xref: /freebsd/usr.bin/finger/finger.c (revision aa1a8ff2d6dbc51ef058f46f3db5a8bb77967145)
1 /*-
2  * SPDX-License-Identifier: BSD-3-Clause
3  *
4  * Copyright (c) 1989, 1993
5  *	The Regents of the University of California.  All rights reserved.
6  *
7  * This code is derived from software contributed to Berkeley by
8  * Tony Nardo of the Johns Hopkins University/Applied Physics Lab.
9  *
10  * Redistribution and use in source and binary forms, with or without
11  * modification, are permitted provided that the following conditions
12  * are met:
13  * 1. Redistributions of source code must retain the above copyright
14  *    notice, this list of conditions and the following disclaimer.
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in the
17  *    documentation and/or other materials provided with the distribution.
18  * 3. Neither the name of the University nor the names of its contributors
19  *    may be used to endorse or promote products derived from this software
20  *    without specific prior written permission.
21  *
22  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32  * SUCH DAMAGE.
33  */
34 
35 /*
36  * Luke Mewburn <lm@rmit.edu.au> added the following on 940622:
37  *    - mail status ("No Mail", "Mail read:...", or "New Mail ...,
38  *	Unread since ...".)
39  *    - 4 digit phone extensions (3210 is printed as x3210.)
40  *    - host/office toggling in short format with -h & -o.
41  *    - short day names (`Tue' printed instead of `Jun 21' if the
42  *	login time is < 6 days.
43  */
44 
45 /*
46  * Finger prints out information about users.  It is not portable since
47  * certain fields (e.g. the full user name, office, and phone numbers) are
48  * extracted from the gecos field of the passwd file which other UNIXes
49  * may not have or may use for other things.
50  *
51  * There are currently two output formats; the short format is one line
52  * per user and displays login name, tty, login time, real name, idle time,
53  * and either remote host information (default) or office location/phone
54  * number, depending on if -h or -o is used respectively.
55  * The long format gives the same information (in a more legible format) as
56  * well as home directory, shell, mail info, and .plan/.project files.
57  */
58 
59 #include <sys/types.h>
60 #include <sys/socket.h>
61 #include <db.h>
62 #include <err.h>
63 #include <pwd.h>
64 #include <stdio.h>
65 #include <stdlib.h>
66 #include <string.h>
67 #include <time.h>
68 #include <unistd.h>
69 #include <utmpx.h>
70 #include <locale.h>
71 
72 #include "finger.h"
73 #include "pathnames.h"
74 
75 DB *db;
76 time_t now;
77 static int kflag, mflag, sflag;
78 int entries, gflag, lflag, pplan, oflag;
79 sa_family_t family = PF_UNSPEC;
80 int d_first = -1;
81 char tbuf[1024];
82 int invoker_root = 0;
83 
84 static void loginlist(void);
85 static int option(int, char **);
86 static void usage(void) __dead2;
87 static void userlist(int, char **);
88 
89 static int
90 option(int argc, char **argv)
91 {
92 	int ch;
93 
94 	optind = 1;		/* reset getopt */
95 
96 	while ((ch = getopt(argc, argv, "46gklmpsho")) != -1)
97 		switch(ch) {
98 		case '4':
99 			family = AF_INET;
100 			break;
101 		case '6':
102 			family = AF_INET6;
103 			break;
104 		case 'g':
105 			gflag = 1;
106 			break;
107 		case 'k':
108 			kflag = 1;		/* keep going without utmp */
109 			break;
110 		case 'l':
111 			lflag = 1;		/* long format */
112 			break;
113 		case 'm':
114 			mflag = 1;		/* force exact match of names */
115 			break;
116 		case 'p':
117 			pplan = 1;		/* don't show .plan/.project */
118 			break;
119 		case 's':
120 			sflag = 1;		/* short format */
121 			break;
122 		case 'h':
123 			oflag = 0;		/* remote host info */
124 			break;
125 		case 'o':
126 			oflag = 1;		/* office info */
127 			break;
128 		case '?':
129 		default:
130 			usage();
131 		}
132 
133 	return optind;
134 }
135 
136 static void
137 usage(void)
138 {
139 	(void)fprintf(stderr,
140 	    "usage: finger [-46gklmpsho] [user ...] [user@host ...]\n");
141 	exit(1);
142 }
143 
144 int
145 main(int argc, char **argv)
146 {
147 	int envargc, argcnt;
148 	char *envargv[3];
149 	struct passwd *pw;
150 	static char myname[] = "finger";
151 
152 	if (getuid() == 0 || geteuid() == 0) {
153 		invoker_root = 1;
154 		if ((pw = getpwnam(UNPRIV_NAME)) && pw->pw_uid > 0) {
155 			if (setgid(pw->pw_gid) != 0)
156 				err(1, "setgid()");
157 			if (setuid(pw->pw_uid) != 0)
158 				err(1, "setuid()");
159 		} else {
160 			if (setgid(UNPRIV_UGID) != 0)
161 				err(1, "setgid()");
162 			if (setuid(UNPRIV_UGID) != 0)
163 				err(1, "setuid()");
164 		}
165 	}
166 
167 	(void) setlocale(LC_ALL, "");
168 
169 				/* remove this line to get remote host */
170 	oflag = 1;		/* default to old "office" behavior */
171 
172 	/*
173 	 * Process environment variables followed by command line arguments.
