202 setpassent(1); 203 if (!*argv) { 204 /* 205 * Assign explicit "small" format if no names given and -l 206 * not selected. Force the -s BEFORE we get names so proper 207 * screening will be done. 208 */ 209 if (!lflag) 210 sflag = 1; /* if -l not explicit, force -s */ 211 loginlist(); 212 if (entries == 0) 213 (void)printf("No one logged on.\n"); 214 } else { 215 userlist(argc, argv); 216 /* 217 * Assign explicit "large" format if names given and -s not 218 * explicitly stated. Force the -l AFTER we get names so any 219 * remote finger attempts specified won't be mishandled. 220 */ 221 if (!sflag) 222 lflag = 1; /* if -s not explicit, force -l */ 223 } 224 if (entries) { 225 if (lflag) 226 lflag_print(); 227 else 228 sflag_print(); 229 } 230 return (0); 231 } 232 233 static void 234 loginlist(void) 235 { 236 PERSON *pn; 237 DBT data, key; 238 struct passwd *pw; 239 struct utmpx *user; 240 int r, sflag1; 241 242 if (kflag) 243 errx(1, "can't list logins without reading utmp"); 244 245 setutxent(); 246 while ((user = getutxent()) != NULL) { 247 if (user->ut_type != USER_PROCESS) 248 continue; 249 if ((pn = find_person(user->ut_user)) == NULL) { 250 if ((pw = getpwnam(user->ut_user)) == NULL) 251 continue; 252 if (hide(pw)) 253 continue; 254 pn = enter_person(pw); 255 } 256 enter_where(user, pn); 257 } 258 endutxent(); 259 if (db && lflag) 260 for (sflag1 = R_FIRST;; sflag1 = R_NEXT) { 261 PERSON *tmp; 262 263 r = (*db->seq)(db, &key, &data, sflag1); 264 if (r == -1) 265 err(1, "db seq"); 266 if (r == 1) 267 break; 268 memmove(&tmp, data.data, sizeof tmp); 269 enter_lastlog(tmp); 270 } 271 } 272 273 static void 274 userlist(int argc, char **argv) 275 { 276 PERSON *pn; 277 DBT data, key; 278 struct utmpx *user; 279 struct passwd *pw; 280 int r, sflag1, *used, *ip; 281 char **ap, **nargv, **np, **p; 282 FILE *conf_fp; 283 char conf_alias[LINE_MAX]; 284 char *conf_realname; 285 int conf_length; 286 287 if ((nargv = malloc((argc+1) * sizeof(char *))) == NULL || 288 (used = calloc(argc, sizeof(int))) == NULL) 289 err(1, NULL); 290 291 /* Pull out all network requests. */ 292 for (ap = p = argv, np = nargv; *p; ++p) 293 if (strchr(*p, '@')) 294 *np++ = *p; 295 else 296 *ap++ = *p; 297 298 *np++ = NULL; 299 *ap++ = NULL; 300 301 if (!*argv) 302 goto net; 303 304 /* 305 * Mark any arguments beginning with '/' as invalid so that we 306 * don't accidentally confuse them with expansions from finger.conf 307 */ 308 for (p = argv, ip = used; *p; ++p, ++ip) 309 if (**p == '/') { 310 *ip = 1; 311 warnx("%s: no such user", *p); 312 } 313 314 /* 315 * Traverse the finger alias configuration file of the form 316 * alias:(user|alias), ignoring comment lines beginning '#'. 317 */ 318 if ((conf_fp = fopen(_PATH_FINGERCONF, "r")) != NULL) { 319 while(fgets(conf_alias, sizeof(conf_alias), conf_fp) != NULL) { 320 conf_length = strlen(conf_alias); 321 if (*conf_alias == '#' || conf_alias[--conf_length] != '\n') 322 continue; 323 conf_alias[conf_length] = '\0'; /* Remove trailing LF */ 324 if ((conf_realname = strchr(conf_alias, ':')) == NULL) 325 continue; 326 *conf_realname = '\0'; /* Replace : with NUL */ 327 for (p = argv; *p; ++p) { 328 if (strcmp(*p, conf_alias) == 0) { 329 if ((*p = strdup(conf_realname+1)) == NULL) { 330 err(1, NULL); 331 } 332 } 333 } 334 } 335 (void)fclose(conf_fp); 336 } 337 338 /* 339 * Traverse the list of possible login names and check the login name 340 * and real name against the name specified by the user. If the name 341 * begins with a '/', try to read the file of that name instead of 342 * gathering the traditional finger information. 343 */ 344 if (mflag) 345 for (p = argv, ip = used; *p; ++p, ++ip) { 346 if (**p != '/' || *ip == 1 || !show_text("", *p, "")) { 347 if (((pw = getpwnam(*p)) != NULL) && !hide(pw)) 348 enter_person(pw); 349 else if (!*ip) 350 warnx("%s: no such user", *p); 351 } 352 } 353 else { 354 while ((pw = getpwent()) != NULL) { 355 for (p = argv, ip = used; *p; ++p, ++ip) 356 if (**p == '/' && *ip != 1 357 && show_text("", *p, "")) 358 *ip = 1; 359 else if (match(pw, *p) && !hide(pw)) { 360 enter_person(pw); 361 *ip = 1; 362 } 363 } 364 for (p = argv, ip = used; *p; ++p, ++ip) 365 if (!*ip) 366 warnx("%s: no such user", *p); 367 } 368 369 /* Handle network requests. */ 370 net: for (p = nargv; *p;) { 371 netfinger(*p++); 372 if (*p || entries) 373 printf("\n"); 374 } 375 376 free(nargv); 377 free(used); 378 if (entries == 0) 379 return; 380 381 if (kflag) 382 return; 383 384 /* 385 * Scan thru the list of users currently logged in, saving 386 * appropriate data whenever a match occurs. 387 */ 388 setutxent(); 389 while ((user = getutxent()) != NULL) { 390 if (user->ut_type != USER_PROCESS) 391 continue; 392 if ((pn = find_person(user->ut_user)) == NULL) 393 continue; 394 enter_where(user, pn); 395 } 396 endutxent(); 397 if (db) 398 for (sflag1 = R_FIRST;; sflag1 = R_NEXT) { 399 PERSON *tmp; 400 401 r = (*db->seq)(db, &key, &data, sflag1); 402 if (r == -1) 403 err(1, "db seq"); 404 if (r == 1) 405 break; 406 memmove(&tmp, data.data, sizeof tmp); 407 enter_lastlog(tmp); 408 } 409 } 410