174 	 */
175 	if ((envargv[1] = getenv("FINGER"))) {
176 		envargc = 2;
177 		envargv[0] = myname;
178 		envargv[2] = NULL;
179 		(void) option(envargc, envargv);
180 	}
181 
182 	argcnt = option(argc, argv);
183 	argc -= argcnt;
184 	argv += argcnt;
185 
186 	(void)time(&now);
187 	setpassent(1);
188 	if (!*argv) {
189 		/*
190 		 * Assign explicit "small" format if no names given and -l
191 		 * not selected.  Force the -s BEFORE we get names so proper
192 		 * screening will be done.
193 		 */
194 		if (!lflag)
195 			sflag = 1;	/* if -l not explicit, force -s */
196 		loginlist();
197 		if (entries == 0)
198 			(void)printf("No one logged on.\n");
199 	} else {
200 		userlist(argc, argv);
201 		/*
202 		 * Assign explicit "large" format if names given and -s not
203 		 * explicitly stated.  Force the -l AFTER we get names so any
204 		 * remote finger attempts specified won't be mishandled.
205 		 */
206 		if (!sflag)
207 			lflag = 1;	/* if -s not explicit, force -l */
208 	}
209 	if (entries) {
210 		if (lflag)
211 			lflag_print();
212 		else
213 			sflag_print();
214 	}
215 	return (0);
216 }
217 
218 static void
219 loginlist(void)
220 {
221 	PERSON *pn;
222 	DBT data, key;
223 	struct passwd *pw;
224 	struct utmpx *user;
225 	int r, sflag1;
226 
227 	if (kflag)
228 		errx(1, "can't list logins without reading utmp");
229 
230 	setutxent();
231 	while ((user = getutxent()) != NULL) {
232 		if (user->ut_type != USER_PROCESS)
233 			continue;
234 		if ((pn = find_person(user->ut_user)) == NULL) {
235 			if ((pw = getpwnam(user->ut_user)) == NULL)
236 				continue;
237 			if (hide(pw))
238 				continue;
239 			pn = enter_person(pw);
240 		}
241 		enter_where(user, pn);
242 	}
243 	endutxent();
244 	if (db && lflag)
245 		for (sflag1 = R_FIRST;; sflag1 = R_NEXT) {
246 			PERSON *tmp;
247 
248 			r = (*db->seq)(db, &key, &data, sflag1);
249 			if (r == -1)
250 				err(1, "db seq");
251 			if (r == 1)
252 				break;
253 			memmove(&tmp, data.data, sizeof tmp);
254 			enter_lastlog(tmp);
255 		}
256 }
257 
258 static void
259 userlist(int argc, char **argv)
260 {
261 	PERSON *pn;
262 	DBT data, key;
263 	struct utmpx *user;
264 	struct passwd *pw;
265 	int r, sflag1, *used, *ip;
266 	char **ap, **nargv, **np, **p;
267 	FILE *conf_fp;
268 	char conf_alias[LINE_MAX];
269 	char *conf_realname;
270 	int conf_length;
271 
272 	if ((nargv = malloc((argc+1) * sizeof(char *))) == NULL ||
273 	    (used = calloc(argc, sizeof(int))) == NULL)
274 		err(1, NULL);
275 
276 	/* Pull out all network requests. */
277 	for (ap = p = argv, np = nargv; *p; ++p)
278 		if (strchr(*p, '@'))
279 			*np++ = *p;
280 		else
281 			*ap++ = *p;
282 
283 	*np++ = NULL;
284 	*ap++ = NULL;
285 
286 	if (!*argv)
287 		goto net;
288 
289 	/*
290 	 * Mark any arguments beginning with '/' as invalid so that we
291 	 * don't accidentally confuse them with expansions from finger.conf
292 	 */
293 	for (p = argv, ip = used; *p; ++p, ++ip)
294 	    if (**p == '/') {
295 		*ip = 1;
296 		warnx("%s: no such user", *p);
297 	    }
298 
299 	/*
300 	 * Traverse the finger alias configuration file of the form
301 	 * alias:(user|alias), ignoring comment lines beginning '#'.
302 	 */
303 	if ((conf_fp = fopen(_PATH_FINGERCONF, "r")) != NULL) {
304 	    while(fgets(conf_alias, sizeof(conf_alias), conf_fp) != NULL) {
305 		conf_length = strlen(conf_alias);
306 		if (*conf_alias == '#' || conf_alias[--conf_length] != '\n')
307 		    continue;
308 		conf_alias[conf_length] = '\0';      /* Remove trailing LF */
309 		if ((conf_realname = strchr(conf_alias, ':')) == NULL)
310 		    continue;
311 		*conf_realname = '\0';               /* Replace : with NUL */
312 		for (p = argv; *p; ++p) {
313 		    if (strcmp(*p, conf_alias) == 0) {
314 			if ((*p = strdup(conf_realname+1)) == NULL) {
315 			    err(1, NULL);
316 			}
317 		    }
318 		}
319 	    }
320 	    (void)fclose(conf_fp);
321 	}
322 
323 	/*
324 	 * Traverse the list of possible login names and check the login name
325 	 * and real name against the name specified by the user. If the name
326 	 * begins with a '/', try to read the file of that name instead of
327 	 * gathering the traditional finger information.
328 	 */
329 	if (mflag)
330 		for (p = argv, ip = used; *p; ++p, ++ip) {
331 			if (**p != '/' || *ip == 1 || !show_text("", *p, "")) {
332 				if (((pw = getpwnam(*p)) != NULL) && !hide(pw))
333 					enter_person(pw);
334 				else if (!*ip)
335 					warnx("%s: no such user", *p);
336 			}
337 		}
338 	else {
339 		while ((pw = getpwent()) != NULL) {
340 			for (p = argv, ip = used; *p; ++p, ++ip)
341 				if (**p == '/' && *ip != 1
342 				    && show_text("", *p, ""))
343 					*ip = 1;
344 				else if (match(pw, *p) && !hide(pw)) {
345 					enter_person(pw);
346 					*ip = 1;
347 				}
348 		}
349 		for (p = argv, ip = used; *p; ++p, ++ip)
350 			if (!*ip)
351 				warnx("%s: no such user", *p);
352 	}
353 
354 	/* Handle network requests. */
355 net:	for (p = nargv; *p;) {
356 		netfinger(*p++);
357 		if (*p || entries)
358 		    printf("\n");
359 	}
360 
361 	free(nargv);
362 	free(used);
363 	if (entries == 0)
364 		return;
365 
366 	if (kflag)
367 		return;
368 
369 	/*
370 	 * Scan thru the list of users currently logged in, saving
371 	 * appropriate data whenever a match occurs.
372 	 */
373 	setutxent();
374 	while ((user = getutxent()) != NULL) {
375 		if (user->ut_type != USER_PROCESS)
376 			continue;
377 		if ((pn = find_person(user->ut_user)) == NULL)
378 			continue;
379 		enter_where(user, pn);
380 	}
381 	endutxent();
382 	if (db)
383 		for (sflag1 = R_FIRST;; sflag1 = R_NEXT) {
384 			PERSON *tmp;
385 
386 			r = (*db->seq)(db, &key, &data, sflag1);
387 			if (r == -1)
388 				err(1, "db seq");
389 			if (r == 1)
390 				break;
391 			memmove(&tmp, data.data, sizeof tmp);
392 			enter_lastlog(tmp);
393 		}
394 }
395